BugTraq Mode:
(Page 1 of 1570)  1 2 3 4 5 6 7 8 9 10 11  Next >
CVE-2014-5439 - Root shell on Sniffit [with exploit] 2014-11-26
Hector Marco (hecmargi upv es)
CVE-2014-5439 - Root shell on Sniffit

Sniffit is a packet sniffer and monitoring tool.

The attacker can create a specially-crafted sniffit configuration file,
which is able
to bypass all three protection mechanisms:

- Non-eXecutable bit NX
- Stack Smashing Protector SSP
- Address Spa

[ more ]  [ reply ]
Сross-Site Request Forgery (CSRF) in xEpan 2014-11-26
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23240
Product: xEpan
Vendor: Xavoc Technocrats Pvt. Ltd.
Vulnerable Version(s): 1.0.1 and probably prior
Tested Version: 1.0.1
Advisory Publication: October 22, 2014 [without technical details]
Vendor Notification: October 22, 2014
Public Disclosure: November 26, 2014
Vulnerabili

[ more ]  [ reply ]
[ MDVSA-2014:228 ] phpmyadmin 2014-11-26
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:228
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 3076-1] wireshark security update 2014-11-25
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3076-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
November 25, 2014

[ more ]  [ reply ]
[security bulletin] HPSBUX03166 SSRT101489 rev.1 - HP-UX running PAM libpam_updbe, Remote Authentication Bypass 2014-11-25
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04511778

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04511778
Version: 1

HPSBUX03166 SS

[ more ]  [ reply ]
[security bulletin] HPSBGN03203 rev.1 - HP CMS: UCMDB Browser running OpenSSL, Remote Disclosure of Information 2014-11-25
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04507636

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04507636
Version: 1

HPSBGN03203 re

[ more ]  [ reply ]
[security bulletin] HPSBGN03201 rev.1 - HP Asset Manager running SSLv3, Remote Disclosure of Information 2014-11-25
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04507535

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04507535
Version: 1

HPSBGN03201 re

[ more ]  [ reply ]
Slider Revolution/Showbiz Pro shell upload exploit 2014-11-25
simo morxploit com
#!/usr/bin/perl
#
# Title: Slider Revolution/Showbiz Pro shell upload exploit
# Author: Simo Ben youssef
# Contact: Simo_at_Morxploit_com
# Discovered: 15 October 2014
# Coded: 15 October 2014
# Updated: 25 November 2014
# Published: 25 November 2014
# MorXploit Research
# http://www.MorXploit.com
#

[ more ]  [ reply ]
[security bulletin] HPSBST03148 rev.1 - HP StoreOnce Gen 2 Backup Systems running Bash Shell, Remote Code Execution 2014-11-25
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04479974

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04479974
Version: 1

HPSBST03148 re

[ more ]  [ reply ]
[security bulletin] HPSBMU03214 rev.1 - HP Systinet running SSLv3, Remote Disclosure of Information 2014-11-25
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04510286

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04510286
Version: 1

HPSBMU03214 re

[ more ]  [ reply ]
[ MDVSA-2014:227 ] ffmpeg 2014-11-25
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:227
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:226 ] imagemagick 2014-11-25
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:226
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:225 ] ruby 2014-11-25
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:225
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[oCERT 2014-008] libFLAC multiple issues 2014-11-25
Daniele Bianco (danbia ocert org)

Description:

FLAC is an open source lossless audio codec supported by several software
and music players.

The libFLAC project, an open source library implementing reference
encoders and decoders for native FLAC and Ogg FLAC audio content,
suffers from multiple implementation issues.

In particula

[ more ]  [ reply ]
Docker 1.3.2 - Security Advisory [24 Nov 2014] 2014-11-24
Eric Windisch (eric windisch docker com)
Today, we are releasing Docker 1.3.2 in order to address two critical
security issues. This release also includes several bugfixes,
including changes to the insecure-registry option. Below are CVE
descriptions for the vulnerabilities addressed in this release.

Docker 1.3.2 is available immediately

[ more ]  [ reply ]
CVE-2014-8419 - CodeMeter Weak Service Permissions 2014-11-24
ajs swordshield com
CodeMeter Weak Service Permissions

Vendor Website : http://www.codemeter.com

INDEX
---------------------------------------
1. Background
2. Description
3. Affected Products
4. Vulnerability
5. Solution
6. Credit
7. Disclosure Timeline
8. CVE

1. BACKGROUND
--------

[ more ]  [ reply ]
Exploit for stealing backups on WP sites with WP-DB-Backup v2.2.4 plugin 2014-11-22
Larry W. Cashdollar (larry0 me com)
#!/bin/bash
#Larry W. Cashdollar, @_larry0
#Will brute force and search a Wordpress target site with WP-DB-Backup v2.2.4 plugin installed for any backups done on
#20141031 assumes the wordpress database is wordpress and the table prefix is wp_
#http://www.vapid.dhs.org/advisories/wordpress/plugins/w

[ more ]  [ reply ]
[security bulletin] HPSBUX03087 SSRT101413 rev.2 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access 2014-11-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04396638

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04396638
Version: 2

HPSBUX03087 SS

[ more ]  [ reply ]
[ MDVSA-2014:224 ] krb5 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:224
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:223 ] wireshark 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:223
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:222 ] libvirt 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:222
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:221 ] php-smarty 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:221
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:220 ] qemu 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:220
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:219 ] srtp 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:219
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[security bulletin] HPSBHF03052 rev.2 - HP Network Products running OpenSSL, Multiple Remote Vulnerabilities 2014-11-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04347622

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04347622
Version: 2

HPSBHF03052 re

[ more ]  [ reply ]
[ MDVSA-2014:218 ] asterisk 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:218
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
WordPress 3 persistent script injection 2014-11-20
Jouko Pynnonen (jouko iki fi)
OVERVIEW
========

A security flaw in WordPress 3 allows injection of JavaScript into
certain text fields. In particular, the problem affects comment boxes
on WordPress posts and pages. These don't require authentication by
default.

The JavaScript injected into a comment is executed when the target

[ more ]  [ reply ]
AST-2014-012: Mixed IP address families in access control lists may permit unwanted traffic. 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-012

Product Asterisk
Summary Mixed IP address families in access control lists
may permit unwanted traffic.

[ more ]  [ reply ]
AST-2014-013: PJSIP ACLs are not loaded on startup 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-013

Product Asterisk
Summary PJSIP ACLs are not loaded on startup
Nature of Advisory Unauthorized Access

[ more ]  [ reply ]
AST-2014-015: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-015

Product Asterisk
Summary Remote Crash Vulnerability in PJSIP channel driver
Nature of Advisory Denial of Service

[ more ]  [ reply ]
(Page 1 of 1570)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus