BugTraq Mode:
(Page 3 of 1556)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
Cisco Security Advisory: Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability 2014-09-08
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability

Advisory ID: cisco-sa-20140908-ucse

Revision 1.0

For Public Release 2014 September 8 16:00 UTC (GMT)
+------------------

[ more ]  [ reply ]
IBM WebSphere Application Server (WAS) Integrated Solutions Console Login Page username Parameter Reflected XSS Security Vulnerability 2014-09-08
main gsmcnamara com
INFO:
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Aug 27 2014 12:00AM
Updated: Aug 27 2014 12:00AM
Credit: G. S. McNamara, CGI Federal Emerging Technologies Security Practice (ETSP)
Vulnerable: IBM WebSphere Application Server (WAS) Integrated Solutions Console 7.0.0.19

DIS

[ more ]  [ reply ]
[security bulletin] HPSBST03106 rev.1 - HP P2000 G3 MSA Array System running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-09-08
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04438404

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04438404
Version: 1

HPSBST03106 r

[ more ]  [ reply ]
CVE-2014-5392 XML eXternal Entity (XXE) in "JobScheduler" 2014-09-07
Christian Schneider (mail Christian-Schneider net)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2014-5392
===================
"XML eXternal Entity (XXE)" (CWE-611) vulnerability in "JobScheduler" product

Vendor
===================
Software- & Organisations-Service GmbH

Product
===================
"JobScheduler is a workload automation too

[ more ]  [ reply ]
CVE-2014-5393 Path Traversal to Sensitive Files in Webroot in "JobScheduler" 2014-09-07
Christian Schneider (mail Christian-Schneider net)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2014-5393
===================
"Path Traversal to Sensitive Files in Webroot" (CWE-219) vulnerability in "JobScheduler" product

Vendor
===================
Software- & Organisations-Service GmbH

Product
===================
"JobScheduler is a work

[ more ]  [ reply ]
CVE-2014-5391 DOM-based Cross-Site Scripting (XSS) in "JobScheduler" 2014-09-07
Christian Schneider (mail Christian-Schneider net)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2014-5391
===================
"DOM-based Cross-Site Scripting (XSS)" (CWE-79) vulnerability in "JobScheduler" product

Vendor
===================
Software- & Organisations-Service GmbH

Product
===================
"JobScheduler is a workload auto

[ more ]  [ reply ]
Defense in depth -- the Microsoft way (part 19): still no "perfect forward secrecy" per default in Windows 8/7/Vista/Server 2012/Server 2008 [R2] 2014-09-06
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

on April 8, 2014 Microsoft published an update for Windows 8.1 and
Windows Server 2012 R2 (see <http://support.microsoft.com/kb/2929781>)
which enables "perfect forward secrecy" per default by reordering of
the TLS cipher suites.

Unfortunately Microsoft has not published corresponding upd

[ more ]  [ reply ]
[security bulletin] HPSBUX03102 SSRT101681 rev.1 - HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Execution of Arbitrary Code and Denial of Service (DoS) and Other Vulnerabilities 2014-09-05
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04223376

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04223376
Version: 1

HPSBUX03102 SS

[ more ]  [ reply ]
[slackware-security] php (SSA:2014-247-01) 2014-09-04
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2014-247-01)

New php packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2014-247-03) 2014-09-04
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2014-247-03)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2014-247-02) 2014-09-04
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2014-247-02)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
[ MDVSA-2014:179 ] python-django 2014-09-05
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:179
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:178 ] ppp 2014-09-05
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:178
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:177 ] squid 2014-09-05
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:177
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:176 ] libgcrypt 2014-09-05
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:176
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
t2â??14 Challenge to be released 2014-09-13 10:00 EEST 2014-09-07
Tomi Tuominen (tomi tuominen t2 fi)
Running assets is always difficult, however this year has been excruciating for t2 infosec. We lost one of our most prized and well placed deep cover operatives in a foreign three letter agency. Shortly after the CFP, communications stopped and we have to assume her new assignment is a permanent pla

[ more ]  [ reply ]
apache tomcat cookie handling problem - characters out of 0x80 - 0xff causing internal server error 2014-09-05
Elar Lang (elarlang gmail com)
#####
* Title: Client-based DoS for Apache Tomcat on sending cookie with
value out of 0x80 - 0xff scope.
* Author: Elar Lang
@elarlang
https://www.linkedin.com/in/elarlang
* Date: 02. January 2014 / 05. September 2014

#####
* Vendor: Apache
* Product: Tomcat
* Affected versions (at least):

[ more ]  [ reply ]
[WorldCIST'15]: Call for Workshops Proposals; Best papers published in ISI Journals 2014-09-05
ML (marialemos72 gmail com)
------
WorldCIST'15 - 3rd World Conference on Information Systems and Technologies
Ponta Delgada, Azores *, Portugal
1 - 3 April 2015
http://www.aisti.eu/worldcist15/
------
* Azores is ranked as the second most beautiful archipelago in the world by National Geographic.
------------

WORKSHOP FORMA

[ more ]  [ reply ]
[ MDVSA-2014:175 ] glibc 2014-09-05
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:175
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 3019-1] procmail security update 2014-09-04
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3019-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
September 04, 2014

[ more ]  [ reply ]
Uninit memory disclosure via truncated images in Firefox 2014-09-04
Michal Zalewski (lcamtuf coredump cx)
Yello,

The recent release of Firefox 32 fixes another interesting image
parsing issue found by afl [1]: following a refactoring of memory
management code, the past few versions of the browser ended up using
uninitialized memory for certain types of truncated images, which is
easily measurable with

[ more ]  [ reply ]
[ MDVSA-2014:174 ] apache 2014-09-04
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:174
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Avolve Software ProjectDox Multiple Vulnerability Disclosure 2014-09-03
Romano, Christian (cromano caanes com)
---------------------------------------------------------------------

Product: ProjectDox
Vendor: Avolve Software
Vulnerable Version: 8.1
Tested Version: 8.1
Vendor Notification: May 30, 2014
Public Disclosure: September 3, 2014
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2

[ more ]  [ reply ]
[security bulletin] HPSBMU03083 rev.2 - HP BladeSystem c-Class Virtual Connect Firmware running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-09-03
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04392919

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04392919
Version: 2

HPSBMU03083 r

[ more ]  [ reply ]
Reflected Cross-Site Scripting (XSS) in MyWebSQL 2014-09-03
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23221
Product: MyWebSQL
Vendor: http://mywebsql.net/
Vulnerable Version(s): 3.4 and probably prior
Tested Version: 3.4
Advisory Publication: June 25, 2014 [without technical details]
Vendor Notification: June 25, 2014
Public Disclosure: September 3, 2014
Vulnerability Type: Cross

[ more ]  [ reply ]
Reflected Cross-Site Scripting (XSS) in BlackCat CMS 2014-09-03
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23228
Product: BlackCat CMS
Vendor: Black Cat Development
Vulnerable Version(s): 1.0.3 and probably prior
Tested Version: 1.0.3
Advisory Publication: August 13, 2014 [without technical details]
Vendor Notification: August 13, 2014
Vendor Patch: August 13, 2014
Public Disclosure:

[ more ]  [ reply ]
[SECURITY] [DSA 3018-1] iceweasel security update 2014-09-03
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3018-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
September 03, 2014

[ more ]  [ reply ]
[ MDVSA-2014:172 ] php 2014-09-03
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:172
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:173 ] busybox 2014-09-03
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:173
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Re: ntopng 1.2.0 XSS injection using monitored network traffic 2014-09-03
Steffen Bauch (mail steffenbauch de)
On 23.08.2014 03:05, Steffen Bauch wrote:
> ntopng 1.2.0 XSS injection using monitored network traffic
>
> ntopng is the next generation version of the original ntop, a network
> traffic probe and monitor that shows the network usage, similar to what
> the popular top Unix command does.
>
> The web-

[ more ]  [ reply ]
(Page 3 of 1556)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus