BugTraq Mode:
(Page 11 of 1675)  < Prev  6 7 8 9 10 11 12 13 14 15 16  Next >
[SECURITY] [DSA 3532-1] quagga security update 2016-03-27
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3532-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
March 27, 2016

[ more ]  [ reply ]
TrendMicro DDI Cross Site Request Forgerys 2016-03-26
hyp3rlinx lycos com
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-DDI-CSRF.txt

Vendor:
====================
www.trendmicro.com

Product:
=========================================
Trend Micro Deep Discovery Inspector

[ more ]  [ reply ]
[SECURITY] [DSA 3531-1] chromum-browser security update 2016-03-26
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3531-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Michael Gilbert
March 25, 2016

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2016-085-02) 2016-03-25
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2016-085-02)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
[slackware-security] libevent (SSA:2016-085-01) 2016-03-25
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] libevent (SSA:2016-085-01)

New libevent packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/libeve

[ more ]  [ reply ]
[SECURITY] [DSA 3530-1] tomcat6 security update 2016-03-25
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3530-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 25, 2016

[ more ]  [ reply ]
[CVE-2016-2163] Stored Cross Site Scripting in Event description 2016-03-25
Maxim Solodovnik (solomax apache org)
Severity: Moderate

Vendor: The Apache Software Foundation

Versions Affected: Apache OpenMeetings 1.9.x - 3.0.7

Description:
When creating an event, it is possible to create clickable URL links in
the event description. These links will be present inside the event details
once a participant enters

[ more ]  [ reply ]
[CVE-2016-2164] Arbitrary file read via SOAP API 2016-03-25
Maxim Solodovnik (solomax apache org)
Severity: Critical

Vendor: The Apache Software Foundation

Versions Affected: Apache OpenMeetings 1.9.x - 3.0.7

Description:
When attempting to upload a file via the API using the
importFileByInternalUserId
or importFile methods in the FileService, it is possible to read arbitrary
files from the s

[ more ]  [ reply ]
[CVE-2016-0783] Predictable password reset token 2016-03-25
Maxim Solodovnik (solomax apache org)
Severity: Critical

Vendor: The Apache Software Foundation

Versions Affected: Apache OpenMeetings 1.9.x - 3.1.0

Description:
The hash generated by the external password reset function is
generated by concatenating the user name and the current system time,
and then hashing it using MD5. This is hi

[ more ]  [ reply ]
[security bulletin] HPSBGN03563 rev.1 - HPE IceWall Products using OpenSSL, Remote Denial of Service (DoS), Local Denial of Service (DoS), Disclosure of Information 2016-03-25
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05052990

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05052990
Version: 1

HPSBGN03563 r

[ more ]  [ reply ]
[security bulletin] HPSBMU03562 rev.2 - HPE Service Manager using Java Deserialization, Remote Arbitrary Code Execution 2016-03-24
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05054565

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05054565
Version: 2

HPSBMU03562 r

[ more ]  [ reply ]
[SYSS-2016-016] innovaphone IP222 - Improper Input Validation 2016-03-24
sven freund syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-016
Product: innovaphone IP222
Manufacturer: innovaphone AG
Affected Version(s): 11r2 sr9
Tested Version(s): 11r2 sr9
Vulnerability Type: Improper Input Validation (CWE-20)
Risk Level: High
Solution Status: Fixed
Manufacturer No

[ more ]  [ reply ]
[SYSS-2016-018] innovaphone IP222 - Improper Restriction of Excessive Authentication Attempts 2016-03-24
sven freund syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-018
Product: innovaphone IP222
Manufacturer: innovaphone AG
Affected Version(s): 11r2 sr9
Tested Version(s): 11r2 sr9
Vulnerability Type: Improper Restriction of Excessive Authentication
Attempts (CWE-307)
R

[ more ]  [ reply ]
[SYSS-2016-017] innovaphone IP222 - Improper Input Validation 2016-03-24
sven freund syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-017
Product: innovaphone IP222
Manufacturer: innovaphone AG
Affected Version(s): 11r2 sr9
Tested Version(s): 11r2 sr9
Vulnerability Type: Improper Input Validation (CWE-20)
Risk Level: High
Solution Status: Fixed
Manufacturer No

[ more ]  [ reply ]
[SECURITY] [DSA 3527-1] inspircd security update 2016-03-24
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3527-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
March 24, 2016

[ more ]  [ reply ]
XSS (Cross Site Scripting) in Social CRM & Community Solutions powered by Lithium in Knowledge base section 2016-03-24
netizen01k gmail com
* Exploit Title: XSS (Cross Site Scripting) in Social CRM & Community Solutions powered by Lithium in Knowledge base section
* Discovery Date: 2016/02/19
* Public Disclosure Date: 2016/03/24
* Exploit Author: Imran Khan
* Contact: netizen01k [at] gmail.com
* Vendor link: http://www.lithium.com/
* Te

[ more ]  [ reply ]
[SECURITY] [DSA 3529-1] redmine security update 2016-03-23
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3529-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 23, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3528-1] pidgin-otr security update 2016-03-23
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3528-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
March 23, 2016

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability 2016-03-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability

Advisory ID: cisco-sa-20160323-l4f

Revision 1.0

For Public Release 2016 March 23 16:00 GMT

+---------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS and NX-OS Software Locator/ID Separation Protocol Packet Denial of Service Vulnerability 2016-03-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS and NX-OS Software Locator/ID Separation Protocol Packet Denial of Service Vulnerability

Advisory ID: cisco-sa-20160323-lisp

Revision 1.0

For Public Release 2016 March 23 16:00 GMT

+-----------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability 2016-03-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability

Advisory ID: cisco-sa-20160323-smi

Revision 1.0

For Public Release 2016 March 23 16:00 GMT

+-----------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability 2016-03-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability

Advisory ID: cisco-sa-20160323-ios-ikev2

Revision 1.0

For Public Release 2016 March 23 16:00 GMT

+---------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability 2016-03-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability

Advisory ID: cisco-sa-20160323-sip

Revision 1.0

For Public Release 2016 March 23 16:00 GMT

+----

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability 2016-03-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability

Advisory ID: cisco-sa-20160323-dhcpv6

Revision 1.0

For Public Release 2016 March 23 16:00 GMT

+---------------------------------------------------

[ more ]  [ reply ]
Hardcoded root password in Zyxel MAX3XX series Wimax CPEs 2016-03-23
Gianni Carabelli (giannicarabelli gmail com)
########################################
#Vulnerability Title: Hardcoded root password in Zyxel MAX3XX series
Wimax CPEs
#Date: 23/03/2016
#Product: Zyxel MAX3XX series CPEs
#Vendor: www.zyxel.com
#Affected Firmware: Latest version at the time of disclosure v 2.00 and
below (tested)
#Patch: Unpatc

[ more ]  [ reply ]
CA20160323-01: Security Notice for CA Single Sign-On Web Agents 2016-03-23
Kotas, Kevin J (Kevin Kotas ca com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

CA20160323-01: Security Notice for CA Single Sign-On Web Agents

Issued: March 23, 2016
Last Updated: March 23, 2016

CA Technologies Support is alerting customers to potential risks with CA
Single Sign-On (CA SSO), formerly known as CA SiteMinder. Mi

[ more ]  [ reply ]
CVE-2016-2166: Apache Qpid Proton python binding silently ignores request for 'amqps' if SSL/TLS not supported 2016-03-23
Ken Giusti (kgiusti redhat com)

Apache Software Foundation - Security Advisory

Apache Qpid Proton python binding silently ignores request for
'amqps' if SSL/TLS not supported.

CVE-2016-2166 CVS: 5.7

Severity: Moderate

Vendor:

The Apache Software Foundation

Versions Affected:

Apache Qpid Proton python API start

[ more ]  [ reply ]
[SECURITY] [DSA 3526-1] libmatroska security update 2016-03-23
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3526-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
March 23, 2016

[ more ]  [ reply ]
Remote Code Execution in DVR affecting over 70 different vendors 2016-03-23
rotem kerner (nullfield gmail com)
0day exploit affecting CCTV DVR of over 70 different vendors. Attached
is a link to the research containing the vulnerability description and
a working exploit. In addition, It discuss the problem in performing
responsible disclosure with white label products.

Full research -
http://www.kerneronsec

[ more ]  [ reply ]
[SECURITY] [DSA 3525-1] pixman security update 2016-03-22
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3525-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
March 22, 2016

[ more ]  [ reply ]
(Page 11 of 1675)  < Prev  6 7 8 9 10 11 12 13 14 15 16  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus