BugTraq Mode:
(Page 2 of 1626)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[SYSS-2015-025] Netop Remote Control - Insufficiently Protected Credentials 2015-08-24
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-025
Product: Netop Remote Control
Vendor: Netop
Affected Version(s): 11.52, 12.11
Tested Version(s): 11.52, 12.11
Vulnerability Type: Use of Hard-coded Cryptographic Key (CWE-321)
Insufficiently Protected Cre

[ more ]  [ reply ]
Logstash vulnerability CVE-2015-5619 2015-08-21
Suyog Rao (suyog elastic co)
Summary:
Logstash 1.5.3 and prior versions are vulnerable to a SSL/TLS security
issue which allows an attacker to successfully implement a man in the
middle attack. This vulnerability is not present in the initial
installation of Logstash. This insecurity is exposed when users
configure Lumberjack o

[ more ]  [ reply ]
[security bulletin] HPSBGN03395 rev.1 - HP KeyView running on HP-UX, Linux, Solaris, Windows, FreeBSD, and AIX, Remote Code Execution 2015-08-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04771027

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04771027
Version: 1

HPSBGN03395 r

[ more ]  [ reply ]
[slackware-security] gnutls (SSA:2015-233-01) 2015-08-21
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] gnutls (SSA:2015-233-01)

New gnutls packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

IMPORTANT: On Slackware 14.0, install the new updated nettle package first.

Here are the details from t

[ more ]  [ reply ]
[security bulletin] HPSBGN03395 rev.1 - HP KeyView running on HP-UX, Linux, Solaris, Windows, FreeBSD, and AIX, Remote Code Execution 2015-08-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04771027

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04771027
Version: 1

HPSBGN03395 r

[ more ]  [ reply ]
Logstash vulnerability CVE-2015-5619 2015-08-21
Suyog Rao (suyog elastic co)
Summary:
Logstash 1.5.3 and prior versions are vulnerable to a SSL/TLS security
issue which allows an attacker to successfully implement a man in the
middle attack. This vulnerability is not present in the initial
installation of Logstash. This insecurity is exposed when users
configure Lumberjack o

[ more ]  [ reply ]
[security bulletin] HPSBUX03410 SSRT102175 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-08-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04774040

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04774040
Version: 1

HPSBUX03410 S

[ more ]  [ reply ]
Re: [SECURITY] [DSA 3325-2] apache2 regression update 2015-08-21
franzskinn gmail com
All my sources are fake packages and my I have a lot of malware in my phone

[ more ]  [ reply ]
APPLE-SA-2015-08-20-1 QuickTime 7.7.8 2015-08-20
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2015-08-20-1 QuickTime 7.7.8

QuickTime 7.7.8 is now available and addresses the following:

QuickTime
Available for: Windows 7 and Windows Vista
Impact: Processing a maliciously crafted file may lead to an
unexpected application termination

[ more ]  [ reply ]
[security bulletin] HPSBUX03369 SSRT102037 rev.1 - HP-UX execve(2), Local Elevation of Privilege 2015-08-20
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04735247

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04735247
Version: 1

HPSBUX03369 S

[ more ]  [ reply ]
[SECURITY] [DSA 3342-1] vlc security update 2015-08-20
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3342-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Alessandro Ghedini
August 20, 2015

[ more ]  [ reply ]
[oCERT-2015-009] VLC arbitrary pointer dereference 2015-08-20
Andrea Barisani (lcars ocert org)

#2015-009 VLC arbitrary pointer dereference

Description:

The VLC media player is an open source media player and streaming media
server.

The stable VLC version suffers from an arbitrary pointer dereference
vulnerability.

The vulnerability affects the 3GP file format parser, insufficient
restric

[ more ]  [ reply ]
UBNT Bug Bounty #3 - Persistent Filename Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
UBNT Bug Bounty #3 - Persistent Filename Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1467

Video: http://www.vulnerability-lab.com/get_content.php?id=1468

Release Date:
=============
2015-08-11

Vuln

[ more ]  [ reply ]
UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1465

#52988

Release Date:
=============
2015-08-17

Vulnerability Laboratory ID (VL-ID):
===========

[ more ]  [ reply ]
WebSolutions India Design CMS - SQL Injection Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
WebSolutions India Design CMS - SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1577

Release Date:
=============
2015-08-20

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
ChiefPDF Software v2.x - Buffer Overflow Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
ChiefPDF Software v2.x - Buffer Overflow Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1578

Release Date:
=============
2015-08-20

Vulnerability Laboratory ID (VL-ID):
================================

[ more ]  [ reply ]
PDF Shaper v3.5 - (MSF) Remote Buffer Overflow Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PDF Shaper v3.5 - (MSF) Remote Buffer Overflow Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1579

Video: https://youtu.be/-HTEIisSiH8

Release Date:
=============
2015-08-16

Vulnerability Laboratory I

[ more ]  [ reply ]
Microsoft HTA (HTML Application) - Remote Code Execution Vulnerability (MS14-064) 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Microsoft HTA (HTML Application) - Remote Code Execution Vulnerability (MS14-064)

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1576

Video: http://youtu.be/Vkswz7vt23M

http://web.nvd.nist.gov/view/vuln/detail?vulnId=

[ more ]  [ reply ]
[SECURITY] [DSA 3341-1] conntrack security update 2015-08-20
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3341-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
August 20, 2015

[ more ]  [ reply ]
ESA-2015-132: EMC Documentum D2 Fail Open Vulnerability 2015-08-20
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-132: EMC Documentum D2 Fail Open Vulnerability

EMC Identifier: ESA-2015-132

CVE Identifier: CVE-2015-4537

Severity Rating: CVSS v2 Base Score: 8.5 (AV:N/AC:M/Au:S/C:C/I:C/A:C)

Affected products:

? EMC Documentum D2 4.2 and earli

[ more ]  [ reply ]
[SECURITY] [DSA 3340-1] zendframework security update 2015-08-19
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3340-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Alessandro Ghedini
August 19, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3339-1] openjdk-6 security update 2015-08-19
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3339-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 19, 2015

[ more ]  [ reply ]
[security bulletin] HPSBUX03400 SSRT102211 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-08-19
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04769567

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04769567
Version: 1

HPSBUX03400 S

[ more ]  [ reply ]
CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability 2015-08-19
Christofer Dutz (cdutz apache org)
CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion
Vulnerability

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: Apache Flex BlazeDS 4.7.0

Description: When receiving XML encoded AMF messages containing DTD
entities, the
default XML parser configura

[ more ]  [ reply ]
Privilege escalation through RPC commands in EMC Documentum Content Server (incomplete fix in CVE-2015-4532) 2015-08-19
andrew panfilov tel
Product: EMC Documentum Content Server
Vendor: EMC
Version: ANY
CVE: N/A
Risk: High
Status: public/not fixed

For detailed description see attached VRF#HUFG9EBA.txt and VRF#HX5OLZ0F.txt,
for vendor announcement see CVE-2015-4532 in
http://seclists.org/bugtraq/2015/Aug/86. The problem is PoC code p

[ more ]  [ reply ]
(Page 2 of 1626)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus