BugTraq Mode:
(Page 10 of 1547)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >
Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products 2014-06-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products

Advisory ID: cisco-sa-20140605-openssl

Revision 1.0

For Public Release 2014 June 5 22:00 UTC (GMT)

Summary
=======

Multiple Cisco products incorporate a version of the OpenSSL package af

[ more ]  [ reply ]
[SECURITY] [DSA 2951-1] mupdf security update 2014-06-05
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2951-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
June 05, 2014

[ more ]  [ reply ]
[security bulletin] HPSBMU03029 rev.2 - HP Insight Control Server Migration running OpenSSL, Remote Disclosure of Information 2014-06-05
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04268240

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04268240
Version: 2

HPSBMU03029 re

[ more ]  [ reply ]
Details for CVE-2014-0220 2014-06-05
tucu cloudera com
------------------------------------------------------------------------
------------------
Technical Service Bulletin 2014-28 (TSB)

Title: Security Vulnerability: Sensitive Configuration Values Exposed in
Cloudera Manager
Certain configuration values that are stored in Cloudera Manager are
consider

[ more ]  [ reply ]
ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities 2014-06-05
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities

EMC Identifier: ESA-2014-046

CVE Identifier: CVE-2014-2506, CVE-2014-2507, CVE-2014-2508

Severity Rating: CVSS v2 Base Score: See below for individual scores

Affected p

[ more ]  [ reply ]
[security bulletin] HPSBMU03028 rev.2 - HP Matrix Operating Environment and HP CloudSystem Matrix Software Components running OpenSSL, Remote Disclosure of Information 2014-06-05
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04268239

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04268239
Version: 2

HPSBMU03028 re

[ more ]  [ reply ]
multiple Vulnerability in "WahmShoppes eStore" 2014-06-05
cseye_ut yahoo com
#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Title : multiple Vulnerability in "WahmShoppes eStore"
# Author : alieye
# vendor : http://www.wahmshoppes.com/
# Contact : cseye_ut (at) yahoo (dot) com [email concealed]
# Risk : High
# Class: Remote
# Google Dork:
# inurl:WsError.asp
# inurl:store/ We apologize b

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-14:14.openssl 2014-06-05
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-14:14.openssl Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
[SECURITY] [DSA 2949-1] linux security update 2014-06-05
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2949-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
June 05, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2950-1] openssl security update 2014-06-05
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2950-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
June 05, 2014

[ more ]  [ reply ]
[RT-SA-2014-006] Directory Traversal in DevExpress ASP.NET File Manager 2014-06-05
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: Directory Traversal in DevExpress ASP.NET File Manager

During a penetration test RedTeam Pentesting discovered a directory
traversal vulnerability in DevExpress' ASP.NET File Manager and File
Upload. Attackers are able to read arbitrary files by specifying a
relative path.

Details
======

[ more ]  [ reply ]
[security bulletin] HPSBMU03033 rev.3 - HP Insight Control Software Components running OpenSSL, Remote Disclosure of Information 2014-06-04
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04272892

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04272892
Version: 3

HPSBMU03033 re

[ more ]  [ reply ]
[SECURITY] [DSA 2946-1] python-gnupg security update 2014-06-04
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2946-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
June 04, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2948-1] python-bottle security update 2014-06-04
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2948-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
June 04, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2947-1] libav security update 2014-06-04
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2947-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
June 04, 2014

[ more ]  [ reply ]
ESA-2014-024: EMC Documentum Digital Asset Manager Blind DQL Injection Vulnerability 2014-06-04
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-024: EMC Documentum Digital Asset Manager Blind DQL Injection Vulnerability

EMC Identifier: ESA-2014-024

CVE Identifier: CVE-2014-2503

Severity Rating: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Affected products:

?

[ more ]  [ reply ]
[CVE-2014-2577] XSS on Transform Foundation Server 4.3.1 and 5.2 from Bottomline Technologies 2014-06-03
Fran (jfrancisco bolivar gmail com)
I. VULNERABILITY
-------------------------

Reflected XSS Attacks vulnerabilities in Transform Foundation server
4.3.1 and 5.2 from Bottomline Technologies

II. BACKGROUND
-------------------------

Bottomline offers powerful, next-generation electronic document
solutions for formatting,
personaliz

[ more ]  [ reply ]
[SECURITY] [DSA 2945-1] chkrootkit security update 2014-06-03
Giuseppe Iuculano (iuculano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2945-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Giuseppe Iuculano
June 03, 2014

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-14:12.ktrace 2014-06-03
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-14:12.ktrace Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-14:11.sendmail 2014-06-03
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-14:11.sendmail Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-14:13.pam 2014-06-03
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-14:13.pam Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
CVE-2014-0907 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH In IBM DB2 2014-06-03
Portcullis Advisories (advisories portcullis-security com)
Vulnerability title: SetUID/SetGID Programs Allow Privilege Escalation
Via Insecure RPATH In IBM DB2
CVE: CVE-2014-0907
Vendor: IBM
Product: DB2
Affected version: V9.1, V9.5, V9.7, V10.1 and V10.5
Fixed version: V9.7 FP9a, V10.1 FP3a, V10.1 FP4 and V10.5 FP3a
Reported by: Tim Brown

Details:

It has

[ more ]  [ reply ]
Bug in bash <= 4.3 [security feature bypassed] 2014-06-03
Hector Marco (hecmargi upv es) (1 replies)
Hi everyone,

Recently we discovered a bug in bash. After some time after reporting
it to bash developers, it has not been fixed.

We think that this is a security issue because in some circumstances
the bash security feature could be bypassed allowing the bash to be a
valid target shell in an attac

[ more ]  [ reply ]
Re: Bug in bash <= 4.3 [security feature bypassed] 2014-06-05
Daryl Tester (dt-bugtraq handcraftedcomputers com au) (1 replies)
Re: Bug in bash <= 4.3 [security feature bypassed] 2014-06-05
Hector Marco (hecmargi upv es)
Re: [oss-security] Bug in bash <= 4.3 [security feature bypassed] 2014-06-04
Jose Carlos Luna Duran (jose carlos luna gmail com) (2 replies)
In my opinion the drop of privs in bash was mostly a "help" measure
for poorly written setuid programs executing system() calls. I don't
think is the role of bash to do this as the problem that could be
exploited by that would really be in the original program that does
not drop privs before invokin

[ more ]  [ reply ]
CVE-2014-1226 s3dvt Root shell (still) 2014-06-03
Hector Marco (hecmargi upv es)
CVE-2014-1226 s3dvt Root shell (still)

About s3dvt:

s3dvt is part of the 3d network display server which can be used as
3d desktop environment.

Vulnerability:

The s3dvt developers forgot to review all the code. There is still a
vulnerable function as in the previous CVE-2013-6825. At the date

[ more ]  [ reply ]
CVE-2013-6825 DCMTK Root Privilege escalation 2014-06-03
Hector Marco (hecmargi upv es)
CVE-2013-6825 DCMTK Root Privilege escalation

About DCMTK:

DCMTK is a collection of libraries and applications implementing large parts
the DICOM standard. It includes software for examining, constructing and
converting DICOM image files, handling offline media, sending and receiving
images over a

[ more ]  [ reply ]
(Page 10 of 1547)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus