BugTraq Mode:
(Page 8 of 1610)  < Prev  3 4 5 6 7 8 9 10 11 12 13  Next >
Socrata Bug Bounty #1 - Persistent Encoding Vulnerability 2015-04-23
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Socrata Bug Bounty #1 - Persistent Encoding Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1438

Release Date:
=============
2015-04-22

Vulnerability Laboratory ID (VL-ID):
=============================

[ more ]  [ reply ]
Dnsmasq 2.72 Unchecked returned value 2015-04-23
Nick Sampanis (n sampanis obrela com)
"Dnsmasq 2.72 Unchecked returned value"

Description
------------------------------------------------------------
Dnsmasq does not properly check the return value of the setup_reply()
function called during a tcp connection (by the tcp_request() function).
This return value is then used as a size ar

[ more ]  [ reply ]
[ALICLOUDSEC-VUL2015-001]Android wpa_supplicant WLAN Direct remote buffer overflow 2015-04-23
��海 (donghai_zhu vulnhunt com)
1. Advisory Information
Advisory URL: http://security.alibaba.com/blog/blog.htm?spm=0.0.0.0.p1ECc3&id=19
Date published: 2015-04-23
Date of last update: 2015-04-23

2. Vulnerability Information
Class: heap overflow
Impact: memory information leak and remote code execution
Remote Exploitable: Yes
Loc

[ more ]  [ reply ]
[slackware-security] openssl (SSA:2015-111-09) 2015-04-22
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] openssl (SSA:2015-111-09)

New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+

[ more ]  [ reply ]
[slackware-security] bind (SSA:2015-111-01) 2015-04-22
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] bind (SSA:2015-111-01)

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patch

[ more ]  [ reply ]
[slackware-security] httpd (SSA:2015-111-03) 2015-04-22
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] httpd (SSA:2015-111-03)

New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
pat

[ more ]  [ reply ]
[slackware-security] ntp (SSA:2015-111-08) 2015-04-22
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] ntp (SSA:2015-111-08)

New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches

[ more ]  [ reply ]
[slackware-security] seamonkey (SSA:2015-111-14) 2015-04-22
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] seamonkey (SSA:2015-111-14)

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packag

[ more ]  [ reply ]
[slackware-security] ppp (SSA:2015-111-11) 2015-04-22
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] ppp (SSA:2015-111-11)

New ppp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches

[ more ]  [ reply ]
[slackware-security] php (SSA:2015-111-10) 2015-04-22
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2015-111-10)

New php packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/php-5.4.4

[ more ]  [ reply ]
[slackware-security] mutt (SSA:2015-111-07) 2015-04-22
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mutt (SSA:2015-111-07)

New mutt packages are available for Slackware 13.37, 14.0, 14.1, and -current
to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages

[ more ]  [ reply ]
[slackware-security] gnupg (SSA:2015-111-02) 2015-04-22
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] gnupg (SSA:2015-111-02)

New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
pat

[ more ]  [ reply ]
[slackware-security] proftpd (SSA:2015-111-12) 2015-04-22
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] proftpd (SSA:2015-111-12)

New proftpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------

[ more ]  [ reply ]
[slackware-security] libssh (SSA:2015-111-04) 2015-04-22
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] libssh (SSA:2015-111-04)

New libssh packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/lib

[ more ]  [ reply ]
[slackware-security] qt (SSA:2015-111-13) 2015-04-22
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] qt (SSA:2015-111-13)

New qt packages are available for Slackware 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/qt-4.8.6-i486-1_s

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2015-111-06) 2015-04-22
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2015-111-06)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2015-111-05) 2015-04-22
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2015-111-05)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
[security bulletin] HPSBGN03308 rev.1 - HP TippingPoint Security Management System (SMS) and TippingPoint Virtual Security Management System (vSMS), Remote Code Execution 2015-04-22
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04626974

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04626974
Version: 1

HPSBGN03308 re

[ more ]  [ reply ]
Multiple Cross-Site Scripting (XSS) in FreePBX 2015-04-22
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23253
Product: FreePBX
Vendor: Sangoma Technologies
Vulnerable Version(s): 12.0.43 and probably prior
Tested Version: 12.0.43
Advisory Publication: March 18, 2015 [without technical details]
Vendor Notification: March 18, 2015
Vendor Patch: March 27, 2015
Public Disclosure: April

[ more ]  [ reply ]
Netgear WNR2000v4 Multiple Vulnerabilities 2015-04-22
endeavor (endeavor rainbowsandpwnies com)
I'm releasing a few vulnerabilities for the WNR2000v4 Netgear router.
Netgear is currently working these issues.

Quick Fix
---------

If you own a WNR2000v4, set a strong password and set security questions
to jibberish.

Timeline
--------

FEB2015 - "MW" Volunteers to be victim to router pwning

[ more ]  [ reply ]
[SECURITY] [DSA 3232-1] curl security update 2015-04-22
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3232-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
April 22, 2015

[ more ]  [ reply ]
iPassword Manager v2.6 iOS - Persistent Vulnerabilities 2015-04-22
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
iPassword Manager v2.6 iOS - Persistent Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1453

Release Date:
=============
2015-04-21

Vulnerability Laboratory ID (VL-ID):
===============================

[ more ]  [ reply ]
Apple iOS 8.0 - 8.0.2 - Controls Re Auth Bypass Vulnerability 2015-04-22
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Apple iOS 8.0 - 8.0.2 - Controls Re Auth Bypass Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1322

Video: http://www.vulnerability-lab.com/get_content.php?id=1334

Release Date:
=============
2015-03-02

[ more ]  [ reply ]
Reflected XSS Vulnerability In Manage Engine Event Log Analyzer 2015-04-21
kkulkarni controlcase com
========================================================================

=======
Reflected XSS Vulnerability In Manage Engine Event Log Analyzer
========================================================================

=======

. contents:: Table Of Content

Overview
========

* Title : Reflected XSS

[ more ]  [ reply ]
Reflected XSS Vulnerability In Manage Engine Firewall Analyzer 2015-04-21
kkulkarni controlcase com
========================================================================

=======Reflected XSS Vulnerability In Manage Engine Firewall Analyzer
========================================================================

=======

. contents:: Table Of Content

Overview
========

* Title : Reflected XSS V

[ more ]  [ reply ]
Stored Cross Site Scripting Vulnerability in Add Link to Facebook WordPress Plugin 2015-04-21
kumarrohit2255 gmail com
Title: Stored XSS Vulnerability in Add Link to Facebook Wordpress Plugin

Author: Rohit Kumar

Plugin Homepage: http://wordpress.org/extend/plugins/add-link-to-facebook/

Severity: Medium

Version Affected: Version 1.215 and mostly prior to it.

Version Tested: Version 1.215

Version Patched : 1.215

[ more ]  [ reply ]
[SECURITY] [DSA 3231-1] subversion security update 2015-04-21
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3231-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
April 21, 2015

[ more ]  [ reply ]
AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5% 2015-04-21
Hector Marco-Gisbert (hecmargi upv es)
A security issue in Linux ASLR implementation which affects some AMD processors
has been found. The issue affects to all Linux process even if they are not
using shared libraries (statically compiled).

The problem appears because some mmapped objects (VDSO, libraries, etc.) are
poorly randomized

[ more ]  [ reply ]
Linux ASLR mmap weakness: Reducing entropy by half 2015-04-21
Hector Marco-Gisbert (hecmargi upv es)
A bug in Linux ASLR implementation has been found. The issue is that the mmap
base address for processes is not properly randomized on some architectures due
to an improper bit-mask manipulation. Affected systems have reduced the mmap
area entropy of the processes by half.

The number of possible

[ more ]  [ reply ]
[security bulletin] HPSBGN03305 rev.1 - HP Business Service Management (BSM) products running SSLv3, Remote Disclosure of Information 2015-04-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04626982

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04626982
Version: 1

HPSBGN03305 re

[ more ]  [ reply ]
(Page 8 of 1610)  < Prev  3 4 5 6 7 8 9 10 11 12 13  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus