BugTraq Mode:
(Page 2 of 1722)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[SECURITY] [DSA 3962-1] strongswan security update 2017-09-03
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3962-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Yves-Alexis Perez
September 03, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3961-1] libgd2 security update 2017-09-03
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3961-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
September 03, 2017

[ more ]  [ reply ]
[security bulletin] HPESBGN03765 rev.2 - HPE LoadRunner and HPE Performance Center, Remote Disclosure of Information 2017-08-31
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn
03765en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbgn03765en_us

Version: 2

HP

[ more ]  [ reply ]
[security bulletin] HPESBGN03767 rev.1 - HPE Operations Orchestration, Remote Code Execution 2017-08-31
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn
03767en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbgn03767en_us

Version: 1

HP

[ more ]  [ reply ]
[SECURITY] [DSA 3957-1] ffmpeg security update 2017-08-28
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3957-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
August 28, 2017

[ more ]  [ reply ]
[security bulletin] HPESBHF03770 rev.1 - HPE Comware 7 MSR Routers using PHP, Go, Apache Http Server, and Tomcat, Remote Arbitrary Code Execution 2017-08-28
HPE Product Security Response Team (security-alert hpe com)
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03770en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03770en_us

Version: 1

[ more ]  [ reply ]
[SECURITY] [DSA 3956-1] connman security update 2017-08-27
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3956-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
August 27, 2017

[ more ]  [ reply ]
Trend Micro Hosted Email Security (HES) - Email Interception and Direct Object Reference 2017-08-24
Patrick Webster (patrick osisecurity com au)
Date:
24-Aug-2017

Product:
Trend Micro Hosted Email Security (HES)

Versions affected:
Hosted Email Security before January 2012.

Vulnerability:

Two vulnerabilities were discovered.

The first allowed any HES user to intercept in-transit emails through
the Trend Micro Hosted Email Security cloud

[ more ]  [ reply ]
[security bulletin] HPESBHF03769 rev.1 - HPE Integrated Lights-out 4 (iLO 4) Multiple Remote Vulnerabilities 2017-08-23
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03769en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03769en_us

Version: 1

HP

[ more ]  [ reply ]
[SECURITY] [DSA 3953-1] aodh security update 2017-08-23
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3953-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
August 23, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3951-1] smb4k security update 2017-08-22
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3951-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 22, 2017

[ more ]  [ reply ]
[RT-SA-2015-008] WebClientPrint Processor 2.0: Remote Code Execution via Print Jobs 2017-08-22
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: WebClientPrint Processor 2.0: Remote Code Execution via Print Jobs

RedTeam Pentesting discovered that malicious print jobs can be used to
trigger a remote code execution vulnerability in WebClientPrint
Processor (WCPP). These print jobs may be distributed via specially
crafted websites an

[ more ]  [ reply ]
[RT-SA-2015-009] WebClientPrint Processor 2.0: Remote Code Execution via Updates 2017-08-22
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: WebClientPrint Processor 2.0: Remote Code Execution via Updates

RedTeam Pentesting discovered that rogue updates trigger a remote code
execution vulnerability in WebClientPrint Processor (WCPP). These
updates may be distributed through specially crafted websites and are
processed without

[ more ]  [ reply ]
[RT-SA-2015-010] WebClientPrint Processor 2.0: Unauthorised Proxy Modification 2017-08-22
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: WebClientPrint Processor 2.0: Unauthorised Proxy Modification

RedTeam Pentesting discovered that attackers can configure a proxy host
and port to be used when fetching print jobs with WebClientPrint
Processor (WCPP). This proxy setting may be distributed via specially
crafted websites and

[ more ]  [ reply ]
[RT-SA-2015-011] WebClientPrint Processor 2.0: No Validation of TLS Certificates 2017-08-22
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: WebClientPrint Processor 2.0: No Validation of TLS Certificates

RedTeam Pentesting discovered that WebClientPrint Processor (WCPP) does
not validate TLS certificates when initiating HTTPS connections. Thus, a
man-in-the-middle attacker may intercept and/or modify HTTPS traffic in
transit.

[ more ]  [ reply ]
[SECURITY] [DSA 3950-1] libraw security update 2017-08-21
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3950-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
August 21, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3948-1] ioquake3 security update 2017-08-19
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3948-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 19, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3946-1] libmspack security update 2017-08-18
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3946-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
August 18, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3928-2] firefox-esr security update 2017-08-16
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3928-2 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 16, 2017

[ more ]  [ reply ]
Microsoft Resnet - DNS Configuration Web Vulnerability 2017-08-16
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Microsoft Resnet - DNS Configuration Web Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2087

Acknowledgements: https://technet.microsoft.com/en-us/security/cc308589.aspx

Release Date:
=============
201

[ more ]  [ reply ]
FreeBSD <= 10.3 jail SHM hole 2017-08-16
WhiteWinterWolf (bugtraq lists whitewinterwolf com)
AFFECTED PRODUCTS

This issue affects FreeBSD from 7.0 to 10.3 included.

DESCRIPTION

FreeBSD jail incompletely protects the access to the IPC primitives.

The 'allow.sysvipc' setting only affects IPC queues, leaving other IPC
objects unprotected, making them reachable system-wide independently of

[ more ]  [ reply ]
[SECURITY] [DSA 3943-1] gajim security update 2017-08-14
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3943-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
August 14, 2017

[ more ]  [ reply ]
CVE-2017-9802: Apache Sling XSS vulnerability 2017-08-14
Robert Munteanu (rombert apache org)
CVE-2017-9802: Apache Sling XSS vulnerability

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
Apache Sling Servlets Post 2.3.20

Description:
The Javascript method Sling.evalString() uses the javascript `eval`
function to parse input strings, which allows for XSS att

[ more ]  [ reply ]
[CVE-2017-9767] Quali CloudShell (v7.1.0.6508 Patch 6) Multiple Stored Cross Site Scripting Vulnerability 2017-08-14
x62x65x6e gmail com
# Vulnerability type: Multiple Stored Cross Site Scripting
# Vendor: Quali
# Product: CloudShell
# Affected version: v7.1.0.6508 (Patch 6)
# Patched version: v8 and up
# Credit: Benjamin Lee
# CVE ID: CVE-2017-9767

==========================================================

# Overview
Quali CloudS

[ more ]  [ reply ]
[SECURITY] [DSA 3940-1] iortcw security update 2017-08-13
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3940-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 13, 2017

[ more ]  [ reply ]
[slackware-security] mercurial (SSA:2017-223-03) 2017-08-11
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mercurial (SSA:2017-223-03)

New mercurial packages are available for Slackware 14.0, 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/

[ more ]  [ reply ]
[SECURITY] [DSA 3937-1] zabbix security update 2017-08-12
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3937-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 12, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3936-1] postgresql-9.6 security update 2017-08-10
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3936-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 10, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3935-1] postgresql-9.4 security update 2017-08-10
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3935-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 10, 2017

[ more ]  [ reply ]
[security bulletin] HPESB3P03762 rev.1 - HPE C Switch Software using Cisco Prime Data Center Network Manager (DCNM), Remote Code Execution 2017-08-10
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesb3p
03762en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesb3p03762en_us

Version: 1

HP

[ more ]  [ reply ]
(Page 2 of 1722)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus