Cyber Security Newsfeeds from around the world
XL-19-008 – ABB IDAL FTP Server Path Traversal Vulnerability ======================================================================== Identifiers ———– XL-19-008 CVE-2019-7227 ABBVU-IAMF-1902006 CVSS Score ———- 7.3 (AV:A/AC:L/PR:L/UI:N/S:U/…
Continue ReadingXL-19-005 – ABB HMI Absence of Signature Verification Vulnerability ======================================================================== Identifiers ———– XL-19-005 CVE-2019-7229 ABBVU-IAMF-1902003 ABBVU-IAMF-1902012 CVSS Score ———- 8.3…
Continue ReadingOriginal posting: https://xor.cat/2019/06/19/fortinet-forticam-vulns/ ## Background In March of 2019 I discovered five vulnerabilities in Fortinet’s FortiCam FCM-MB40[1] product. Part-way through disclosing this vulnerability, I discovered that the FCM…
Continue ReadingXL-19-011 – ABB IDAL HTTP Server Stack-Based Buffer Overflow Vulnerability ======================================================================== Identifiers ———– XL-19-011 CVE-2019-7232 ABBVU-IAMF-1902009 CVSS Score ———- 8.8 (AV:A/AC:L/…
Continue ReadingXL-19-010 – ABB IDAL HTTP Server Authentication Bypass Vulnerability ======================================================================== Identifiers ———– XL-19-010 CVE-2019-7226 ABBVU-IAMF-1902005 CVSS Score ———- 8.8 (AV:A/AC:L/PR:N/U…
Continue ReadingXL-19-012 – ABB IDAL HTTP Server Uncontrolled Format String Vulnerability ======================================================================== Identifiers ———– XL-19-012 CVE-2019-7228 ABBVU-IAMF-1902007 CVSS Score ———- 8.8 (AV:A/AC:L/P…
Continue ReadingA vulnerability has been found in (Printing Software) ( the affected version is unknown ) and classified as problematic. This vulnerability affects an unknown functionality of the component Apache HTTP Server . The manipulation with an unknown input le…
Continue ReadingThe study carried out by a security company named Positive Technologies says that 76% of mobile applications open up data to be accessed by hackers leaking out insightful info like personal data, financial info, passwords-all due to the presence of unp…
Continue ReadingHacking software is not only used by hackers for criminal activities but it’s equally used by white hat hackers and security professionals to identify a vulnerability in a network or an endpoint. There is several hacking software available on the inter…
Continue ReadingThe ABB IDAL FTP server is vulnerable to a buffer overflow when a long string is sent by an authenticated attacker. This overflow is handled, but terminates the process. An authenticated attacker can send a FTP command string of 472 bytes or more to ov…
Continue Reading