|
|
Colapse all |
Post message
[slackware-security] httpd (SSA:2013-062-01) 2013-03-03 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] httpd (SSA:2013-062-01) New httpd packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +------------------------- [ more ] [ reply ] [SECURITY] [DSA 2635-1] cfingerd security update 2013-03-01 Salvatore Bonaccorso (carnil debian org) ESA-2013-012: RSA® Authentication Agent 7.1.1 for Microsoft Windows® Access Control Vulnerability 2013-02-28 Security Alert (Security_Alert emc com) Fileutils ruby gem possible remote command execution and insecure file handling in /tmp 2013-02-28 larry0 me com Fileutils ruby gem possible remote command execution and insecure file handling in /tmp 2/23/2013 Hi list, I was looking at some gem files and noticed a few issues with fileutils-0.7 http://rubygems.org/gems/fileutils "A set of utility classes to extract meta data from different file types". Han [ more ] [ reply ] PHEARCON Call For Papers 2013-02-28 AA (anarchy ang31 gmail com) ::[ About ]:: www.phearcon.org PHEARCON is a hacking conference based in Milwaukee Wisconsin with the goal of bringing hackers together under one roof to learn, hack, and party! ::[ When / Where ]:: October 12th @ 10am [-]location[-] Bucketworks 706 S 5th St. Milwaukee, WI. 53204 ::[ Format ]:: On [ more ] [ reply ] Stored Cross-site Scripting ('XSS') in Airvana HubBub C1-600-RT Femtocell 2013-02-27 scott behrens neohapsis com Advisory ID: NEOCAN-2013-002 Advisory Title: Stored XSS ('cross-site scripting') in Airvana HubBub C1-600-RT router Author: Scott Behrens / Scott.Behrens (at) Neohapsis (dot) com [email concealed] Release Date: 02/27/2013 Vendor: Airvana Application: Airrave 2.5 router administration page Platform: [ more ] [ reply ] Cross-Site Scripting (XSS) in Geeklog 2013-02-27 advisory htbridge com Advisory ID: HTB23143 Product: Geeklog Vendor: http://www.geeklog.net Vulnerable Version(s): 1.8.2 and probably prior Tested Version: 1.8.2 Vendor Notification: February 6, 2013 Vendor Patch: February 20, 2013 Public Disclosure: February 27, 2013 Vulnerability Type: Cross-Site Scripting [CWE-79] [ more ] [ reply ] Multiple Vulnerabilities in Piwigo 2013-02-27 advisory htbridge com Advisory ID: HTB23144 Product: Piwigo Vendor: Piwigo project Vulnerable Version(s): 2.4.6 and probably prior Tested Version: 2.4.6 Vendor Notification: February 6, 2013 Vendor Patch: February 19, 2013 Public Disclosure: February 27, 2013 Vulnerability Type: Cross-Site Request Forgery [CWE-352], P [ more ] [ reply ] [KIS-2013-03] Joomla! <= 3.0.2 (highlight.php) PHP Object Injection Vulnerability 2013-02-27 Egidio Romano (research karmainsecurity com) ------------------------------------------------------------------- Joomla! <= 3.0.2 (highlight.php) PHP Object Injection Vulnerability ------------------------------------------------------------------- [-] Software Link: http://www.joomla.org/ [-] Affected Versions: Version 3.0.2 and earlier [ more ] [ reply ] Unauthenticated remote access to D-Link DIR-645 devices 2013-02-27 roberto greyhats it Unauthenticated remote access to D-Link DIR-645 devices ======================================================= [ADVISORY INFORMATION] Title: Unauthenticated remote access to D-Link DIR-645 devices Discovery date: 20/02/2013 Release date: 27/02/2013 Credits: Roberto Paleari (roberto@greyh [ more ] [ reply ] [waraxe-2013-SA#097] - Multiple Vulnerabilities in PHP-Fusion 7.02.05 2013-02-27 come2waraxe yahoo com [waraxe-2013-SA#097] - Multiple Vulnerabilities in PHP-Fusion 7.02.05 ======================================================================== ======= Author: Janek Vind "waraxe" Date: 27. February 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-97.html Description of vulnerable s [ more ] [ reply ] Cisco Security Advisory: Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities 2013-02-27 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities Advisory ID: cisco-sa-20130227-cucm Revision 1.0 For Public Release 2013 February 27 16:00 UTC (GMT) +--------------------------------------- [ more ] [ reply ] Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Excessive CPU Utilization Vulnerability 2013-02-27 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Excessive CPU Utilization Vulnerability Advisory ID: cisco-sa-20130227-hcs Revision 1.0 For Public Release 2013 February 27 16:00 UTC (GMT) +---------------- [ more ] [ reply ] Cisco Security Advisory: Cisco Unified Presence Server Denial of Service Vulnerability 2013-02-27 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Unified Presence Server Denial of Service Vulnerability Advisory ID: cisco-sa-20130227-cups Revision 1.0 For Public Release 2013 February 27 16:00 UTC (GMT) +--------------------------------------------------------- [ more ] [ reply ] [SECURITY] [DSA 2633-1] fusionforge security update 2013-02-26 Yves-Alexis Perez (corsac debian org) Denial of Service vulnerability in War FTP Daemon 1.82 2013-02-26 Jarle Aase (jgaa jgaa com) Late last week, security researchers at jura.ba reported a Denial of Service vulnerability in War FTP Daemon 1.82. The problem was rooted in the way log messages was relayed from the internal log handler to the Windows Event log when the sever was running as a Windows service. Theoretically, it [ more ] [ reply ] [slackware-security] seamonkey (SSA:2013-056-01) 2013-02-25 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] seamonkey (SSA:2013-056-01) New seamonkey packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+ patches/packa [ more ] [ reply ] CONFidence 2013 - Call for Papers - 28-29.05.2013 Krakow, Poland 2013-02-25 Andrzej Targosz (andrzej targosz proidea org pl) Calling all practitioners in the field of IT security! The 11th edition of the international IT security conference, CONFidence 2013, is taking place in May 28/29, 2013 (as usual it will be close to BerlinSides and PXE so if you plan to be around Krakow or Berlin you have to try be a part of all [ more ] [ reply ] Fwd: [SECURITY] CVE-2013-0253 Apache Maven 3.0.4 2013-02-24 Olivier Lamy (olamy apache org) CVE-2013-0253 Apache Maven Severity: Medium Vendor: The Apache Software Foundation Versions Affected: - Apache Maven 3.0.4 - Apache Maven Wagon 2.1, 2.2, 2.3 Description: Apache Maven 3.0.4 (with Apache Maven Wagon 2.1) has introduced a non-secure SSL mode by default. This mode disables all SSL [ more ] [ reply ] Kayako Fusion v4.51.1891 - Multiple Web Vulnerabilities 2013-02-23 Vulnerability Lab (research vulnerability-lab com) Title: ====== Kayako Fusion v4.51.1891 - Multiple Web Vulnerabilities Date: ===== 2013-01-22 References: =========== http://www.vulnerability-lab.com/get_content.php?id=824 ID: SWIFT-3119 URL: http://dev.kayako.com/browse/SWIFT-3119 VL-ID: ===== 824 Common Vulnerability Scoring System: == [ more ] [ reply ] [Onapsis Security Advisory 2013-005] SAP CCMS Agent Code Injection 2013-02-22 Onapsis Research Labs (research onapsis com) Onapsis Security Advisory 2013-005: SAP CCMS Agent Code Injection This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand information on upcoming advisories, presentations and new r [ more ] [ reply ] [Onapsis Security Advisory 2013-006] SAP SMD Agent Code Injection 2013-02-22 Onapsis Research Labs (research onapsis com) Onapsis Security Advisory 2013-006: SAP SMD Agent Code Injection This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand information on upcoming advisories, presentations and new re [ more ] [ reply ] [Onapsis Security Advisory 2013-004] SAP J2EE Core Service Arbitrary File Access 2013-02-22 Onapsis Research Labs (research onapsis com) Onapsis Security Advisory 2013-004: SAP J2EE Core Service Arbitrary File Access This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand information on upcoming advisories, presentat [ more ] [ reply ] |
|
Privacy Statement |
2/28/2013
https://github.com/wconrad/ftpd
http://rubygems.org/gems/ftpd
"ftpd is a pure Ruby FTP server library. It supports implicit and explicit TLS, passive and active mode, and most of the commands specified in RFC 969. It an be used as part of
[ more ] [ reply ]