Monthly Archive: August 2020

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used...

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file (which contains various settings...

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer...

In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression. Date published : 2020-08-13 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G7LO7DAPN33FL4JQ7DDPB76SIEFGMZSQ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AII7UYDPNKYE75AZL45M6HAV2COP7F6S/

FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items. Date published : 2020-08-13 https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.8 http://packetstormsecurity.com/files/158840/Fuel-CMS-1.4.7-SQL-Injection.html

An issue was discovered in Zalo.exe in VNG Zalo Desktop 19.8.1.0. An attacker can run arbitrary commands on a remote Windows machine running the Zalo client by sending the user of the device a...

A SQL injection vulnerability in the qm_adm/qm_export_stats_run.do endpoint of Loway QueueMetrics before 19.10.21 allows remote authenticated users to execute arbitrary SQL commands via the exportId parameter. Date published : 2020-08-13 https://blog.divisionzero.co/2020/08/12/cve-2020-15947/

A SQL injection vulnerability at a tpf URI in Loway QueueMetrics before 19.10.21 allows remote authenticated attackers to execute arbitrary SQL commands via the TPF_XPAR1 parameter. Date published : 2020-08-13 https://blog.divisionzero.co/2020/08/12/cve-2020-15925/

A timeout during a TLS handshake can result in the connection failing to terminate. This can result in a Niagara thread hanging and requires a manual restart of Niagara (Versions 4.6.96.28, 4.7.109.20, 4.7.110.32, 4.8.0.110)...

For GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git configuration settings can be modified to result in Server Side Request Forgery. Date published : 2020-08-13 https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13286.json https://gitlab.com/gitlab-org/gitlab/-/issues/215212

For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting (XSS) vulnerability exists in the issue reference number tooltip. Date published : 2020-08-13 https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13285.json https://gitlab.com/gitlab-org/gitlab/-/issues/212626

For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting vulnerability exists in the issues list via milestone title. Date published : 2020-08-13 https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13283.json https://gitlab.com/gitlab-org/gitlab/-/issues/218448

For GitLab before 13.0.12, 13.1.6, 13.2.3 after a group transfer occurs, members from a parent group keep their access level on the subgroup leading to improper access. Date published : 2020-08-13 https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13282.json https://gitlab.com/gitlab-org/gitlab/-/issues/202687

For GitLab before 13.0.12, 13.1.6, 13.2.3 a denial of service exists in the project import feature Date published : 2020-08-13 https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13281.json https://gitlab.com/gitlab-org/gitlab/-/issues/31564