BugTraq Mode:
(Page 7 of 1552)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >
Barracuda Networks Spam&Virus Firewall v5.1.3 - Client Side Cross Site Vulnerability 2014-07-28
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Barracuda Networks Spam&Virus Firewall v5.1.3 - Client Side Cross Site Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1118

Barracuda Networks Security ID (BNSEC): BNSEC-1052
https://www.barracuda.com/sup

[ more ]  [ reply ]
[SECURITY] [DSA 2991-1] modsecurity-apache security update 2014-07-27
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2991-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
July 27, 2014

[ more ]  [ reply ]
[security bulletin] HPSBGN02936 rev.1 - HP and H3C VPN Firewall Module Products, Remote Denial of Service (DoS) 2014-07-25
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03993467

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03993467
Version: 1

HPSBGN02936 re

[ more ]  [ reply ]
Web Encryption Extension security update 2014-07-25
Ralf Senderek (support senderek ie)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Revision: 1.0
Last Updated: 25 July 2014
First Published: 25 July 2014

Summary:
A security issue was found in the Web Encryption Extension.

Authenticated users are able to modify the content of https request
fie

[ more ]  [ reply ]
[SECURITY] [DSA 2990-1] cups security update 2014-07-27
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2990-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
July 27, 2014

[ more ]  [ reply ]
Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-25
Gynvael Coldwind (gynvael coldwind pl) (1 replies)
So reading the links you provided I semi-agree with you. I think the
problem boils down to this part of your initial e-mail:

> PS: yes, it needs administrative privileges to write C:\Program.exe.
> BUT: all the user account(s) created during Windows setup have
> administrative privileges.

My

[ more ]  [ reply ]
Barracuda Networks Firewall 6.1.5 - Filter Bypass & Persistent Vulnerabilities 2014-07-25
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Barracuda Networks Firewall 6.1.5 - Filter Bypass & Persistent Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1065

Barracuda Networks Security ID (BNSEC): BNSEC-2067
https://www.barracuda.com/support/kn

[ more ]  [ reply ]
Easy file sharing web server - persist XSS in forum msgs 2014-07-25
joseph giron13 gmail com
I saw a posting a month or 2 ago for a BOF in an FTP server belonging to EFS Software here: http://www.securityfocus.com/bid/19243
At first there was no additional details provided and I hunted up and down before finding it after some fuzzing (stack smash in password).

While on the hunt, I found on

[ more ]  [ reply ]
[SECURITY] [DSA 2989-1] apache2 security update 2014-07-24
Stefan Fritsch (sf debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2989-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Stefan Fritsch
July 24, 2014

[ more ]  [ reply ]
Security advisory for Bugzilla 4.5.5, 4.4.5, 4.2.10, and 4.0.14 2014-07-24
dkl mozilla com
Summary
=======

Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issue has been discovered
in Bugzilla:

* An attacker can get access to some bug information using
the victim's credentials using a specially crafted HTML page.

All aff

[ more ]  [ reply ]
[SECURITY] [DSA 2988-1] transmission security update 2014-07-24
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2988-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
July 24, 2014

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2014-204-03) 2014-07-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2014-204-03)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
Barracuda Networks Firewall 6.1.2 #36 - Filter Bypass & Exception Handling Vulnerability + PoC Video BNSEC-2398 2014-07-24
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Barracuda Networks Firewall 6.1.2 #36 - Filter Bypass & Exception Handling Vulnerability + PoC Video

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1102

Barracuda Networks Security ID (BNSEC): BNSEC-2398
https://www.ba

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2014-204-02) 2014-07-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2014-204-02)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
[slackware-security] httpd (SSA:2014-204-01) 2014-07-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] httpd (SSA:2014-204-01)

New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
pat

[ more ]  [ reply ]
[security bulletin] HPSBMU03076 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows running OpenSSL, Multiple Vulnerabilities 2014-07-23
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04379485

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04379485
Version: 1

HPSBMU03076 r

[ more ]  [ reply ]
[SECURITY] [DSA 2987-1] openjdk-7 security update 2014-07-23
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2987-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
July 23, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2986-1] iceweasel security update 2014-07-23
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2986-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
July 23, 2014

[ more ]  [ reply ]
Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-23
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

the import function of Windows Mail executes a rogue program C:\Program.exe
with the credentials of another account, resulting in a privilege escalation!

1. Fetch <http://home.arcor.de/skanthak/download/SENTINEL.EXE> and save it as
C:\Program.exe

2. Start Windows Mail (part of Windows

[ more ]  [ reply ]
[security bulletin] HPSBMU03074 rev.1 - HP Insight Control server migration on Linux and Windows running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-07-23
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04378799

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04378799
Version: 1

HPSBMU03074 r

[ more ]  [ reply ]
[security bulletin] HPSBMU03073 rev.1 - HP Network Virtualization, Remote Execution of Code, Disclosure of Information 2014-07-23
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04374202

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04374202
Version: 1

HPSBMU03073 re

[ more ]  [ reply ]
SQL Injection in Ð?2 2014-07-23
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23222
Product: Ð?2
Vendor: Ilya Birman
Vulnerable Version(s): v2844 and probably prior
Tested Version: v2844
Advisory Publication: July 2, 2014 [without technical details]
Vendor Notification: July 2, 2014
Vendor Patch: July 3, 2014
Public Disclosure: July 23, 2014
Vulnerabilit

[ more ]  [ reply ]
[oCERT-2014-005] LPAR2RRD input sanitization errors 2014-07-23
Daniele Bianco (danbia ocert org)

#2014-005 LPAR2RRD input sanitization errors

Description:

LPAR2RRD is a performance monitoring and capacity planning software for IBM
Power Systems. LPAR2RRD generates historical, future trends and nearly
"real-time" CPU utilization graphs of LPAR's and shared CPU usage.

Insufficient input sanit

[ more ]  [ reply ]
Multiple Vulnerabilities in Parallels® Plesk Sitebuilder 2014-07-23
cseye_ut yahoo com
#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Title : Multiple Vulnerabilities in Parallels® Plesk Sitebuilder
# Author : alieye
# vendor : http://www.parallels.com/
# Contact : cseye_ut (at) yahoo (dot) com [email concealed]
# Risk : High
# Class: Remote
#
# Google Dork:
# inurl::2006/Sites ext:aspx
# inurl::20

[ more ]  [ reply ]
[SECURITY] [DSA 2985-1] mysql-5.5 security update 2014-07-22
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2985-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
July 22, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2984-1] acpi-support security update 2014-07-22
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2984-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Luciano Bello
July 22, 2014

[ more ]  [ reply ]
Barracuda Networks #35 Web Firewall 610 v6.0.1 - Filter Bypass & Persistent Vulnerability 2014-07-22
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Barracuda Networks #35 Web Firewall 610 v6.0.1 - Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1101

Barracuda Networks Security ID (BNSEC): BNSEC-2361
http://www.barracuda.com

[ more ]  [ reply ]
[security bulletin] HPSBMU03071 rev.1 - HP Autonomy IDOL, Running OpenSSL, Remote Unauthorized Access, Disclosure of Information 2014-07-22
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04370307

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04370307
Version: 1

HPSBMU03071 re

[ more ]  [ reply ]
Barracuda Networks Spam&Virus Firewall v6.0.2 (600 & Vx) - Client Side Cross Site Vulnerability 2014-07-22
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Barracuda Networks Spam&Virus Firewall v6.0.2 (600 & Vx) - Client Side Cross Site Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=890

Barracuda Networks Security ID (BNSEC): BNSEC-1176
https://www.barracud

[ more ]  [ reply ]
(Page 7 of 1552)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus