When using the "database backup/logging on filesystem" feature, iThemes security generates a weak filename allowing attackers to obtain the backup/log file if they know when the backup/log file was generated (timestamp).
A vulnerability has been found in iThemes Security backup function that may allow attackers to gain access to backup/log files.
By default, when using the "database backup on filesystem" feature, iThemes Security saves the backup files in a world-readable directory :
wp-content/uploads/ithemes-security/backups
The .htaccess file is generated during the plugin initial setup/update, only if the wp-content/uploads/ithemes-security/backups exists (or wp-content/uploads/ithemes-security/logs). Note that it does NOT exists by default.
When running a backup, the ITSEC_Backup class creates the directory but without any .htaccess file inside. The same thing happens with log saving.
If the webserver has directory listing enabled, then anybody can download the complete database backup or view the log files.
A critical vulnerability has been found in Proxmox VE 3 (OpenVZ) and Proxmox VE 4 beta 1 (LXC) in the virtual machine creating form allowing authenticated remote users to overwrite configuration files settings.
Product
Netgear ReadyNAS Surveillance is a NVR (Network Video Recorder) available for Netgear NAS systems.
Vulnerability
A critical vulnerability has been found in Netgear ReadyNAS Surveillance configuration backup feature, allowing remote users to execute arbitrary commands as root.
Centreon is a popular monitoring solution.
A critical vulnerability has been found in the Centreon logging class allowing remote users to execute arbitrary commands.
Multiple CSRF vulnerabilities have been found in the Mail interface of Zimbra 8.0.9 GA Release, giving possibilities to change account preferences like mail forwarding.
Les serrures connectées sont apparues il y a quelques années, surfant sur la vague de l'Internet des objets (IoT) avec pour ambition de remplacer nos serrures mécaniques traditionnelles. Ces serrures intègrent pour la grande majorité une connectivité Bluetooth et/ou NFC, afin de permettre aux utilisateurs de communiquer avec ces dernières et de les actionner à l'aide de clefs numériques. C'est tout naturellement que le Labo Sysdream s'est intéressé à ces différentes solutions, afin d'évaluer leur sécurité et d'éprouver des mécanismes d'attaques sur les objets connectés en général.
Début octobre se déroulait la première édition de la conférence Hardwear.io, traitant des objets connectés et de leur sécurité.
Sensio's Symfony web framework is one of the most used PHP-based MVC web development framework that powers a lot of well-known websites and web applications on the Internet. This framework comes with dedicated debugging tools, providing the developer with useful information about what happens when the framework renders a page. This feature is widely used on development systems but should not be available on production servers.
Cette année se déroulait à Mildenberg en Allemagne le troisième "Chaos Communication Camp" organisé par le Chaos Computer Club de Berlin (CCC). Il s'agit d'un des plus grands rassemblements en Europe de hackers et bidouilleurs qui campent sur le terrain d'une ancienne usine de briques, auquel certains membres de Sysdream ont participé (moi-même, et Julien).