BugTraq Mode:
(Page 1 of 1703)  1 2 3 4 5 6 7 8 9 10 11  Next >
[SECURITY] [DSA 3765-1] icoutils security update 2017-01-14
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3765-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
January 14, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3743-2] python-bottle regression update 2017-01-15
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3743-2 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
January 15, 2017

[ more ]  [ reply ]
[security bulletin] HPSBGN03689 rev.1 - HPE Diagnostics, Remote Cross-Site Scripting and Click Jacking 2017-01-13
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053701
00

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05370100

Version: 1

HPSBGN03689 rev.1

[ more ]  [ reply ]
[security bulletin] HPSBST03671 rev.2 - HPE StoreEver MSL6480 Tape Library Management Interface, Multiple Remote Vulnerabilities 2017-01-13
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053332
97

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05333297

Version: 2

HPSBST03671 rev.2

[ more ]  [ reply ]
[SECURITY] [DSA 3764-1] pdns security update 2017-01-13
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3764-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
January 13, 2017

[ more ]  [ reply ]
[security bulletin] HPSBGN03694 rev.1 - HPE SiteScope, Remote Disclosure of Information 2017-01-12
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053694
03

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05369403

Version: 1

HPSBGN03694 rev.1

[ more ]  [ reply ]
ICMPv6 PTBs and IPv6 frag filtering (particularly at BGP peers) 2017-01-12
Fernando Gont (fgont si6networks com)
Folks,

I'm curious about whether folks are filtering ICMPv6 PTB<1280
and/or IPv6 fragments targeted to BGP routers (off-list datapoints are
welcome).

In any case, you mind find it worth reading to check if you're affected
(from Section 2 of recently-published RFC8021):

---- cut here ----
The s

[ more ]  [ reply ]
[SECURITY] [DSA 3760-1] ikiwiki security update 2017-01-12
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3760-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
January 12, 2017

[ more ]  [ reply ]
CVE-2017-5350: Unexpected SystemUI FC driven by arbitrary application 2017-01-12
unlimitsec gmail com
Description of the potential vulnerability:Lack of appropriate exception handling in some applications allows attackers to make a systemUI crash easily resulting in a possible DoS attack
Affected versions: L(5.0/5.1), M(6.0), and N(7.0)
Disclosure status: Privately disclosed.
The patch prevents sys

[ more ]  [ reply ]
[slackware-security] bind (SSA:2017-011-01) 2017-01-12
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] bind (SSA:2017-011-01)

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------

[ more ]  [ reply ]
[slackware-security] gnutls (SSA:2017-011-02) 2017-01-12
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] gnutls (SSA:2017-011-02)

New gnutls packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packag

[ more ]  [ reply ]
CA20170109-01: Security Notice for CA Service Desk Manager 2017-01-12
Kotas, Kevin J (Kevin Kotas ca com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

CA20170109-01: Security Notice for CA Service Desk Manager

Issued: January 10, 2017
Last Updated: January 10, 2017

CA Technologies support is alerting customers to a potential risk
with CA Service Desk Manager. A vulnerability exists in RESTful
web

[ more ]  [ reply ]
[SECURITY] [DSA 3758-1] bind9 security update 2017-01-11
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3758-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Florian Weimer
January 11, 2017

[ more ]  [ reply ]
Multiple Vulnerabilities in cPanel 2017-01-11
Open Security (open opensecurity ca)
===[ Introduction ]===

cPanel offers web hosting software that automates the intricate workings
of web hosting servers.
cPanel equips server administrators with the necessary tools to provide
top-notch hosting to customers on tens of thousands of servers worldwide.

===[ Description ]===

I) Cross

[ more ]  [ reply ]
IKEv1 cipher suite configuration mismatch in Siemens SIMATIC CP 343-1 Advanced 2017-01-11
Andrea Barisani (andrea inversepath com)

The following issue has been reported to Siemens ProductCERT in relation to
Siemens Security Advisory SSA-603476, published on 2016-11-21.

The issue has been treated with lower priority and treated outside the scope
of SSA-603476 due to its lower security impact.

As the finding is now addressed [

[ more ]  [ reply ]
[SECURITY] [DSA 3757-1] icedove security update 2017-01-11
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3757-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
January 11, 2017

[ more ]  [ reply ]
Re: [oss-security] Docker 1.12.6 - Security Advisory 2017-01-11
Andreas Stieger (astieger suse com)

On 01/11/2017 03:29 AM, Kurt Seifried wrote:
> On Tue, Jan 10, 2017 at 6:58 PM, Nathan McCauley <nathan.mccauley (at) docker (dot) com [email concealed]
>> [CVE-2016-9962] Insecure opening of file-descriptor allows privilege
>> escalation
>>
>> [...]
>> Credit for this discovery goes to Aleksa Sarai from SUSE and Tõnis Tiigi

[ more ]  [ reply ]
Cobi Tools v1.0.8 iOS - Persistent Web Vulnerability 2017-01-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Cobi Tools v1.0.8 iOS - Persistent Web Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2028

Release Date:
=============
2017-01-10

Vulnerability Laboratory ID (VL-ID):
=================================

[ more ]  [ reply ]
Bit Defender #39 - Auth Token Bypass Vulnerability 2017-01-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Bit Defender #39 - Auth Token Bypass Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1683

Release Date:
=============
2017-01-09

Vulnerability Laboratory ID (VL-ID):
====================================

[ more ]  [ reply ]
BlackBoard LMS 9.1 SP14 - (Title) Persistent Vulnerability 2017-01-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
BlackBoard LMS 9.1 SP14 - (Title) Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1901

Release Date:
=============
2017-01-10

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
Blackboard LMS 9.1 SP14 - (Profile) Persistent Vulnerability 2017-01-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Blackboard LMS 9.1 SP14 - (Profile) Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1900

Release Date:
=============
2017-01-09

Vulnerability Laboratory ID (VL-ID):
=========================

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-17:01.openssh 2017-01-11
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-17:01.openssh Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability 2017-01-10
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability

EMC Identifier: ESA-2016-096

CVE Identifier: CVE-2016-0917

Severity Rating: CVSS v3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affec

[ more ]  [ reply ]
Directadmin ControlPanel 1.50.1 denial of service Vulnerability 2017-01-10
iedb team gmail com
DirectAdmin Control Panel version 1.50.1 suffers from a denial of service vulnerability.

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@
# @@@

[ more ]  [ reply ]
ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability 2017-01-10
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability

EMC Identifier: ESA-2016-096

CVE Identifier: CVE-2016-0917

Severity Rating: CVSS v3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affec

[ more ]  [ reply ]
ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability 2017-01-10
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability

EMC Identifier: ESA-2016-096

CVE Identifier: CVE-2016-0917

Severity Rating: CVSS v3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affec

[ more ]  [ reply ]
Directadmin ControlPanel 1.50.1 Cross-Site-Scripting Vulnerability 2017-01-10
iedb team gmail com
DirectAdmin Control Panel version 1.50.1 suffers from a cross site scripting vulnerability.

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@
# @@

[ more ]  [ reply ]
QuickBooks 2017 Admin Credentials Disclosure 2017-01-06
info thegrideon com
+ Credits: Maxim Tomashevich
+ Website: https://www.thegrideon.com/quickbooks-forensics.html
+ Details: https://www.thegrideon.com/qb-internals-2017.html

Vendor:
---------------------
www.intuit.com
www.intuit.ca

Product:
---------------------
QuickBooks Desktop
versions: 2017

Vulnerability Ty

[ more ]  [ reply ]
[SECURITY] [DSA 3753-1] libvncserver security update 2017-01-05
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3753-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
January 05, 2017

[ more ]  [ reply ]
[SECURITY][UPDATE] CVE-2016-8745 Apache Tomcat Information Disclosure 2017-01-05
Mark Thomas (markt apache org)
CVE-2016-8745 Apache Tomcat Information Disclosure

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
Apache Tomcat 9.0.0.M1 to 9.0.0.M13
Apache Tomcat 8.5.0 to 8.5.8
Apache Tomcat 8.0.0.RC1 to 8.0.39 (new)
Apache Tomcat 7.0.0 to 7.0.73 (new)
Apache Tomcat 6.0.16 to 6.0

[ more ]  [ reply ]
(Page 1 of 1703)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus