BugTraq Mode:
(Page 1 of 1694)  1 2 3 4 5 6 7 8 9 10 11  Next >
Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability

Advisory ID: cisco-sa-20160928-smi

Revision: 1.0

For Public Release: 2016 September 28 16:00 GMT

+----------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities

Advisory ID: cisco-sa-20160928-msdp

Revision: 1.0

For Public Release: 2016 September 28 16:00 GMT

+---------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability

Advisory ID: cisco-sa-20160928-ios-ikev1

Revision: 1.0

For Public Release: 2016 September 28 16:00 GMT

+--------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS XE Software NAT Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS XE Software NAT Denial of Service Vulnerability

Advisory ID: cisco-sa-20160928-esp-nat

Revision: 1.0

For Public Release: 2016 September 28 16:00 GMT

+------------------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability

Advisory ID: cisco-sa-20160928-cip

Revison: 1.0

For Public Release: 2016 September 28 16:00 GMT

+-------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability

Advisory ID: cisco-sa-20160928-aaados

Revision: 1.0

For Public Release: 2016 September 28 16:00 GMT

+-----------------------------------------------

[ more ]  [ reply ]
[REVIVE-SA-2016-002] Revive Adserver - Multiple vulnerabilities 2016-09-28
Matteo Beccati (matteo beccati com)
========================================================================

Revive Adserver Security Advisory REVIVE-SA-2016-002
========================================================================

http://www.revive-adserver.com/security/revive-sa-2016-002
======================

[ more ]  [ reply ]
Multiple vulnerabilities found in the Dlink DWR-932B (backdoor, backdoor accounts, weak WPS, RCE ...) 2016-09-28
Pierre Kim (pierre kim sec gmail com)
Hello,

Please find a text-only version below sent to security mailing lists.

The complete version on analysing the security in Dlink 932B LTE
routers is posted here:
https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-v
ulnerabilities.html

=== text-version of the advisory w

[ more ]  [ reply ]
Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 2016-09-27
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016

Advisory ID: cisco-sa-20160927-openssl

Revision: 1.0

For Public Release 2016 September 27 22:40 UTC (GMT)

+----------------------------------------------------------------

[ more ]  [ reply ]
[slackware-security] bind (SSA:2016-271-01) 2016-09-27
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] bind (SSA:2016-271-01)

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------

[ more ]  [ reply ]
[SECURITY] [DSA 3680-1] bind9 security update 2016-09-27
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3680-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Florian Weimer
September 27, 2016

[ more ]  [ reply ]
ESA-2016-127: EMC ViPR SRM Stored Cross-Site Scripting Vulnerability 2016-09-27
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

EMC Identifier: ESA-2016-127

CVE Identifier: CVE-2016-6647

Severity Rating: CVSS v3 Base Score: 7.6 (AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N)

Affected products:

EMC ViPR SRM versions prior to 4.0.1

Summary:

EMC ViPR SRM 4.0.1 contains

[ more ]  [ reply ]
[SECURITY] [DSA 3679-1] jackrabbit security update 2016-09-27
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3679-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Florian Weimer
September 27, 2016

[ more ]  [ reply ]
[security bulletin] HPSBHF03652 rev.1 - HPE iMC PLAT Network Products running Apache Commons FileUpload, Remote Denial of Service (DoS) 2016-09-26
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052898
40

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05289840
Version: 1

HPSBHF03652 rev.1 - HPE iMC

[ more ]  [ reply ]
[security bulletin] HPSBHF03654 rev.1 - HPE iMC PLAT Network Products using SSL/TLS, Multiple Remote Vulnerabilities 2016-09-26
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052899
35

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05289935
Version: 1

HPSBHF03654 rev.1 - HPE iMC

[ more ]  [ reply ]
[security bulletin] HPSBHF03655 rev.1 - HPE iMC PLAT Network Products running Apache Axis2, Multiple Remote Vulnerabilities 2016-09-26
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052899
84

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05289984
Version: 1

HPSBHF03655 rev.1 - HPE iMC

[ more ]  [ reply ]
[SECURITY] [DSA 3678-1] python-django security update 2016-09-26
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3678-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Florian Weimer
September 26, 2016

[ more ]  [ reply ]
[slackware-security] openssl (SSA:2016-270-01) 2016-09-26
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] openssl (SSA:2016-270-01)

New openssl packages are available for Slackware 14.2 and -current to
fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/openssl

[ more ]  [ reply ]
[security bulletin] HPSBGN03648 rev.1 - HPE LoadRunner and Performance Center, Remote Denial of Service (DoS) 2016-09-26
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052788
82

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05278882
Version: 1

HPSBGN03648 rev.1 - HPE Load

[ more ]  [ reply ]
OS-S Security Advisory 2016-19: Epson WorkForce multi-function printers do not use signed firmware images and allow unauthorized malicious firmware-updates (CVSS 10) 2016-09-24
Ralf Spenneberg (info os-t de)
OpenSource Security Ralf Spenneberg
Am Bahnhof 3-5
48565 Steinfurt
info (at) os-s (dot) net [email concealed]

OS-S Security Advisory 2016-19

Title: Epson WorkForce multi-function printers do not use signed
firmware images and allow unauthorized malicious firmware-updates
Authors: Yves-Noel Weweler <y.weweler (at) gmail (dot) com [email concealed]>, Ralf

[ more ]  [ reply ]
[slackware-security] php (SSA:2016-267-01) 2016-09-23
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2016-267-01)

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/php

[ more ]  [ reply ]
ESA-2016-097: RSA Identity Governance and Lifecycle Information Disclosure Vulnerability 2016-09-23
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-097: RSA Identity Governance and Lifecycle Information Disclosure Vulnerability

EMC Identifier: EMC-2016-097

CVE Identifier: CVE-2016-0918

Severity Rating: CVSS v3 Base Score: 4.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

[ more ]  [ reply ]
Recon Europe 2017 Call For Papers - January 27 - 29, 2017 - Brussels, Belgium 2016-09-22
cfpbrussels2017 recon cx

` . R E C O N * B R U S S E L S .
. . C F P ' .
' https://recon.cx
. 27 - 29 January 2017 . .
. ' Brussels, Belgium .

[ more ]  [ reply ]
[SECURITY] [DSA 3674-1] firefox-esr security update 2016-09-22
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3674-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
September 22, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3673-1] openssl security update 2016-09-22
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3673-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
September 22, 2016

[ more ]  [ reply ]
Fwd: BT Wifi Extenders - Cross Site Scripting leading to disclosure of PSK 2016-09-22
Jamie R (jamie riden gmail com)
BT Wifi Extenders - 300, 600 and 1200 models - Cross Site Scripting
leading to disclosure of PSK.

A firmware update is required to resolve this issue.

The essential problem is that if you hit the following URL on your
wifi extender, it will pop up a whole load of private data, including
your PSK.

[ more ]  [ reply ]
IE11 is not following CORS specification for local files 2016-09-22
Ricardo Iramar dos Santos (riramar gmail com)
IE11 is not following CORS specification for local files like Chrome
and Firefox.
I've contacted Microsoft and they say this is not a security issue so
I'm sharing it.
From my tests IE11 is not following CORS specifications for local
files as supposed to be.
In order to prove I've created a maliciou

[ more ]  [ reply ]
[slackware-security] irssi (SSA:2016-265-03) 2016-09-21
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] irssi (SSA:2016-265-03)

New irssi packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+-------------------------

[ more ]  [ reply ]
[security bulletin] HPSBHF03646 rev.1 - HPE Comware 7 (CW7) Network Products running NTP, Multiple Remote Vulnerabilities 2016-09-21
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052708
39

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05270839
Version: 1

HPSBHF03646 rev.1 - HPE Comw

[ more ]  [ reply ]
Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla 2016-09-21
Larry W. Cashdollar (larry0 me com)

Title: Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla
Author: Larry W. Cashdollar, @_larry0
Date: 2016-09-15
Download Site: http://huge-it.com/joomla-video-gallery/
Vendor: www.huge-it.com, fixed v1.1.0
Vendor Notified: 2016-09-17
Vendor Contact: info (at) huge-it (dot) com [email concealed]
Descripti

[ more ]  [ reply ]
(Page 1 of 1694)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus