BugTraq Mode:
(Page 14 of 1527)  < Prev  9 10 11 12 13 14 15 16 17 18 19  Next >
[ MDVSA-2014:027 ] php 2014-02-12
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:027
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
ASUS RT Series Routers FTP Service - Default anonymous access 2014-02-12
kyle Lovett (krlovett gmail com) (1 replies)
Five ASUS RT series routers suffer from a vendor vulnerability that
default FTP service to anonymous access, full read/write permissions.
The service, which is activated from the administrative console does
not give proper instructions nor indications that the end user needs
to manually add a user t

[ more ]  [ reply ]
Re: ASUS RT Series Routers FTP Service - Default anonymous access 2014-02-12
kyle Lovett (krlovett gmail com)
APPLE-SA-2014-02-11-1 Boot Camp 5.1 2014-02-12
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-02-11-1 Boot Camp 5.1

Boot Camp 5.1 is now available and addresses the following:

Boot Camp
Available for: Macs running Boot Camp 5
Impact: Loading a malformed executable file may cause memory
corruption in the kernel
Description: A b

[ more ]  [ reply ]
Mybb All Version Denial of Service Vulnerability 2014-02-12
iedb team gmail com
###########################

# Mybb All Version Denial of Service Vulnerability

###########################

#!/usr/bin/perl
#################################
#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@ @@@ @@

[ more ]  [ reply ]
[ MDVSA-2014:026 ] openldap 2014-02-12
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:026
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
jDisk (stickto) v2.0.3 iOS - Multiple Web Vulnerabilities 2014-02-12
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
jDisk (stickto) v2.0.3 iOS - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1196

Release Date:
=============
2014-02-12

Vulnerability Laboratory ID (VL-ID):
=============================

[ more ]  [ reply ]
[SECURITY] [DSA 2850-2] libyaml regression update 2014-02-12
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2850-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
February 12, 2014

[ more ]  [ reply ]
[CVE-2014-1903] FreePBX 2.9 through 12 RCE 2014-02-11
rob thomas schmoozecom com
Overview:
Unauthenticated user-level Remote Code Execution (RCE) vulnerability in admin/config.php, the main interface to FreePBX. This bug was introduced in FreePBX 2.9, earlier versions are not affected.

Score - 8.4
(AV:N/AC:L/Au:N/C:P/I:P/A:C/E:H/RL:OF/RC:C/CDP:MH/TD:ND/CR:L/IR:L/AR:M)

Refere

[ more ]  [ reply ]
[SECURITY] [DSA 2860-1] parcimonie security update 2014-02-11
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2860-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
February 11, 2014

[ more ]  [ reply ]
[ MDVSA-2014:025 ] pidgin 2014-02-11
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:025
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
WiFi Camera Roll v1.2 iOS - Multiple Web Vulnerabilities 2014-02-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
WiFi Camera Roll v1.2 iOS - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1192

Release Date:
=============
2014-02-08

Vulnerability Laboratory ID (VL-ID):
==============================

[ more ]  [ reply ]
Wordpress all_in_one_carousel Plugin /XSS/CSRF/ Vuln 2014-02-10
iedb team gmail com


# Exploit :

<center><b>Wordpress all_in_one_carousel Plugin Xss & Csrf Vulnerability

</center><br><br>
<html>
<head>
<title>Wordpress all_in_one_carousel Plugin Xss & Csrf Vulnerability [IeDb TeaM]</title>
</head><body>
<form
action=\"http://YourTarget.Com\"
id=\"formid\" method=\"post\">

[ more ]  [ reply ]
[mwrlabs advisory][CVE-2014-0748] Cray Aprun/Apinit Privilege Escalation 2014-02-10
john fitzpatrick mwrinfosecurity com
Cray Aprun/Apinit Privilege Escalation
======================================

MWR have identified a vulnerability which allows users to escalate their privileges to root on Cray supercomputers. This advisory details the vulnerability and the patches which Cray customers can apply in order to mitiga

[ more ]  [ reply ]
[SECURITY] [DSA 2859-1] pidgin security update 2014-02-10
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2859-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
February 10, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2858-1] iceweasel security update 2014-02-10
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2858-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
February 10, 2014

[ more ]  [ reply ]
Open-Xchange Security Advisory 2014-02-10 2014-02-10
Martin Braun (martin braun open-xchange com)
Product: Open-Xchange AppSuite
Vendor: Open-Xchange GmbH

Internal reference: 30820 (Bug ID)
Vulnerability type: CWE-80 (Improper Neutralization of Script-Related HTML Tags in a Web Page)
Vulnerable version: 7.4.1 and earlier
Vulnerable component: backend
Fixed version: 7.2.2-rev31, 7.4.0-rev27, 7.4

[ more ]  [ reply ]
Phpbb Forum Denial of Service Vulnerability 2014-02-10
iedb team gmail com
#!/usr/bin/perl
#################################
#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@
# @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@
#

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2014-039-02) 2014-02-08
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2014-039-02)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
ASUS AiCloud Enabled Routers 12 Models - Authentication bypass and Sensitive file/path disclosure 2014-02-08
kyle Lovett (krlovett gmail com)
ASUS routers, which are enabled with the AiCloud service (SSL ports),
are vulnerable to bypass of authentication and sensitive file
disclosure. This vulnerability has been observed in all firmware
versions, though the latest version increases the complexity of the
attack. By sending a special crafte

[ more ]  [ reply ]
[slackware-security] seamonkey (SSA:2014-039-03) 2014-02-08
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] seamonkey (SSA:2014-039-03)

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packag

[ more ]  [ reply ]
#CONFidence 2014- Call for Papers, only 0111 days left to become CONFidence ninja 2014-02-08
Andrzej Targosz (andrzej targosz proidea org pl)
It should be a boring, long CfP but we decided to cut it;-) So, just few points:

#CONFidence 2014 - Call for Papers - 27-28.05.2014 Krakow, Poland
The conference will take place on 27-28th of May 2014, once again in Krakow. As always it will be happening in between BerlinSides and PXE, so that if y

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2014-039-01) 2014-02-08
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2014-039-01)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
[SECURITY] [DSA 2857-1] libspring-java security update 2014-02-08
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2857-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Markus Koschany
February 08, 2014

[ more ]  [ reply ]
[oCERT-2014-001] MantisBT input sanitization errors 2014-02-08
Andrea Barisani (lcars ocert org)

#2014-001 MantisBT input sanitization errors

Description:

The MantisBT web-based bugtracking system suffers from SQL injection
vulnerabilities caused by insufficient input sanitization.

The MantisBT SOAP API uses the unsafe db_query() function allowing a
specially crafted tag within the envelope

[ more ]  [ reply ]
[SECURITY] [DSA 2856-1] libcommons-fileupload-java security update 2014-02-07
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2856-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Florian Weimer
February 07, 2014

[ more ]  [ reply ]
WHMCS Denial of Service Vulnerability 2014-02-07
iedb team gmail com
#!/usr/bin/perl
#################################
#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@
# @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@
#

[ more ]  [ reply ]
Facebook Bug Bounty #12 - Client Side Exception Web Vulnerability 2014-02-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Facebook Bug Bounty #12 - Client Side Exception Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1190

Facebook Security ID: 186072579

Release Date:
=============
2014-02-07

Vulnerability Laboratory

[ more ]  [ reply ]
gpEasy v4.3.x CMS - Multiple Web Vulnerabilities 2014-02-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
gpEasy v4.3.x CMS - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1189

Release Date:
=============
2014-02-06

Vulnerability Laboratory ID (VL-ID):
====================================
1

[ more ]  [ reply ]
Information on recently-fixed Oracle VM VirtualBox vulnerabilities 2014-02-07
Matthew Daley (mattd bugfuzz com)
Hi there,

Recently I found a few vulnerabilities in Oracle VM VirtualBox, the
open-source virtualization product. These have already been reported to the
project, fixed and disclosed in the form of the recent January 2014 Oracle
Critical Patch Update (at
<http://www.oracle.com/technetwork/topics/se

[ more ]  [ reply ]
(Page 14 of 1527)  < Prev  9 10 11 12 13 14 15 16 17 18 19  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus