SSD Advisory – WordPress Unauthorized Password Reset

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerability Summary
The following advisory describe Unauthorized Password Reset vulnerability found in WordPress version 4.3.1.

WordPress is web software you can use to create a beautiful website or blog. We like to say that WordPress is both free and priceless at the same time. The core software is built by hundreds of community volunteers, and when you’re ready for more there are thousands of plugins and themes available to transform your site into almost anything you can imagine. Over 60 million people have chosen WordPress to power the place on the web they call “home” — we’d love you to join the family

Credit
An independent security researcher, Dawid Golunski, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor Responses
We notified WordPress about the vulnerabilities back in June 2016, repeated attempts to re-establish contact and get some answers on the status of the patch for this vulnerability went unanswered. At this time there is no solution or workaround for this vulnerability.

Continue reading SSD Advisory – WordPress Unauthorized Password Reset

SSD Advisory – Serviio Media Server Multiple Vulnerabilities

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerabilities Summary
The following advisory describes a five (5) vulnerabilities found in Serviio Media Server. Affected version: 1.8.0.0 PRO, 1.7.1, 1.7.0, 1.6.1.

Serviio is a free media server. It allows you to stream your media files (music, video or images) to renderer devices (e.g. a TV set, Bluray player, games console or mobile phone) on your connected home network.

Serviio works with many devices from your connected home (TV, Playstation 3, XBox 360, smart phones, tablets, etc.). It supports profiles for particular devices so that it can be tuned to maximise the device’s potential and/or minimize lack of media format playback support (via transcoding).

Serviio is based on Java technology and therefore runs on most platforms, including Windows, Mac and Linux (incl. embedded systems, e.g. NAS).

The vulnerabilities found in Serviio Media Server are:

  • Remote Code Execution
  • Local Privilege Escalation
  • Unauthenticated Password Modification
  • Information Disclosure
  • DOM-Based Cross-Site Scripting (XSS)

Credit
An independent security researcher Gjoko Krstic from Zero Science Lab has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor Response
We have tried on numerous occasions over the past two months to contact the vendor, all emails sent to them went unanswered.

Continue reading SSD Advisory – Serviio Media Server Multiple Vulnerabilities

SSD Advisory – CloudBees Jenkins Unauthenticated Code Execution

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerability Summary
The following advisory describes Java deserialization vulnerability found in CloudBees Jenkins version 2.32.1 that leads to a Remote Code Execution.

Jenkins helps to automate the non-human part of the whole software development process with now common things like continuous integration and by empowering teams to implement the technical aspects of continuous delivery. It is a server-based system running in a servlet container such as Apache Tomcat. It supports version control tools, including AccuRev, CVS, Subversion, Git, Mercurial, Perforce, Clearcase and RTC, and can execute Apache Ant, Apache Maven and sbt based projects as well as arbitrary shell scripts and Windows batch commands.

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor Response
CloudBees Jenkins has released patches to address this vulnerability and issued CVE-2017-1000353 for the vulnerability. For more details: https://jenkins.io/security/advisory/2017-04-26/

Continue reading SSD Advisory – CloudBees Jenkins Unauthenticated Code Execution

SSD Advisory – SquirrelMail Remote Code Execution

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerability Summary
The following advisory describes Remote Code Execution found in SquirrelMail version 1.4.22.

SquirrelMail is a standards-based webmail package written in PHP. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no JavaScript required) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. SquirrelMail has all the functionality you would want from an email client, including strong MIME support, address books, and folder manipulation.

Credit
An independent security researcher, Dawid Golunski (https://legalhackers.com/), has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor Responses
SquirrelMail has released patches to address this vulnerability, for more details see: https://squirrelmail.org/security/issue/2017-04-24

Continue reading SSD Advisory – SquirrelMail Remote Code Execution