BugTraq Mode:
(Page 9 of 1565)  < Prev  4 5 6 7 8 9 10 11 12 13 14  Next >
Cisco Security Advisory: Cisco IOS Software Metadata Vulnerabilities 2014-09-24
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco IOS Software Metadata Vulnerabilities

Advisory ID: cisco-sa-20140924-metadata

Revision 1.0

For Public Release 2014 September 24 16:00 UTC (GMT)

Summary
+======

Two vulnerabilities in the metadata flow feature of Cisco IOS Software could allo

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS Software RSVP Vulnerability 2014-09-24
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco IOS Software RSVP Vulnerability

Advisory ID: cisco-sa-20140924-rsvp

Revision 1.0

For Public Release 2014 September 24 16:00 UTC (GMT)

Summary
+======

A vulnerability in the implementation of the Resource Reservation Protocol (RSVP) in Cisco

[ more ]  [ reply ]
[ MDVSA-2014:184 ] net-snmp 2014-09-24
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:184
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:183 ] phpmyadmin 2014-09-24
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:183
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:182 ] zarafa 2014-09-24
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:182
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:181 ] dump 2014-09-24
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:181
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:185 ] libgadu 2014-09-24
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:185
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:183 ] phpmyadmin 2014-09-24
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:183
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 3032-1] bash security update 2014-09-24
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3032-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Florian Weimer
September 24, 2014

[ more ]  [ reply ]
Two SQL Injections in All In One WP Security WordPress plugin 2014-09-24
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23231
Product: All In One WP Security WordPress plugin
Vendor: Tips and Tricks HQ, Peter, Ruhul, Ivy
Vulnerable Version(s): 3.8.2 and probably prior
Tested Version: 3.8.2
Advisory Publication: September 3, 2014 [without technical details]
Vendor Notification: September 3, 2014
Ve

[ more ]  [ reply ]
[SECURITY] [DSA 3031-1] apt security update 2014-09-23
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3031-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
September 23, 2014

[ more ]  [ reply ]
CVE-2014-6603 suricata 2.0.3 Out-of-bounds access in SSH parser 2014-09-23
Steffen Bauch (mail steffenbauch de)
CVE-2014-6603 suricata 2.0.3 Out-of-bounds access in SSH application parser

1. Background

Suricata is a high performance Network IDS, IPS and Network Security
Monitoring engine developed by the Open Information Security Foundation
(OISF).

2. Summary Information

It was found out that the applic

[ more ]  [ reply ]
[KIS-2014-10] X2Engine <= 4.1.7 (FileUploadsFilter.php) Unrestricted File Upload Vulnerability 2014-09-23
Egidio Romano (research karmainsecurity com)
------------------------------------------------------------------------
--------
X2Engine <= 4.1.7 (FileUploadsFilter.php) Unrestricted File Upload Vulnerability
------------------------------------------------------------------------
--------

[-] Software Link:

http://www.x2engine.com/

[-] Affe

[ more ]  [ reply ]
[KIS-2014-09] X2Engine <= 4.1.7 (SiteController.php) PHP Object Injection Vulnerability 2014-09-23
Egidio Romano (research karmainsecurity com)
------------------------------------------------------------------------
-
X2Engine <= 4.1.7 (SiteController.php) PHP Object Injection Vulnerability
------------------------------------------------------------------------
-

[-] Software Link:

http://www.x2engine.com/

[-] Affected Versions:

All v

[ more ]  [ reply ]
Glype proxy local address filter bypass 2014-09-22
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Glype proxy local address filter bypass
------------------------------------------------------------------------

Securify, September 2014

------------------------------------------------------------------------

Abstract
------

[ more ]  [ reply ]
[security bulletin] HPSBPI03107 rev.1 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access 2014-09-22
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04451722

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04451722
Version: 1

HPSBPI03107 re

[ more ]  [ reply ]
Glype proxy privacy settings can be disabled via CSRF 2014-09-22
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Glype proxy privacy settings can be disabled via CSRF
------------------------------------------------------------------------

Securify, September 2014

------------------------------------------------------------------------

A

[ more ]  [ reply ]
Glype proxy cookie jar path traversal allows code execution 2014-09-22
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Glype proxy cookie jar path traversal allows code execution
------------------------------------------------------------------------

Securify, September 2014

--------------------------------------------------------------------

[ more ]  [ reply ]
[ MDVSA-2014:180 ] gnupg 2014-09-22
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:180
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Re: TP-LINK WDR4300 - Stored XSS & DoS 2014-09-22
ozelisyan gmail com
**2014-09-16:
Vendor released a fix.

http://www.tp-link.com/resources/software/TL-WDR4300_v1_140916.zip

[ more ]  [ reply ]
TP-LINK WDR4300 - Stored XSS & DoS 2014-09-21
ozelisyan gmail com (1 replies)
Advisory Information
===============

Vendors Contacted: TP-LINK
Vendor Patched: Yes, Firmware 140916
System Affected: N750 Wireless Dual Band Gigabit Router (TL-WDR4300), might affect others.
Versions Affected: 130617 , possibly earlier
CVE Numbers Assigned: CVE-2014-4727, CVE-2014-4728

Vulnerab

[ more ]  [ reply ]
Re: TP-LINK WDR4300 - Stored XSS & DoS 2014-09-22
Simon Waters (simon waters surevine com)
Strength and Weakness of Methods to Confirm SSH Host Key 2014-09-22
John Leo (johnleo checkssh com)
Monkeysphere
(advice from maxigas)
"verify your SSH key through the OpenPGP web of trust"
Strength: OpenPGP is cool if you REALLY know how to use it.
Weakness: "vote counting scheme" does not sound too cool.

"use of an organization's own HTTPS site"
(advice from Stephanie Daugherty)
In my personal

[ more ]  [ reply ]
[SECURITY] [DSA 3030-1] mantis security update 2014-09-20
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3030-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
September 20, 2014

[ more ]  [ reply ]
CVE-2014-5516 CSRF protection bypass in "KonaKart" Java eCommerce product 2014-09-20
Christian Schneider (mail Christian-Schneider net)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2014-5516
===================
"Cross-Site Request Forgery (CSRF) protection bypass" (CWE-352) vulnerability
in "KonaKart Storefront Application" Enterprise Java eCommerce product

Vendor
===================
DS Data Systems (UK) Ltd.

Product
===

[ more ]  [ reply ]
[SECURITY] [DSA 3029-1] nginx security update 2014-09-20
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3029-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
September 20, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 3025-2] apt regression update 2014-09-18
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3025-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
September 18, 2014

[ more ]  [ reply ]
AST-2014-010: Remote crash when handling out of call message in certain dialplan configurations 2014-09-18
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-010

Product Asterisk
Summary Remote crash when handling out of call message in
certain dialplan configurations

[ more ]  [ reply ]
AST-2014-009: Remote crash based on malformed SIP subscription requests 2014-09-18
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-009

Product Asterisk
Summary Remote crash based on malformed SIP subscription
requests

[ more ]  [ reply ]
(Page 9 of 1565)  < Prev  4 5 6 7 8 9 10 11 12 13 14  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus