BugTraq Mode:
(Page 7 of 1654)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >
[security bulletin] HPSBHF03535 rev.1 - HPE iMC OSS and iMC Plat running Adobe Flash, Multiple Remote Vulnerabilities 2016-01-13
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c04939841

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04939841
Version: 1

HPSBHF03535 r

[ more ]  [ reply ]
Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 2016-01-14
Qualys Security Advisory (qsa qualys com)

Qualys Security Advisory

Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778

========================================================================

Contents
========================================================================

Summary
Information Leak (CVE-2016-0777)
- Anal

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-16:06.bsnmpd 2016-01-14
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-16:06.bsnmpd Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
[SECURITY] [DSA 3445-1] pygments security update 2016-01-13
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3445-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
January 13, 2016

[ more ]  [ reply ]
WP Symposium Pro Social Network Plugin XSS Vulnerability 2016-01-12
Rahul Pratap Singh (techno rps gmail com)
##FULL DISCLOSURE

#Product : WP Symposium Pro Social Network plugin
#Exploit Author : Rahul Pratap Singh
#Home page Link : https://wordpress.org/plugins/wp-symposium-pro
#Version : 16.1
#Website : 0x62626262.wordpress.com
#Twitter : @0x62626262
#Linkedin : https://in.linkedin.com/in/rahulprataps

[ more ]  [ reply ]
[security bulletin] HPSBGN03532 rev.1 - HPE ArcSight Logger, Multiple Vulnerabilities 2016-01-13
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c04941487

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04941487
Version: 1

HPSBGN03532 r

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-16:02.ntp 2016-01-14
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-16:02.ntp Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
Multiple SQL Injection Vulnerabilities in mcart.xls Bitrix Module 2016-01-13
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23279
Product: mcart.xls Bitrix module
Vendor: www.mcart.ru
Vulnerable Version(s): 6.5.2 and probably prior
Tested Version: 6.5.2
Advisory Publication: November 18, 2015 [without technical details]
Vendor Notification: November 18, 2015
Public Disclosure: January 13, 2016
Vulnera

[ more ]  [ reply ]
[CVE-2016-0014] Executable installers are vulnerable^WEVIL (case 1): Microsoft's IExpress resp. WExtract, SFXCab, BoxStub, ... 2016-01-13
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

IExpress (<https://msdn.microsoft.com/en-us/library/dd346760.aspx>)
creates executable installers [°] or self-extracting archives for
Windows by embedding a .CAB archive and some strings as resources
into a copy of the program %SystemRoot%\System32\WExtract.exe.

These self-extracting archi

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-16:03.linux 2016-01-14
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-16:03.linux Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
[SECURITY] [DSA 3443-1] libpng security update 2016-01-13
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3443-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
January 13, 2016

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Identity Services Engine Unauthorized Access Vulnerability 2016-01-13
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco Identity Services Engine Unauthorized Access Vulnerability

Advisory ID: cisco-sa-20160113-ise

Revision: 1.0

For Public Release 2016 January 13 16:00 GMT

+------------------------------------------------------------

[ more ]  [ reply ]
[SECURITY] [DSA 3446-1] openssh security update 2016-01-14
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3446-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Yves-Alexis Perez
January 14, 2016

[ more ]  [ reply ]
Commentator Wordpress Plugin 2.5.2 XSS Vulnerability 2016-01-13
Rahul Pratap Singh (techno rps gmail com)
## Full Disclosure

#Product : Commentator Wordpress Plugin
#Exploit Author : Rahul Pratap Singh
#Version : 2.5.2
#Home page Link :
http://codecanyon.net/item/commentator-wordpress-plugin/6425752
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94
#Dat

[ more ]  [ reply ]
[SECURITY] [DSA 3442-1] isc-dhcp security update 2016-01-13
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3442-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Michael Gilbert
January 13, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3431-2] ganeti regression update 2016-01-14
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3431-2 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
January 14, 2016

[ more ]  [ reply ]
SEC Consult whitepaper: Bypassing McAfee Application Whitelisting for Critical Infrastructure Systems 2016-01-12
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab released a new whitepaper titled:

"Bypassing McAfee Application Whitelisting for Critical Infrastructure Systems"
- the dinosaurs want their vuln back

Link to blog overview:
----------------------
Including slides from presentations on this topic (with details & demos

[ more ]  [ reply ]
[SECURITY] [DSA 3441-1] perl security update 2016-01-11
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3441-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
January 11, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3440-1] sudo security update 2016-01-11
Ben Hutchings (benh debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3440-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Ben Hutchings
January 11, 2016

[ more ]  [ reply ]
Exploiting XXE vulnerabilities in AMF libraries 2016-01-11
Nicolas Grégoire (nicolas gregoire agarri fr)
Hello,

AMF (aka "Action Message Format") is a binary format used by Flash
applications communicating with server-side components. A few data types
supported by AMF deal with XML content (for example the "XML Document"
type in AMF0).

In 2015, several AMF libraries (including BlazeDS and PyAMF) were

[ more ]  [ reply ]
Re: Mozilla Firefox 44.0b2 Cross-site Scripting Vulnerability 2016-01-11
Reed Loden (reed reedloden com)
Again, how is that any different from you saving the contents of that
<script> call to foo.html and opening that in Firefox? It's not even a
self-XSS where you're impacting some other domain, as the null
principal is loaded (as per
https://bugzilla.mozilla.org/show_bug.cgi?id=656433), so it doesn't

[ more ]  [ reply ]
Re: TFTP Server 3CTftpSvc Buffer Overflow Vulnerability (Long transporting mode) 2016-01-10
fgghy dodo com
#!/usr/bin/python
# Buffer Overflow (Long transporting mode) Vulnerability Exploit
# This is just a DoS exploiting code
# Tested on Windows xp SP2
#
# Requires python and impacket
#
# Coded by Liu Qixu Of NCNIPC

import socket
import sys

host = '192.168.1.11'
port = 69

try:
s = socke

[ more ]  [ reply ]
Mozilla Firefox 44.0b2 Cross-site Scripting Vulnerability 2016-01-11
iedb team gmail com
Mozilla Firefox 44.0b2 7 and Old Version Local Cross-site Scripting Vulnerability

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@
# @@@ @@@

[ more ]  [ reply ]
Mozilla Firefox 44.0b2 Cross-site Scripting Vulnerability 2016-01-11
iedb team gmail com
Mozilla Firefox 44.0b2 7 and Old Version Local Cross-site Scripting Vulnerability

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@
# @@@ @@@

[ more ]  [ reply ]
OpenBravo Hibernate HQL Injection 2016-01-11
Ng, Sam \(Fortify\) (samn hpe com)
Title: OpenBravo Hibernate HQL Injection
Vulnerability Author: Sam Ng, HPE Software Security Research Team
Vendor Patch: 3.0PR15Q3.4 and 3.0PR15Q4.1
Vendor Reference: https://issues.openbravo.com/view.php?id=31577, http://wiki.openbravo.com/wiki/Release_Notes/3.0PR15Q3.4, http://wiki.openbravo.com/w

[ more ]  [ reply ]
[SECURITY] [DSA 3439-1] prosody security update 2016-01-10
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3439-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
January 10, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3437-1] gnutls26 security update 2016-01-09
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3437-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
January 09, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3438-1] xscreensaver security update 2016-01-10
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3438-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Michael Gilbert
January 09, 2016

[ more ]  [ reply ]
CVE-2015-8396: GDCM buffer overflow in ImageRegionReader::ReadIntoBuffer 2016-01-11
Stelios Tsampas (stelios census-labs com)
Grassroots DICOM (GDCM) is a C++ library for processing DICOM medical
images.
It provides routines to view and manipulate a wide range of image formats
and can be accessed through many popular programming languages like Python,
C#, Java and PHP.

GDCM versions 2.6.0 and 2.6.1 (and possibly previous

[ more ]  [ reply ]
(Page 7 of 1654)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus