Thursday, May 7, 2020
Posted by Editorial_Staff_Team
Reader's rate:
5
LANCOM Systems Wireless Controller Series (Public Spot) - Several Patches Released by Support Today Security researchers of the vulnerability laboratory core research team uncovered about 3 weeks ago a new vulnerability in the LANCOM Systems wireless controller product series. With WLAN... + continue reading
Thursday, April 30, 2020
Posted by Editorial_Staff_Team
Reader's rate:
5
The Digital Bank Robbery of the Year 2020 - APT "Golden_hands" (Government Emergency Aid) In last 4-5 weeks our company Evolution Security GmbH and all around us were affected by the economy crisis that came cold from the back. This is a story about advanced persistent threats in Germany and the... + continue reading
Wednesday, April 29, 2020
Posted by Editorial_Staff_Team
Reader's rate:
5
Pointer Issue crashs local mmc.exe process on Microsoft Windows 2012 R2 x64 Due to a test in a staging-system that was fresh setup with a windows 2012 r2 release the researcher of the vulnerability lab identified a serious local denial of service vulnerability affecting different other microsoft... + continue reading
Saturday, April 4, 2020
Posted by Editorial_Staff_Team
Reader's rate:
5
Security gap in search function of Bundeswehr web application patched About some time ago, we had a look at the latest Bundeswehr website (https://www.bundeswehrkarriere.de/) in our lab. We noticed an error in the output of the validation of an application. We then investigated this error in... + continue reading
Tuesday, February 11, 2020
Posted by Editorial_Staff_Team
Reader's rate:
5
Microsoft starts Xbox... + continue reading
Friday, December 20, 2019
Posted by Editorial_Staff_Team
Reader's rate:
5
Apples Whitehat Hacker gift for Xmas Due to a longer period of time (January) we have stopped our Responsible Disclosure Bug Bounty Program at Apple. The reason was that Apple's security department made many mistakes in dealing with independent security researchers and did not seriously reward... + continue reading
Friday, December 13, 2019
Posted by Editorial_Staff_Team
Reader's rate:
5
Whitehat in action discovers Kiosk Escape... + continue reading
Friday, November 22, 2019
Posted by Editorial_Staff_Team
Reader's rate:
5
Last month, security researcher and founder of the vulnerability lab Benjamin Kunz Mejri discovered a new Microsoft Skype vulnerability. The problem has a local and a remote attack vector that can be exploited. Surprisingly, the way the attack takes place is via the client infrastructure to an... + continue reading
Monday, September 9, 2019
Posted by Editorial_Staff_Team
Reader's rate:
5
Undocumented Telnetd... + continue reading

Featured Cooperative Security Articles

Thursday, 07/05/20 - 2 comment(s)
LANCOM Systems Wireless Controller Series (Public Spot) - Several Patches Released by Support Today Security researchers of the vulnerability laboratory core research team uncovered about 3 weeks ago a new vulnerability in the LANCOM Systems wireless controller product series. With WLAN controllers, access points can be configured and... + continue reading
Thursday, 30/04/20 - 8 comment(s)
The Digital Bank Robbery of the Year 2020 - APT "Golden_hands" (Government Emergency Aid) In last 4-5 weeks our company Evolution Security GmbH and all around us were affected by the economy crisis that came cold from the back. This is a story about advanced persistent threats in Germany and the European Union during the crisis affecting the... + continue reading

TOP SECURITY STORIES

Thursday, 07/05/20 - 2 comment(s)
LANCOM Systems Wireless Controller Series (Public Spot) - Several Patches Released by Support Today Security researchers of the vulnerability laboratory core research team uncovered about 3 weeks... + continue reading

VULNERABILITIES & BUGS

Wednesday, 29/04/20 - 1 comment(s)
Pointer Issue crashs local mmc.exe process on Microsoft Windows 2012 R2 x64 Due to a test in a staging-system that was fresh setup with a windows 2012 r2 release the researcher of the... + continue reading

BEST SECURITY VIDEOS

Thursday, 07/03/19 - 2 comment(s)
Telekom Magenta Musik 360 - CERT Coordinates The videos shows the reproduce for the german telekom in a new service they did publish in 2019 Q1. The vulnerabilities are persistent and non-... + continue reading

LAB MAGAZINE ISSUES

Tuesday, 11/03/14 - 1 comment(s)
Vulnerability Magazine Welcome to the Vulnerability Magazine! The the vulnerability magazine, publishes the latest vulnerabilities and security informations from our laboratory infrastructure.... + continue reading

IT-SECURITY EVENTS

Thursday, 23/11/17 - 2 comment(s)
Legendary free speech - You are the Key! In the last weeks we got invited to the very famous JBFone Conference organized by the Fiducia & GAD IT AG. The Fiducia & GAD IT AG is a public... + continue reading
Fri
13
Dec

Zero Day Vulnerability in Deutsche Bahn Ticket Machine Series System uncovered

Whitehat in action discovers Kiosk Escape & Escalation via Windows PasswordAgent

In the last few days some Whitehat hackers of the Vulnerability Lab have come together for an action at the station wilhelmshöhe in kassel (Germany) to deal with a new security hole of the Deutsche Bahn ticket machines. While the station woke up quietly at 05:00 in the early morning without security personnel, the action took place. In the first step of this article, we want to focus on the vulnerability and then explain our approach as a group.

It is possible for local attackers to break out of the kiosk mode of the Deutsche Bahn vending machine application if the Password Agent (PasswordAgent.exe) of the system receives a timeout or has a runtime error in the program itself in the background. These errors can occur due to aborted sessions, unclean logout or common errors when using the application at system level.

Fri
22
Nov

Skype v8.49.0.49 Export History v7 - Persistent Web Vulnerability

Last month, security researcher and founder of the vulnerability lab Benjamin Kunz Mejri discovered a new Microsoft Skype vulnerability. The problem has a local and a remote attack vector that can be exploited. Surprisingly, the way the attack takes place is via the client infrastructure to an export function for an older version of Skype.

Skype has a new export function for the skype v7.x contents and messages. Users are able to export the old logs to generate a html file inside the browser with the exported content of the main.db file in combination with the journal file. The content is rendered and generated in the local installed standard browser without much usage of physical capacity.

Pages

Subscribe to Vulnerability Magazine - Acknoweldgements, Bug Bounties & Security Research RSS