CVE-2019-11279

CF UAA versions prior to 74.1.0 can request scopes for a client that shouldn’t be allowed by submitting an array of requested scopes. A remote malicious user can escalate their own privileges to any scope, allowing them to take control of UAA and the resources it controls.
Source: NIST
CVE-2019-11279

CVE-2019-15891

An issue was discovered in CKFinder through 2.6.2.1 and 3.x through 3.5.0. The documentation has misleading information that could lead to a conclusion that the application has a built-in bulletproof content sniffing protection.
Source: NIST
CVE-2019-15891

CVE-2019-15862

An issue was discovered in CKFinder through 2.6.2.1. Improper checks of file names allows remote attackers to upload files without any extension (even if the application was configured to accept files only with a defined set of extensions). This affects CKFinder for ASP, CKFinder for ASP.NET, CKFinder for ColdFusion, and CKFinder for PHP.
Source: NIST
CVE-2019-15862

CVE-2019-11278

CF UAA versions prior to 74.1.0, allow external input to be directly queried against. A remote malicious user with ‘client.write’ and ‘groups.update’ can craft a SCIM query, which leaks information that allows an escalation of privileges, ultimately allowing the malicious user to gain control of UAA scopes they should not have.
Source: NIST
CVE-2019-11278

CVE-2019-12562

Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 allows remote attackers to store and embed the malicious script into the admin notification page. The exploit could be used to perfom any action with admin privileges such as managing content, adding users, uploading backdoors to the server, etc. Successful exploitation occurs when an admin user visits a notification page with stored cross-site scripting.
Source: NIST
CVE-2019-12562

CVE-2019-16667

diag_command.php in pfSense 2.4.4-p3 allows CSRF via the txtCommand or txtRecallBuffer field, as demonstrated by executing OS commands. This occurs because csrf_callback() produces a “CSRF token expired” error and a Try Again button when a CSRF token is missing.
Source: NIST
CVE-2019-16667

CVE-2019-16915

An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents.
Source: NIST
CVE-2019-16915

CVE-2019-16914

An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization.
Source: NIST
CVE-2019-16914

Cyber-battle Over Real Model City Planned for Abu Dhabi Security Conference

Cyber-battle Over Real Model City Planned for Abu Dhabi Security Conference

The daily war waged between cyber-criminals and security experts will be played out in miniature in Abu Dhabi next month using an accurate model of a real city.



As part of the week-long HITB + Cyber Week security conference taking place at the Emirates Palace October 12–17, The Standoff challenge will pit competing teams against each other in a cyber-fight to gain control over a miniature city’s digital infrastructure. 



The simulated cyber-battle will take place in a live-fire environment, allowing players to develop valuable insight into vulnerabilities that could be exploited in a real-life cyber-attack. 



The model city has been created to feature technology in use in the critical infrastructure of an actual modern-day metropolis and has its own power plants, freight and passenger trains, banks, and petrochemical facilities. 



Red teams representing attackers will attempt to hack into the city’s industrial control systems (ICS) and supervisory control and data acquisition equipment and take control of its traffic systems, electrical plants, and transportation services, while blue teams push back to defend the city’s companies.



Under the competition’s rules, the blue team will not be allowed any time to study the infrastructure, find weak points, pick attack detection tools, or apply fixes. Instead, they will jump straight into protecting vulnerable services that are about to be targeted by red teams.



Web-application firewall (WAF) rules, next-generation firewall (NGFW) policies, basic account management, and the ability to delete malicious payloads are the only tactics allowed in the blue team’s defensive repertoire. Attackers are under no such constraints and can do what they like, provided they don’t disturb the infrastructure needed to run the contest. 



Dhillon Kannabhiran, founder and CEO of Hack In The Box (HITB), said: “The Standoff is one of the most challenging attack and defense contests in the world, where teams are competing to find vulnerabilities and attack vectors in real-world critical infrastructure.”



The Standoff’s hackable city was designed by Positive Technologies as a fun way for cyber-professionals to hone the protection and monitoring skills they use when dealing with real-world cybersecurity problems.



Head of cyber-battle business development at Positive Technologies, Gregory Galkin, said: “We’ve been working on The Standoff for almost 10 years now. We started with specialized trainings for information security experts and CTF players, but then understood that bringing our expertise even closer to the realities of life is a must in order to maximize the cyber-battle’s practical value.”


Source: Infosecurity
Cyber-battle Over Real Model City Planned for Abu Dhabi Security Conference