BugTraq Mode:
(Page 10 of 1655)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >
[oCERT 2015-012] Ganeti multiple issues 2015-12-30
Daniele Bianco (danbia ocert org)
#2015-012 Ganeti multiple issues

Description:

Ganeti, an open source virtualization manager, suffers from multiple issues in
its RESTful control interface (RAPI).

The distributed replicated storage (DRBD) secret is leaked by the RAPI
interface when job results are requested. Leveraging on the kno

[ more ]  [ reply ]
WebKitGTK+ Security Advisory WSA-2015-0002 2015-12-28
Carlos Alberto Lopez Perez (clopez igalia com)
------------------------------------------------------------------------

WebKitGTK+ Security Advisory WSA-2015-0002
------------------------------------------------------------------------

Date reported : December 28, 2015
Advisory ID : WSA-2015-0002
Adviso

[ more ]  [ reply ]
libtiff bmp file Heap Overflow (CVE-2015-8668) 2015-12-28
riusksk qq com
Details
=======

Product: libtiff
Affected Versions: <= 4.0.6
Vulnerability Type: Heap Overflow
Security Risk: High
Vendor URL: http://www.libtiff.org/
CVE ID: CVE-2015-8668
Credit: riusksk of Tencent Security Platform Department

Introduction
============

libtiff v4.0.6 bmp2tiff function PackBit

[ more ]  [ reply ]
libtiff: invalid write (CVE-2015-7554) 2015-12-26
Hans Jerry Illikainen (hji dyntopia com)

`_TIFFVGetField()' in libtiff-4.0.6 may write field data for certain
extension tags to invalid or possibly arbitrary memory.

Each tag has a `field_passcount' variable in their TIFFField struct:

tiff-4.0.6/libtiff/tif_dir.h #276..289:
,----
| struct _TIFFField {
| uint32 field_tag;

[ more ]  [ reply ]
AccessDiver V4.301 Buffer Overflow 2015-12-26
apparitionsec gmail com
[+] Credits: hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/ACCESSDIVER-BUFFER-OVERFLOW.t
xt

Vendor:
==============
M. Jean Fages
www.accessdiver.com
circa 1998-2006

Product:
=============================
AccessDiver V4.301 build 5888

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2015-357-01) 2015-12-23
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2015-357-01)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
[SECURITY] [DSA 3430-1] libxml2 security update 2015-12-23
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3430-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
December 23, 2015

[ more ]  [ reply ]
Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege 2015-12-23
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

F-Secure's online virus scanner F-SecureOnlineScanner.exe, available
via <https://www.f-secure.com/en/web/home_global/online-scanner>,
loads and executes several rogue/bogus DLLs (UXTheme.dll, HNetCfg.dll,
RASAdHlp.dll, SetupAPI.dll, ClbCatQ.dll, XPSP2Res.dll, CryptNet.dll,
OLEAcc.dll etc.)

[ more ]  [ reply ]
[slackware-security] blueman (SSA:2015-356-01) 2015-12-23
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] blueman (SSA:2015-356-01)

New blueman packages are available for Slackware 13.37, 14.0, 14.1,
and -current to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/pa

[ more ]  [ reply ]
Security advisory for Bugzilla 5.0.2, 4.4.11 and 4.2.16 2015-12-22
LpSolit gmail com
Summary
=======

Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issues have been discovered
in Bugzilla:

* Unfiltered HTML injected into a dependency graph could be used to
create a cross-site scripting attack.

* Some web browsers

[ more ]  [ reply ]
ESA-2015-179: EMC Secure Remote Services Virtual Edition Path Traversal Vulnerability 2015-12-22
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-179: EMC Secure Remote Services Virtual Edition Path Traversal Vulnerability

EMC Identifier: ESA-2015-179

CVE Identifier: CVE-2015-6852

Severity Rating: CVSS v2 Base Score: 5.5 (AV:A/AC:L/Au:S/C:C/I:N/A:N)

Affected products:

EMC

[ more ]  [ reply ]
ESA-2015-174: EMC VPLEX Undocumented Account Vulnerability 2015-12-22
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-174: EMC VPLEX Undocumented Account Vulnerability

EMC Identifier: ESA-2015-174

CVE Identifier: CVE-2015-6850

Severity Rating: CVSS Base Score 6.8 (AV:L/AC:L/Au:S/C:C/I:C/A:C)

Affected Products

EMC Software: EMC VPLEX GeoSynchrony

[ more ]  [ reply ]
Aeris Calandar v2.1 - Buffer Overflow Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Aeris Calandar v2.1 - Buffer Overflow Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1656

Release Date:
=============
2015-12-01

Vulnerability Laboratory ID (VL-ID):
===================================

[ more ]  [ reply ]
POP Peeper 4.0.1 - Persistent Code Execution Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
POP Peeper 4.0.1 - Persistent Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1657

Release Date:
=============
2015-11-26

Vulnerability Laboratory ID (VL-ID):
============================

[ more ]  [ reply ]
Switch v4.68 - Code Execution Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Switch v4.68 - Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1649

Release Date:
=============
2015-11-23

Vulnerability Laboratory ID (VL-ID):
====================================
1649

[ more ]  [ reply ]
Lithium Forum - (previewImages) Persistent Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Lithium Forum - (previewImages) Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1520

Release Date:
=============
2015-12-18

Vulnerability Laboratory ID (VL-ID):
==============================

[ more ]  [ reply ]
Wordpress Content Text Slider on Post 6.8 - Persistent Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Wordpress Content Text Slider on Post 6.8 - Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1655

Release Date:
=============
2015-12-07

Vulnerability Laboratory ID (VL-ID):
==================

[ more ]  [ reply ]
Western Union CN Bug Bounty #6 - Client Side Cross Site Scripting Web Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Western Union CN Bug Bounty #6 - Client Side Cross Site Scripting Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1657

Release Date:
=============
2015-12-14

Vulnerability Laboratory ID (VL-ID):
===

[ more ]  [ reply ]
DELL Scrutinizer v12.0.3 - Persistent Software Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
DELL Scrutinizer v12.0.3 - Persistent Software Vulnerability

References (Source):
====================
http://vulnerability-lab.com/get_content.php?id=1360

Tracking ID: 15943

Release Date:
=============
2015-12-18

Vulnerability Laboratory ID (VL-ID):
==========

[ more ]  [ reply ]
[RT-SA-2015-013] Symfony PHP Framework: Session Fixation In "Remember Me" Login Functionality 2015-12-22
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: Symfony PHP Framework: Session Fixation In "Remember Me" Login
Functionality

A session fixation vulnerability within the Symfony web application
framework's "Remember Me" login functionality allows an attacker to
impersonate the victim towards the web application if the session

[ more ]  [ reply ]
Executable installers are vulnerable^WEVIL (case 14): Rapid7's ScanNowUPnP.exe allows arbitrary (remote) code execution 2015-12-21
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

the executable installer [°]['] (rather: the 7-Zip based executable
self-extractor [²]) of Rapid7's (better known for their flagship
Metasploit) ScanNowUPnP.exe loads and executes several rogue/bogus
DLLs eventually found in the directory it is started from (the
"application directory"), co

[ more ]  [ reply ]
[security bulletin] HPSBHF03419 rev.1 - HP Network Products including H3C routers and switches, Remote Denial of Service (DoS), Unauthorized Access. 2015-12-21
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c04779492

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04779492
Version: 1

HPSBHF03419 r

[ more ]  [ reply ]
[security bulletin] HPSBGN03526 rev.1 - HPE Helion Eucalyptus, Remote Access Restriction Bypass, Unauthorized Modification 2015-12-21
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c04926463

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04926463
Version: 1

HPSBGN03526 r

[ more ]  [ reply ]
[security bulletin] HPSBGN03527 rev.1 - HPE Helion Eucalyptus, Remote Access Restriction Bypass 2015-12-21
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c04926482

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04926482
Version: 1

HPSBGN03527 r

[ more ]  [ reply ]
[SECURITY] [DSA 3429-1] foomatic-filters security update 2015-12-21
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3429-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
December 21, 2015

[ more ]  [ reply ]
ESA-2015-177: RSA SecurID(r) Web Agent Authentication Bypass Vulnerability 2015-12-21
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-177: RSA SecurID® Web Agent Authentication Bypass Vulnerability

EMC Identifier: ESA-2015-177

CVE Identifier: CVE-2015-6851

Severity Rating: 6.6 (AV:L/AC:L/Au:N/C:C/I:C/A:N)

Affected Products:

- RSA SecurID® Web Agent version

[ more ]  [ reply ]
giflib: heap overflow in giffix (CVE-2015-7555) 2015-12-21
Hans Jerry Illikainen (hji dyntopia com)

About
=====

giflib[1] is a library for working with GIF images. It also provides
several command-line utilities.

CVE-2015-7555
=============

A heap overflow may occur in the giffix utility included in giflib-5.1.1
when processing records of the type `IMAGE_DESC_RECORD_TYPE' due to the
allocate

[ more ]  [ reply ]
Executable installers are vulnerable^WEVIL (case 13): ESET NOD32 antivirus installer allows remote code execution with escalation of privilege 2015-12-21
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

the executable installer [°] of ESET's NOD32 antivirus,
eset_nod32_antivirus_live_installer_.exe, loads and executes
(at least) the rogue/bogus/malicious Cabinet.dll and DbgHelp.dll
eventually found in the directory it is started from ['] (the
"application directory").

For software downloa

[ more ]  [ reply ]
Almost no resp. only some mitigation(s) for "DLL hijacking" via load-time dependencies 2015-12-21
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

in <http://seclists.org/fulldisclosure/2015/Nov/101> I showed
general mitigations for DLL hijacking via runtime dependencies
(<https://msdn.microsoft.com/en-us/library/ms685090.aspx>).

DLL hijacking is but also possible via load-time dependencies
(<https://msdn.microsoft.com/en-us/library/

[ more ]  [ reply ]
KL-001-2015-007 : Seagate GoFlex Satellite Remote Telnet Default Password 2015-12-18
KoreLogic Disclosures (disclosures korelogic com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

KL-001-2015-007 : Seagate GoFlex Satellite Remote Telnet Default Password

Title: Seagate GoFlex Satellite Remote Telnet Default Password
Advisory ID: KL-001-2015-007
Publication Date: 2015.12.18
Publication URL: https://www.korelogic.com/Resources/Ad

[ more ]  [ reply ]
(Page 10 of 1655)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus