BugTraq Mode:
(Page 2 of 1569)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[ MDVSA-2014:213 ] curl 2014-11-18
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:213
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:214 ] dbus 2014-11-18
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:214
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload 2014-11-18
Steffen Bauch (mail steffenbauch de)
CVE-2014-8767 tcpdump denial of service in verbose mode using malformed
OLSR payload

1. Background

tcpdump is a powerful command-line packet analyzer. It allows the user
to intercept and display TCP/IP and other packets being transmitted or
received over a network to which the computer is attac

[ more ]  [ reply ]
CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload 2014-11-18
Steffen Bauch (mail steffenbauch de)
CVE-2014-8768 tcpdump denial of service in verbose mode using malformed
Geonet payload

1. Background

tcpdump is a powerful command-line packet analyzer. It allows the user
to intercept and display TCP/IP and other packets being transmitted or
received over a network to which the computer is att

[ more ]  [ reply ]
CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload 2014-11-18
Steffen Bauch (mail steffenbauch de)
CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload

1. Background

tcpdump is a powerful command-line packet analyzer. It allows the user
to intercept and display TCP/IP and other packets being transmitted or
received over a network to which the computer is attached.

2. Summary

[ more ]  [ reply ]
[security bulletin] HPSBMU03183 rev.2 - HP Server Automation and Server Automation Virtual Appliance, running SSL, Remote Disclosure of Information 2014-11-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04497090

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04497090
Version: 2

HPSBMU03183 r

[ more ]  [ reply ]
[security bulletin] HPSBMU03072 rev.3 - HP Data Protector, Remote Execution of Arbitrary Code 2014-11-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04373818

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04373818
Version: 3

HPSBMU03072 re

[ more ]  [ reply ]
APPLE-SA-2014-11-17-3 Apple TV 7.0.2 2014-11-17
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-11-17-3 Apple TV 7.0.2

Apple TV 7.0.2 is now available and addresses the following:

Apple TV
Available for: Apple TV 3rd generation and later
Impact: An attacker with a privileged network position may cause an
unexpected application te

[ more ]  [ reply ]
APPLE-SA-2014-11-17-2 OS X Yosemite 10.10.1 2014-11-17
Apple Product Security (product-security-noreply lists apple com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-11-17-2 OS X Yosemite 10.10.1

OS X 10.10.1 is now available and addresses the following:

CFNetwork
Available for: OS X Yosemite v10.10
Impact: Website cache may not be fully cleared after leaving private
browsing
Description: A priva

[ more ]  [ reply ]
APPLE-SA-2014-11-17-1 iOS 8.1.1 2014-11-17
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-11-17-1 iOS 8.1.1

iOS 8.1.1 is now available and addresses the following:

CFNetwork
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Website cache may not be fully cleared after leavin

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2014-320-01) 2014-11-16
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2014-320-01)

New mozilla-thunderbird packages are available for Slackware 14.1 to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packag

[ more ]  [ reply ]
[SECURITY] [DSA 3073-1] libgcrypt11 security update 2014-11-16
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3073-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
November 16, 2014

[ more ]  [ reply ]
[security bulletin] HPSBGN03192 rev.1 - HP Remote Device Access: Instant Customer Access Server (iCAS) running OpenSSL, Remote Disclosure of Information 2014-11-14
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04501908

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04501908
Version: 1

HPSBGN03192 re

[ more ]  [ reply ]
CVE-2014-8683 XSS in Gogs Markdown Renderer 2014-11-14
Timo Schmid (tschmid ernw de)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

XSS in Gogs Markdown Renderer
=============================
Researcher: Timo Schmid <tschmid (at) ernw (dot) de [email concealed]>

Description
===========
Gogs(Go Git Service) is a painless self-hosted Git Service written in
Go. (taken
from [1])

It is very similiar to the

[ more ]  [ reply ]
CVE-2014-8682 Multiple Unauthenticated SQL Injections in Gogs 2014-11-14
Timo Schmid (tschmid ernw de)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Unauthenticated SQL Injection in Gogs repository search
=======================================================
Researcher: Timo Schmid <tschmid (at) ernw (dot) de [email concealed]>

Description
===========
Gogs(Go Git Service) is a painless self-hosted Git Service written

[ more ]  [ reply ]
Re: CVE-2014-8732 2014-11-13
cert it nrw de
We successfully contacted the author. He is currently working on patching the issue in the next version.

[ more ]  [ reply ]
Re: CVE-2014-8731 - RCE in phpMemcachedAdmin <=1.2.2 2014-11-13
cert it nrw de
We successfully contacted the author. He is currently working on patching the issue in the next version.

[ more ]  [ reply ]
[security bulletin] HPSBMU03182 rev.1 - HP Server Automation running Bash Shell, Remote Code Execution 2014-11-12
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04497042

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04497042
Version: 1

HPSBMU03182 re

[ more ]  [ reply ]
[SECURITY] [DSA 3050-3] iceweasel security update 2014-11-12
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3050-3 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
November 12, 2014

[ more ]  [ reply ]
Prey Anti-Theft for Android missing SSL certificate validation [STIC-2014-0731] 2014-11-12
Programa STIC (stic fundacionsadosky org ar)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Fundación Dr. Manuel Sadosky - Programa STIC Advisory
www.fundacionsadosky.org.ar

Prey Anti-Theft for Android missing SSL certificate validation

1. *Advisory Information*

Title: Prey Anti-Theft for Android missing SSL certificate validation
Adviso

[ more ]  [ reply ]
CVE-2014-8732 2014-11-12
cert it nrw de
CVE-2014-8732
CVSSv2 Vector:
[AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:U/RC:C]
CVSSv2 Base Score=7.5
CVSSv2 Temp Score=7.5
OWASP Top 10 classification: A3 - Cross Site Scripting

There is a stored xss vulnerability in phpMemcachedAdmin. Most of the user-specified input fields which are displayed on several

[ more ]  [ reply ]
CVE-2014-8731 - RCE in phpMemcachedAdmin <=1.2.2 2014-11-12
cert it nrw de
CVE-2014-8731
CVSSv2 Vector:
[AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:U/RC:C]
CVSSv2 Base Score=10.0
CVSSv2 Temp Score=9.5
OWASP Top 10 classification: A1 - Injection

PHPMemcachedAdmin is a web-based frontend for Linux's memcached Daemon.

Project Homepage:
https://code.google.com/p/phpmemcacheadmin/

[ more ]  [ reply ]
[SECURITY] [DSA 3072-1] file security update 2014-11-12
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3072-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Thijs Kinkhorst
November 11, 2014

[ more ]  [ reply ]
[ESNC-2039348] Multiple Critical Security Vulnerabilities in SAP Governance, Risk and Compliance (SAP GRC) 2014-11-12
ESNC Security (secure esnc de)
[ESNC-2039348] Multiple Critical Security Vulnerabilities in SAP
Governance, Risk and Compliance (SAP GRC)

Please refer to http://www.esnc.de for the original security advisory,
updates and additional information.

------------------------------------------------------------------------

1. Busine

[ more ]  [ reply ]
[security bulletin] HPSBGN03164 rev.1 - HP IceWall SSO Dfw, SSO Certd and MCRP running OpenSSL, Remote Disclosure of Information 2014-11-11
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04496538

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04496538
Version: 1

HPSBGN03164 re

[ more ]  [ reply ]
[security bulletin] HPSBST03154 rev.1 - HP StoreFabric C-series MDS switches and HP C-series Nexus 5K switches running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04487558

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04487558
Version: 1

HPSBST03154 re

[ more ]  [ reply ]
[security bulletin] HPSBST03181 rev.1 - HP StoreEver ESL G3 Tape Library running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04496383

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04496383
Version: 1

HPSBST03181 re

[ more ]  [ reply ]
[security bulletin] HPSBHF03124 rev.2 - HP Thin Clients running Bash Shell, Remote Execution of Code 2014-11-11
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04471546

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04471546
Version: 2

HPSBHF03124 re

[ more ]  [ reply ]
[security bulletin] HPSBMU03165 rev.1 - HP Propel running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04497075

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04497075
Version: 1

HPSBMU03165 re

[ more ]  [ reply ]
[security bulletin] HPSBMU03184 rev.1 - HP SiteScope running SSL, Remote Disclosure of Information 2014-11-11
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04497114

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04497114
Version: 1

HPSBMU03184 re

[ more ]  [ reply ]
(Page 2 of 1569)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus