BugTraq Mode:
(Page 1 of 1552)  1 2 3 4 5 6 7 8 9 10 11  Next >
Last CFP: ICETC2014 - IEEE - Poland (Deadline: Aug. 30) 2014-08-27
jackie sdiwc info
ICETC2014: International Conference on Education Technologies and
Computers

Technically co-sponsored by IEEE Poland Section
Lodz University of Technology, Lodz, Poland
September 22-24, 2014
http://goo.gl/axpR5f

The International Conference on Education Technologies and Computers
(ICETC2014) will

[ more ]  [ reply ]
[SECURITY] [DSA 3012-1] eglibc security update 2014-08-27
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3012-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Florian Weimer
August 27, 2014

[ more ]  [ reply ]
SaaS Marketing platform Hubspot export vulnerability 2014-08-27
ehoward novacoast com
Hubspot is a widely used SaaS marketing platform to email all your customers, collect data about them and attract new customers. It's is common practice to keep customer lists in Hubspot to send newsletters or other email communication. Hubspot has hardcoded roles that grant users access to various

[ more ]  [ reply ]
Fwd: RFC 7359 on Layer 3 Virtual Private Network (VPN) Tunnel Traffic Leakages in Dual-Stack Hosts/Networks 2014-08-27
Fernando Gont (fgont si6networks com)
Folks,

FYI: <https://www.rfc-editor.org/rfc/rfc7359.txt>

Best regards,
Fernando Gont

-------- Forwarded Message --------
Subject: RFC 7359 on Layer 3 Virtual Private Network (VPN) Tunnel
Traffic Leakages in Dual-Stack Hosts/Networks
Date: Tue, 26 Aug 2014 18:23:00 -0700 (PDT)
From: rfc-editor@

[ more ]  [ reply ]
Mathematica10.0.0 on Linux /tmp/MathLink vulnerability 2014-08-27
paul szabo sydney edu au
The problem reported for Mathematica is present still at version 10.0.0
for the GUI interface (the command-line interface may be "safe").

Cheers,

Paul Szabo psz (at) maths.usyd.edu (dot) au [email concealed] http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia

---

[ more ]  [ reply ]
Encore Discovery Solution Multiple Vulnerability Disclosure 2014-08-27
Romano, Christian (cromano caanes com)
Product: Encore Discovery Solution
Vendor: Innovative Interfaces Inc
Vulnerable Version: 4.3
Tested Version: 4.3
Vendor Notification: June 19, 2014
Public Disclosure: August 26, 2014
Vulnerability Type: Open Redirect [CWE-601]
CVE Reference: CVE-2014-5127
Risk Level: Medium
CVSSv2 Base Score: 4.3 (A

[ more ]  [ reply ]
ESA-2014-081 RSA® Identity Management and Governance Authentication Bypass Vulnerability 2014-08-26
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-081 RSA® Identity Management and Governance Authentication Bypass Vulnerability

EMC Identifier: ESA-2014-081

CVE Identifier: CVE-2014-4619

Severity Rating: CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

Affected products:

[ more ]  [ reply ]
LSE Leading Security Experts GmbH - LSE-2014-07-13 - Granding Grand MA 300 - Weak Pin Verification 2014-08-26
advisories (advisories lsexperts de)
=== LSE Leading Security Experts GmbH - Security Advisory 2014-07-13 ===

Grand MA 300 Fingerprint Reader - Weak Pin Verification
------------------------------------------------------------------------

Affected Versions
=================
Grand MA 300/ID with firmware 6.60

Issue Overview
========

[ more ]  [ reply ]
ntopng 1.2.0 XSS injection using monitored network traffic 2014-08-25
Steffen Bauch (mail steffenbauch de)
ntopng 1.2.0 XSS injection using monitored network traffic

ntopng is the next generation version of the original ntop, a network
traffic probe and monitor that shows the network usage, similar to what
the popular top Unix command does.

The web-based frontend of the software is vulnerable to inje

[ more ]  [ reply ]
[security bulletin] HPSBMU03076 rev.2 - HP Systems Insight Manager (SIM) on Linux and Windows running OpenSSL, Multiple Vulnerabilities 2014-08-25
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04379485

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04379485
Version: 2

HPSBMU03076 r

[ more ]  [ reply ]
[WorldCIST'15]: Call for Workshops Proposals; Proceedings by Springer - Indexed by ISI, Scopus, DBLP, etc. 2014-08-25
WorldCIST (worldcist aisti eu)
------
WorldCIST'15 - 3rd World Conference on Information Systems and Technologies
Ponta Delgada, Azores *, Portugal
1 - 3 April 2015.
http://www.aisti.eu/worldcist15/
------
* Azores is ranked as the second most beautiful archipelago in the world by National Geographic.
------------

WORKSHOP FORM

[ more ]  [ reply ]
MEHR Automation System Arbitrary File Download Vulnerability(persian portal) 2014-08-25
cseye_ut yahoo com
#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Title : MEHR Automation System Arbitrary File Download Vulnerability(persian portal)
# Author : alieye
# vendor : http://shakhesrayane.ir/
# Contact : cseye_ut (at) yahoo (dot) com [email concealed]
# Risk : High
# Class: Remote
#
# Google Dork:
# intext:"Poshtibani@

[ more ]  [ reply ]
DNN(DotNetNuke®) Ribbon Bar Control Panel Bad Access Level config 2014-08-25
cseye_ut yahoo com
#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Title : DNN(DotNetNuke®) Ribbon Bar Control Panel Bad Access Level config
# Author : alieye
# vendor : http://dnnsoftware.com/
# Contact : cseye_ut (at) yahoo (dot) com [email concealed]
# Risk : High
# Class: Remote
#
# Google Dork:
# inurl:ctl/+inurl:/tab
# inurl:

[ more ]  [ reply ]
DNN(DotNetNuke®) Iconbar Control Panel Bad Access Level config 2014-08-25
cseye_ut yahoo com
#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Title : DNN(DotNetNuke®) Iconbar Control Panel Bad Access Level config
# Author : alieye
# vendor : http://dnnsoftware.com/
# Contact : cseye_ut (at) yahoo (dot) com [email concealed]
# Risk : High
# Class: Remote
#
# Google Dork:
# inurl:ctl/+inurl:/tab
# inurl:ctl

[ more ]  [ reply ]
Barracuda Networks Web Security Flex v4.1 - Persistent Vulnerabilities (BNSEC-699) 2014-08-25
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Barracuda Networks Web Security Flex v4.1 - Persistent Vulnerabilities (BNSEC-699)

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=750

BARRACUDA NETWORK SECURITY ID: BNSEC-699

Release Date:
=============
2014-08-22

[ more ]  [ reply ]
Barracuda Networks Web Security Flex Appliance Application v4.x - Filter Bypass & Persistent Vulnerabilities (BNSEC 707) 2014-08-25
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Barracuda Networks Web Security Flex Appliance Application v4.x - Filter Bypass & Persistent Vulnerabilities (BNSEC 707)

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=749

Barracuda Networks Security ID (BNSEC): 707

V

[ more ]  [ reply ]
[SECURITY] [DSA 3011-1] mediawiki security update 2014-08-23
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3011-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
August 23, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 3010-1] python-django security update 2014-08-22
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3010-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
August 22, 2014

[ more ]  [ reply ]
[security bulletin] HPSBMU03079 rev.1 - HP Service Manager, Multiple Vulnerabilities 2014-08-22
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04388127

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04388127
Version: 1

HPSBMU03079 re

[ more ]  [ reply ]
DoS attacks (ICMPv6-based) resulting from IPv6 EH drops 2014-08-22
Fernando Gont (fgont si6networks com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Folks,

Ten days ago or so we published this I-D:
<http://www.ietf.org/internet-drafts/draft-gont-v6ops-ipv6-ehs-in-real-w
orld-00.txt>

Section 5.2 of the I-D discusses a possible attack vector based on a
combination of "forged" ICMPv6 PTB messages and

[ more ]  [ reply ]
[security bulletin] HPSBST03098 rev.1 - HP StoreEver MSL6480 Tape Library running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04406535

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04406535
Version: 1

HPSBST03098 re

[ more ]  [ reply ]
CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability 2014-08-21
Herbert Duerr (hdu apache org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2014-3524
OpenOffice Calc Command Injection Vulnerability

Severity: Important
Vendor: The Apache Software Foundation

Versions Affected:
Apache OpenOffice 4.1.0 and older on Windows.
OpenOffice.org versions may also be affected.

Description:
Th

[ more ]  [ reply ]
CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects 2014-08-21
Herbert Duerr (hdu apache org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2014-3575
OpenOffice Targeted Data Exposure Using Crafted OLE Objects

Severity: Important
Vendor: The Apache Software Foundation

Versions Affected:
Apache OpenOffice 4.1.0 and older on Windows.
OpenOffice.org versions are also affected.

Descrip

[ more ]  [ reply ]
[SECURITY] [DSA 3009-1] python-imaging security update 2014-08-21
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3009-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
August 21, 2014

[ more ]  [ reply ]
[CVE-2014-5335] CSRF in Innovaphone PBX 2014-08-21
rg nsideattacklogic de
Title: Innovaphone PBX Admin-GUI CSRF
Impact: High
CVSS2 Score: 7.8 (AV:N/AC:M/Au:S/C:P/I:C/A:C/E:F/RL:U/RC:C)
Announced: August 21, 2014
Reporter: Rainer Giedat (NSIDE ATTACK LOGIC GmbH, www.nsideattacklogic.de)
Products: Innovaphone PBX Administration GUI
Affected Versions: all known versions (tes

[ more ]  [ reply ]
[SECURITY] [DSA 3008-2] php5 regression update 2014-08-21
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3008-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
August 21, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2940-1] libstruts1.2-java security update 2014-08-21
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2940-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
Aug 21, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 3008-1] php5 security update 2014-08-21
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3008-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
August 21, 2014

[ more ]  [ reply ]
ToorCon 16 Call For Papers! 2014-08-20
h1kari toorcon org
TOORCON 16 CALL FOR PAPERS

It's that time of year again! ToorCon 16 is coming so get your code finished and submit a talk this time around. We're letting you decide if you want to be a part of our 50-minute talks on Saturday, 20-minute talks on Sunday, and 75-minute talks for our Deep Knowledge Sem

[ more ]  [ reply ]
ArcGIS for Server Vulnerability Disclosure 2014-08-20
Romano, Christian (cromano caanes com)
Product: ArcGIS for Server
Vendor: ESRI
Vulnerable Version: 10.1.1
Tested Version: 10.1.1
Vendor Notification: June 19, 2014
Public Disclosure: August 15, 2014
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-5121
Risk Level: Medium
CVSSv2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N

[ more ]  [ reply ]
(Page 1 of 1552)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus