BugTraq Mode:
(Page 10 of 1555)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >
Barracuda Networks Firewall 6.1.5 - Filter Bypass & Persistent Vulnerabilities 2014-07-25
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Barracuda Networks Firewall 6.1.5 - Filter Bypass & Persistent Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1065

Barracuda Networks Security ID (BNSEC): BNSEC-2067
https://www.barracuda.com/support/kn

[ more ]  [ reply ]
Easy file sharing web server - persist XSS in forum msgs 2014-07-25
joseph giron13 gmail com
I saw a posting a month or 2 ago for a BOF in an FTP server belonging to EFS Software here: http://www.securityfocus.com/bid/19243
At first there was no additional details provided and I hunted up and down before finding it after some fuzzing (stack smash in password).

While on the hunt, I found on

[ more ]  [ reply ]
[SECURITY] [DSA 2989-1] apache2 security update 2014-07-24
Stefan Fritsch (sf debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2989-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Stefan Fritsch
July 24, 2014

[ more ]  [ reply ]
Security advisory for Bugzilla 4.5.5, 4.4.5, 4.2.10, and 4.0.14 2014-07-24
dkl mozilla com
Summary
=======

Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issue has been discovered
in Bugzilla:

* An attacker can get access to some bug information using
the victim's credentials using a specially crafted HTML page.

All aff

[ more ]  [ reply ]
[SECURITY] [DSA 2988-1] transmission security update 2014-07-24
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2988-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
July 24, 2014

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2014-204-03) 2014-07-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2014-204-03)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
Barracuda Networks Firewall 6.1.2 #36 - Filter Bypass & Exception Handling Vulnerability + PoC Video BNSEC-2398 2014-07-24
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Barracuda Networks Firewall 6.1.2 #36 - Filter Bypass & Exception Handling Vulnerability + PoC Video

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1102

Barracuda Networks Security ID (BNSEC): BNSEC-2398
https://www.ba

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2014-204-02) 2014-07-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2014-204-02)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
[slackware-security] httpd (SSA:2014-204-01) 2014-07-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] httpd (SSA:2014-204-01)

New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
pat

[ more ]  [ reply ]
[security bulletin] HPSBMU03076 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows running OpenSSL, Multiple Vulnerabilities 2014-07-23
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04379485

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04379485
Version: 1

HPSBMU03076 r

[ more ]  [ reply ]
[SECURITY] [DSA 2987-1] openjdk-7 security update 2014-07-23
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2987-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
July 23, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2986-1] iceweasel security update 2014-07-23
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2986-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
July 23, 2014

[ more ]  [ reply ]
Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-23
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

the import function of Windows Mail executes a rogue program C:\Program.exe
with the credentials of another account, resulting in a privilege escalation!

1. Fetch <http://home.arcor.de/skanthak/download/SENTINEL.EXE> and save it as
C:\Program.exe

2. Start Windows Mail (part of Windows

[ more ]  [ reply ]
[security bulletin] HPSBMU03074 rev.1 - HP Insight Control server migration on Linux and Windows running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-07-23
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04378799

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04378799
Version: 1

HPSBMU03074 r

[ more ]  [ reply ]
[security bulletin] HPSBMU03073 rev.1 - HP Network Virtualization, Remote Execution of Code, Disclosure of Information 2014-07-23
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04374202

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04374202
Version: 1

HPSBMU03073 re

[ more ]  [ reply ]
SQL Injection in Ð?2 2014-07-23
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23222
Product: Ð?2
Vendor: Ilya Birman
Vulnerable Version(s): v2844 and probably prior
Tested Version: v2844
Advisory Publication: July 2, 2014 [without technical details]
Vendor Notification: July 2, 2014
Vendor Patch: July 3, 2014
Public Disclosure: July 23, 2014
Vulnerabilit

[ more ]  [ reply ]
[oCERT-2014-005] LPAR2RRD input sanitization errors 2014-07-23
Daniele Bianco (danbia ocert org)

#2014-005 LPAR2RRD input sanitization errors

Description:

LPAR2RRD is a performance monitoring and capacity planning software for IBM
Power Systems. LPAR2RRD generates historical, future trends and nearly
"real-time" CPU utilization graphs of LPAR's and shared CPU usage.

Insufficient input sanit

[ more ]  [ reply ]
Multiple Vulnerabilities in Parallels® Plesk Sitebuilder 2014-07-23
cseye_ut yahoo com
#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Title : Multiple Vulnerabilities in Parallels® Plesk Sitebuilder
# Author : alieye
# vendor : http://www.parallels.com/
# Contact : cseye_ut (at) yahoo (dot) com [email concealed]
# Risk : High
# Class: Remote
#
# Google Dork:
# inurl::2006/Sites ext:aspx
# inurl::20

[ more ]  [ reply ]
[SECURITY] [DSA 2985-1] mysql-5.5 security update 2014-07-22
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2985-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
July 22, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2984-1] acpi-support security update 2014-07-22
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2984-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Luciano Bello
July 22, 2014

[ more ]  [ reply ]
Barracuda Networks #35 Web Firewall 610 v6.0.1 - Filter Bypass & Persistent Vulnerability 2014-07-22
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Barracuda Networks #35 Web Firewall 610 v6.0.1 - Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1101

Barracuda Networks Security ID (BNSEC): BNSEC-2361
http://www.barracuda.com

[ more ]  [ reply ]
[security bulletin] HPSBMU03071 rev.1 - HP Autonomy IDOL, Running OpenSSL, Remote Unauthorized Access, Disclosure of Information 2014-07-22
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04370307

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04370307
Version: 1

HPSBMU03071 re

[ more ]  [ reply ]
Barracuda Networks Spam&Virus Firewall v6.0.2 (600 & Vx) - Client Side Cross Site Vulnerability 2014-07-22
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Barracuda Networks Spam&Virus Firewall v6.0.2 (600 & Vx) - Client Side Cross Site Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=890

Barracuda Networks Security ID (BNSEC): BNSEC-1176
https://www.barracud

[ more ]  [ reply ]
Web Login Bruteforce in Symantec Endpoint Protection Manager 12.1.4023.4080 2014-07-22
audit1 a2secure com
We discovered a vulnerability in the Symantec Endpoint Protection Manager web application.

Vulnerability Type: Login Bruteforce

Original Release: June 20, 2014

Discovered by:
Security Team - A2SECURE
Artëm Tsvetkov atsvetkov (at) a2secure (dot) com [email concealed]
Sisco Barrera sbarrera (at) a2secure (dot) com [email concealed]
Andrea Bodei abo

[ more ]  [ reply ]
Cross-site Scripting in EventLog Analyzer 9.0 build #9000 2014-07-22
audit1 a2secure com
We discovered a vulnerability in the EventLog Analyzer web application.

Vulnerability Type: Cross-site Scripting

Original Release: June 20, 2014

Discovered by:
Security Team - A2SECURE
Artëm Tsvetkov atsvetkov (at) a2secure (dot) com [email concealed]
Sisco Barrera sbarrera (at) a2secure (dot) com [email concealed]
Andrea Bodei abodei (at) a2secure (dot) co [email concealed]

[ more ]  [ reply ]
[oCERT-2014-004] Ansible input sanitization errors 2014-07-22
Andrea Barisani (lcars ocert org)

#2014-004 Ansible input sanitization errors

Description:

The Ansible project is an open source configuration management platform.

The Ansible platform suffers from input sanitization errors that allow
arbitrary code execution as well as information leak, in case an attacker is
able to control ce

[ more ]  [ reply ]
Call for Papers / Speakers for ISACA Ireland Conference on 3rd Oct in Dublin 2014-07-21
president isaca ie
ISACA Ireland is seeking innovated session proposals that will engage an audience of information security, assurance. audit, privacy, governance, risk and compliance professionals. Speakers should offer real-world examples, ?war stories?, case studies, successes and failures, examples of actual tool

[ more ]  [ reply ]
[SECURITY] [DSA 2983-1] drupal7 security update 2014-07-20
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2983-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
July 20, 2014

[ more ]  [ reply ]
KL-001-2014-003 : Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation 2014-07-18
KoreLogic Disclosures (disclosures korelogic com)
Title: Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation
Advisory ID: KL-001-2014-003
Publication Date: 2014.07.18
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt

1. Vulnerability Details

Affected Vendor: Microsoft
Affected Product: MQ Ac

[ more ]  [ reply ]
KL-001-2014-002 : Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation 2014-07-18
KoreLogic Disclosures (disclosures korelogic com)
Title: Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation
Advisory ID: KL-001-2014-002
Publication Date: 2014-07-18
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt

1. Vulnerability Details

Affected Vendor: Microsoft
Affected Product: Blu

[ more ]  [ reply ]
(Page 10 of 1555)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus