BugTraq Mode:
(Page 1 of 1700)  1 2 3 4 5 6 7 8 9 10 11  Next >
[slackware-security] mozilla-firefox (SSA:2016-336-01) 2016-12-01
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2016-336-01)

New mozilla-firefox packages are available for Slackware 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
pa

[ more ]  [ reply ]
[security bulletin] HPSBUX03665 rev.3 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS), URL Redirection 2016-11-30
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053247
59

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05324759

Version: 3

HPSBUX03665 rev.3

[ more ]  [ reply ]
[security bulletin] HPSBGN03680 rev.1 - HPE Propel, Local Denial of Service (DoS), Escalation of Privilege 2016-11-30
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053475
41

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05347541

Version: 1

HPSBGN03680 rev.1

[ more ]  [ reply ]
[security bulletin] HPSBGN03677 rev.1 - HPE Network Automation using RPCServlet and Java Deserialization, Remote Code Execution 2016-11-30
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053448
49

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05344849

Version: 1

HPSBGN03677 rev.1

[ more ]  [ reply ]
[FOXMOLE SA 2016-05-02] e107 Content Management System (CMS) - Multiple Issues 2016-11-30
FOXMOLE Advisories (advisories foxmole com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=== FOXMOLE - Security Advisory 2016-05-02 ===

e107 Content Management System (CMS) - Multiple Issues
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Affected Versions
=================
e107 2.1.2 Bootstrap CMS

Issue Overview
==============

[ more ]  [ reply ]
[security bulletin] HPSBHF03682 rev.1 - HPE Comware 7 Network Products using SSL/TLS, Local Gain Privileged Access 2016-11-30
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053414
63

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05341463

Version: 1

HPSBHF03682 rev.1

[ more ]  [ reply ]
[RT-SA-2016-003] Less.js: Compilation of Untrusted LESS Files May Lead to Code Execution through the JavaScript Less Compiler 2016-11-30
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: Less.js: Compilation of Untrusted LESS Files May Lead to Code
Execution through the JavaScript Less Compiler

RedTeam Pentesting discovered behaviour in the Less.js compiler,
which allows execution of arbitrary code if an untrusted LESS file is
compiled.

Details
=======

Produc

[ more ]  [ reply ]
XSS in tooltip plugin of Zurb Foundation 5 2016-11-29
Winni Neessen (winni insecure so)
XSS vulnerabilty in the tooltip plugin of Zurb Foundation 5.x
=============================================================

URL to this advisory: https://nop.li/foundation5tooltipxss

Vendor
======
http://zurb.com/

Product
=======
(Taken from http://foundation.zurb.com/sites/docs/v/5.5.3/)
Foundat

[ more ]  [ reply ]
Google Chrome Accessibility blink::Node corruption details 2016-11-29
Berend-Jan Wever (berendj nwever nl)
Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the
twenty-first entry in that series. Unfortunately I won't be able to
publish everything within one month at the current rate, so I may
continue to publish these throug

[ more ]  [ reply ]
SEC Consult SA-20161128-0 :: DoS & heap-based buffer overflow in Guidance Software EnCase Forensic 2016-11-28
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20161128-0 >
=======================================================================
title: Denial of service & heap-based buffer overflow
product: Guidance Software EnCase Forensic Imager & EnCase Forensic
vulnerable versi

[ more ]  [ reply ]
[SECURITY] [DSA 3725-1] icu security update 2016-11-27
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3725-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
November 27, 2016

[ more ]  [ reply ]
Core FTP LE v2.2 Remote SSH/SFTP Buffer Overflow 2016-11-27
apparitionsec gmail com/hyp3rlinx
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/CORE-FTP-REMOTE-SSH-SFTP-BUFF
ER-OVERFLOW.txt

[+] ISR: ApparitionSec

Vendor:
===============
www.coreftp.com

Product:
========================
Core FTP LE (clie

[ more ]  [ reply ]
WorldCIST'2017 - Submission deadline: November 30 2016-11-26
ML (marialemos72 gmail com)
* Best papers published in several SCI/SSCI-indexed journals
** Proceedings by Springer, indexed by ISI, Scopus, DBLP, EI-Compendex, etc.

------------------------------------------------------------------------
---------
WorldCIST'17 - 5th World Conference on Information Systems and Technologies
Po

[ more ]  [ reply ]
CVE 2016-6803: Apache OpenOffice Unquoted Search Path Vulnerability 2016-11-25
Apache OpenOffice Security (orcmid apache org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

CVE-2016-6803
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-6803>
Apache OpenOffice Advisory
<https://www.openoffice.org/security/cves/CVE-2016-6803.html>

Title: Windows Installer Can Enable Privileged Trojan Execution

Version 1.0
Announced O

[ more ]  [ reply ]
Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25
Jackie Blanco (jackie sdiwc info)
*********************************************************************
Call for Participation

CyberSec2017: The Fifth International Conference on Cyber Security,
Cyber Welfare and Digital Forensic

22-24 April 2017, St. Mary's University, Addis Ababa, Ethiopia

https://goo.gl/mbDr7F

**************

[ more ]  [ reply ]
[SECURITY] [DSA 3724-1] gst-plugins-good0.10 security update 2016-11-24
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3724-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
November 24, 2016

[ more ]  [ reply ]
Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25
Jackie Blanco (jackie sdiwc info)
*********************************************************************
Call for Participation

CyberSec2017: The Fifth International Conference on Cyber Security,
Cyber Welfare and Digital Forensic

22-24 April 2017, St. Mary's University, Addis Ababa, Ethiopia

https://goo.gl/mbDr7F

**************

[ more ]  [ reply ]
[SECURITY] [DSA 3723-1] gst-plugins-good1.0 security update 2016-11-24
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3723-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
November 24, 2016

[ more ]  [ reply ]
WorldCIST'17 - Submission deadline: November 27 2016-11-24
ML (marialemos72 gmail com)
* Best papers published in SCI/SSCI-indexed journals
** Proceedings by Springer, indexed in ISI, Scopus, DBLP, EI-Compendex, etc.

------------------------------------------------------------------------
---------
WorldCIST'17 - 5th World Conference on Information Systems and Technologies
Porto Sant

[ more ]  [ reply ]
[SYSS-2016-107] EASY HOME Alarmanlagen-Set - Cryptographic Issues (CWE-310) 2016-11-24
gerhard klostermeier syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-107
Product: EASY HOME Alarmanlagen-Set
Manufacturer: monolith GmbH
Affected Version(s): Model No. MAS-S01-09
Tested Version(s): Model No. MAS-S01-09
Vulnerability Type: Cryptographic Issues (CWE-310)
Risk Level: Low
Solution St

[ more ]  [ reply ]
[SYSS-2016-071] Blaupunkt Smart GSM Alarm SA 2500 Kit - Missing Protection against Replay Attacks 2016-11-24
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-071
Product: Smart GSM Alarm SA 2500 Kit
Manufacturer: Blaupunkt
Affected Version(s): v1.0
Tested Version(s): v1.0
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medium
Solution Status: Open
Manufactur

[ more ]  [ reply ]
[SYSS-2016-064] Multi Kon Trade M2B GSM Wireless Alarm System - Improper Restriction of Excessive Authentication Attempts (CWE-307) 2016-11-24
gerhard klostermeier syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-064
Product: M2B GSM Wireless Alarm System
Manufacturer: Multi Kon Trade
Affected Version(s): Unspecified
Tested Version(s): Unspecified
Vulnerability Type: Improper Restriction of Excessive Authentication
At

[ more ]  [ reply ]
[SYSS-2016-066] Multi Kon Trade M2B GSM Wireless Alarm System - Missing Protection against Replay Attacks 2016-11-24
gerhard klostermeier syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-066
Product: M2B GSM Wireless Alarm System
Manufacturer: Multi Kon Trade
Affected Version(s): Unspecified
Tested Version(s): Unspecified
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medium
Solution S

[ more ]  [ reply ]
[CVE-2016-7098] GNU Wget < 1.18 Access List Bypass / Race Condition 2016-11-24
Dawid Golunski (dawid legalhackers com)
Vulnerability: GNU Wget < 1.18 Access List Bypass / Race Condition
CVE-2016-7098

Discovered by: Dawid Golunski (@dawid_golunski)
https://legalhackers.com

Severity: Medium

GNU wget in version 1.17 and earlier, when used in mirroring/recursive mode,
is affected by a Race Condition vulnerability th

[ more ]  [ reply ]
[security bulletin] HPSBHF03673 rev.1 - HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Multiple Remote Vulnerabilities 2016-11-23
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053368
88

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05336888

Version: 1

HPSBHF03673 rev.1

[ more ]  [ reply ]
CVE-2015-1251: Chrome blink Speech­Recognition­Controller use-after-free details 2016-11-23
Berend-Jan Wever (berendj nwever nl)
Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the
seventeenth entry in that series. Unfortunately I won't be able to
publish everything within one month at the current rate, so I may
continue to publish these through

[ more ]  [ reply ]
[SYSS-2016-106] EASY HOME Alarmanlagen-Set - Missing Protection against Replay Attacks 2016-11-23
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-106
Product: EASY HOME Alarmanlagen-Set
Manufacturer: monolith GmbH
Affected Version(s): Model No. MAS-S01-09
Tested Version(s): Model No. MAS-S01-09
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medi

[ more ]  [ reply ]
[SYSS-2016-072] Olympia Protect 9061 - Missing Protection against Replay Attacks 2016-11-23
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-072
Product: Protect 9061
Manufacturer: Olympia
Affected Version(s): Article No. 5943 rev.03
Tested Version(s): Article No. 5943 rev.03
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medium
Solution St

[ more ]  [ reply ]
[CORE-2016-0007] - TP-LINK TDDP Multiple Vulnerabilities 2016-11-22
CORE Advisories Team (advisories coresecurity com)
1. Advisory Information

Title: TP-LINK TDDP Multiple Vulnerabilities
Advisory ID: CORE-2016-0007
Advisory URL: http://www.coresecurity.com/advisories/tp-link-tddp-multiple-vulnerabili
ties
Date published: 2016-11-21
Date of last update: 2016-11-18
Vendors contacted: TP-Link
Release mode: User releas

[ more ]  [ reply ]
CVE-2015-0050: Microsoft Internet Explorer 8 MSHTML SRunPointer::SpanQualifier/RunType OOB read details 2016-11-22
Berend-Jan Wever (berendj nwever nl)
Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the
sixteenth entry in that series. Unfortunately I won't be able to
publish everything within one month at the current rate, so I may
continue to publish these through D

[ more ]  [ reply ]
(Page 1 of 1700)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus