BugTraq Mode:
(Page 4 of 1528)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
Phrack Security Advisory 2014-001 - Paper leak on release timeout 2014-04-04
Phrack Staff (staff phrack org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Phrack Security Advisory 2014-001
=================================

Topic: Paper leak on release timeout

Version: Phrack-current: affected from 2014-04-04 onwards
Phrack 1985-2

[ more ]  [ reply ]
[security bulletin] HPSBGN02986 rev.1 - HP IceWall Identity Manager and HP IceWall SSO Password Reset Option Running Apache Commons FileUpload, Remote Denial of Service (DoS) 2014-04-04
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04214298

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04214298
Version: 1

HPSBGN02986 re

[ more ]  [ reply ]
CA20140403-01: Security Notice for CA Erwin Web Portal 2014-04-03
Kotas, Kevin J (Kevin Kotas ca com)
-----BEGIN PGP SIGNED MESSAGE-----

CA20140403-01: Security Notice for CA Erwin Web Portal

Issued: April 03, 2014

CA Technologies Support is alerting customers to multiple
vulnerabilities with CA Erwin Web Portal.

The vulnerabilities, CVE-2014-2210, occur due to insufficient path
verification. A

[ more ]  [ reply ]
ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities 2014-04-03
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities

EMC Identifier: ESA-2013-039

CVE Identifier: CVE-2011-3389, CVE-2013-0169

Severity Rating: CVSS v2 Base Score: Refer NVD (http://nvd.nist.gov/) for individual scores for each

[ more ]  [ reply ]
ESA-2012-029: RSA BSAFE® SSL-C Multiple Vulnerabilities 2014-04-03
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2012-029: RSA BSAFE® SSL-C Multiple Vulnerabilities

EMC Identifier: ESA-2012-029

CVE Identifier: CVE-2011-3389, CVE-2012-2110, CVE-2012-2131

Severity Rating: See below for scores for individual issues

Affected Products:

For the BEA

[ more ]  [ reply ]
[security bulletin] HPSBHF02981 rev.1 - HP Integrated Lights-Out 2, 3, and 4 (iLO2, iLO3, iLO4), IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP) 2014-04-03
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04197764

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04197764
Version: 1

HPSBHF02981 r

[ more ]  [ reply ]
[softScheck] Denial of Service in Microsoft Office 2007-2013 2014-04-03
Lubomir Stroetmann (lubomir stroetmann softscheck com)
================================================
Denial of Service in Microsoft Outlook 2007-2013

Vulnerability Type: Denial of Service
CVE: -
Impact: Low
CVSSv2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Status: Unpatched
Credits: Lubomir Stroetmann, softScheck GmbH
http://www.softscheck.com
==

[ more ]  [ reply ]
Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability 2014-04-03
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1249

Release Date:
=============
2014-04-01

Vulnerability Laboratory ID (VL-ID):
==========================

[ more ]  [ reply ]
0A29-14-1 : NCCGroup EasyDA privilege escalation & credential disclosure vulnerability [0day] 2014-04-02
0a29 40 (0a2940 gmail com)
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.
~.~.
_______ ________ ________ _____ _______
\ _ \ _____ \_____ \/ __ \/ | | \ _ / /_\ \\__ \ / ____/\____ / | |_/ /_\ \ \_/ \/ __ \_/ \ / / ^ /\ \_/ \_____

[ more ]  [ reply ]
[MATTA-2013-004] CVE-2014-1409; MobileIron authentication bypass vulnerability 2014-04-02
Florent Daigniere (florent daigniere trustmatta com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Matta Consulting - Matta Advisory
https://www.trustmatta.com

MobileIron Multiple Products
Authentication Bypass Vulnerability

Advisory ID: MATTA-2013-004
CVE reference: CVE-2014-1409, CVE-2013-7286
Affected platforms: VSP and

[ more ]  [ reply ]
Сross-Site Request Forgery (CSRF) in XCloner Wordpress Plugin 2014-04-02
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23206
Product: XCloner Wordpress plugin
Vendor: XCloner
Vulnerable Version(s): 3.1.0 and probably prior
Tested Version: 3.1.0
Advisory Publication: March 12, 2014 [without technical details]
Vendor Notification: March 12, 2014
Vendor Patch: March 13, 2014
Public Disclosure: April

[ more ]  [ reply ]
SEC Consult SA-20140402-0 :: Multiple vulnerabilities in Rhythm File Manager 2014-04-02
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20140402-0 >
=======================================================================
title: Multiple vulnerabilities
product: Rhythm Software File Manager
Rhythm Software File Manager HD
vulnerable vers

[ more ]  [ reply ]
iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities 2014-04-02
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1240

Release Date:
=============
2014-03-31

Vulnerability Laboratory ID (VL-ID):
=========================

[ more ]  [ reply ]
APPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3 2014-04-01
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3

Safari 6.1.3 and Safari 7.0.3 are now available and address the
following:

WebKit
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2
Impac

[ more ]  [ reply ]
[IMF 2014] Call for Participation 2014-04-01
Oliver Goebel (goebel cert uni-stuttgart de)
Dear all,

please find enclosed the call for participation for IMF 2014.

See the program at:
http://www.imf-conference.org/imf2014/program.html

The conference will take place from Monday, May 12th through Wednesday,
May 14th in Münster, Germany.

Registration details:
http://www.imf-conference.org

[ more ]  [ reply ]
ESA-2014-020: RSA Adaptive Authentication (On-Premise) Multiple Vulnerabilities 2014-04-01
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-020: RSA Adaptive Authentication (On-Premise) Multiple Vulnerabilities

EMC Identifier: ESA-2014-020

CVE Identifier: CVE-2014-0637, CVE-2014-0638

Severity Rating: CVSS v2 Base Score: See below for individual scores

Affected Produ

[ more ]  [ reply ]
Access anyone's Facebook "profile picture" in full resolution regardless of the ACL restriction 2014-04-01
Bipin Gautam (bipin gautam gmail com)
Hi List,

I felt like writing / pointing this minor issue, as it as its "Facebook" ...

This issue is due to the way facebook pictures are stored in CDN
without authentication mechanism, during accessing it. (which would be
way technically complicated to implement it)

Also, it is a Facebook feature

[ more ]  [ reply ]
[SE-2013-01] Security vulnerabilities in Oracle Java Cloud Service (details) 2014-04-01
Security Explorations (contact security-explorations com) (1 replies)

Hello All,

Security Explorations decided to release technical details and
accompanying Proof of Concept codes for security vulnerabilities
discovered in the environment of Oracle [1] Java Cloud Service
[2]. All relevant materials can be found at the following location:

http://www.security-explora

[ more ]  [ reply ]
Re: [SE-2013-01] Security vulnerabilities in Oracle Java Cloud Service (details) 2014-04-01
Security Explorations (contact security-explorations com)
Regarding attacks and exploits of the physical body 2014-04-01
stephen tha net
This post is to help people ascertain the available information regarding IT based attacks into a persons physical body, such as tech to reading thoughts and the technology that is already available and in the wild.

NASA Develops System To Computerize Silent, 'Subvocal Speech'
http://www.sciencedai

[ more ]  [ reply ]
[SECURITY] [DSA 2893-1] openswan security update 2014-03-31
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2893-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Yves-Alexis Perez
March 31, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2892-1] a2ps security update 2014-03-31
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2892-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
March 31, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2891-2] mediawiki regression update 2014-03-31
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2891-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Thijs Kinkhorst
March 31, 2014

[ more ]  [ reply ]
PhonerLite 2.14 SIP Soft Phone - SIP Digest Leak Information Disclosure (CVE-2014-2560) 2014-03-31
Jason Ostrom (jostrom storasec net)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I. Advisory Summary

Title: SIP Digest Leak Information Disclosure in PhonerLite 2.14 SIP Soft
Phone
Date Published: March 30, 2014
Vendors contacted: Heiko Sommerfeldt, PhonerLite author
Discovered by: Jason Ostrom
Severity: Medium

II. Vulner

[ more ]  [ reply ]
Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities 2014-03-31
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1235

Release Date:
=============
2014-03-28

Vulnerability Laboratory ID (VL-ID):
============================

[ more ]  [ reply ]
PhotoWIFI Lite v1.0 iOS - Multiple Web Vulnerabilities 2014-03-31
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PhotoWIFI Lite v1.0 iOS - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1239

Release Date:
=============
2014-03-27

Vulnerability Laboratory ID (VL-ID):
================================

[ more ]  [ reply ]
[SECURITY] [DSA 2891-1] mediawiki security update 2014-03-30
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2891-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Thijs Kinkhorst
March 30, 2014

[ more ]  [ reply ]
[slackware-security] httpd (SSA:2014-086-02) 2014-03-28
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] httpd (SSA:2014-086-02)

New httpd packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/httpd

[ more ]  [ reply ]
[slackware-security] seamonkey (SSA:2014-086-07) 2014-03-28
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] seamonkey (SSA:2014-086-07)

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packag

[ more ]  [ reply ]
[slackware-security] curl (SSA:2014-086-01) 2014-03-28
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] curl (SSA:2014-086-01)

New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patch

[ more ]  [ reply ]
(Page 4 of 1528)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus