BugTraq Mode:
(Page 15 of 1565)  < Prev  10 11 12 13 14 15 16 17 18 19 20  Next >
[security bulletin] HPSBMU03079 rev.1 - HP Service Manager, Multiple Vulnerabilities 2014-08-22
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04388127

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04388127
Version: 1

HPSBMU03079 re

[ more ]  [ reply ]
DoS attacks (ICMPv6-based) resulting from IPv6 EH drops 2014-08-22
Fernando Gont (fgont si6networks com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Folks,

Ten days ago or so we published this I-D:
<http://www.ietf.org/internet-drafts/draft-gont-v6ops-ipv6-ehs-in-real-w
orld-00.txt>

Section 5.2 of the I-D discusses a possible attack vector based on a
combination of "forged" ICMPv6 PTB messages and

[ more ]  [ reply ]
[security bulletin] HPSBST03098 rev.1 - HP StoreEver MSL6480 Tape Library running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04406535

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04406535
Version: 1

HPSBST03098 re

[ more ]  [ reply ]
CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability 2014-08-21
Herbert Duerr (hdu apache org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2014-3524
OpenOffice Calc Command Injection Vulnerability

Severity: Important
Vendor: The Apache Software Foundation

Versions Affected:
Apache OpenOffice 4.1.0 and older on Windows.
OpenOffice.org versions may also be affected.

Description:
Th

[ more ]  [ reply ]
CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects 2014-08-21
Herbert Duerr (hdu apache org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2014-3575
OpenOffice Targeted Data Exposure Using Crafted OLE Objects

Severity: Important
Vendor: The Apache Software Foundation

Versions Affected:
Apache OpenOffice 4.1.0 and older on Windows.
OpenOffice.org versions are also affected.

Descrip

[ more ]  [ reply ]
[SECURITY] [DSA 3009-1] python-imaging security update 2014-08-21
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3009-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
August 21, 2014

[ more ]  [ reply ]
[CVE-2014-5335] CSRF in Innovaphone PBX 2014-08-21
rg nsideattacklogic de
Title: Innovaphone PBX Admin-GUI CSRF
Impact: High
CVSS2 Score: 7.8 (AV:N/AC:M/Au:S/C:P/I:C/A:C/E:F/RL:U/RC:C)
Announced: August 21, 2014
Reporter: Rainer Giedat (NSIDE ATTACK LOGIC GmbH, www.nsideattacklogic.de)
Products: Innovaphone PBX Administration GUI
Affected Versions: all known versions (tes

[ more ]  [ reply ]
[SECURITY] [DSA 3008-2] php5 regression update 2014-08-21
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3008-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
August 21, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 2940-1] libstruts1.2-java security update 2014-08-21
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2940-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
Aug 21, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 3008-1] php5 security update 2014-08-21
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3008-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
August 21, 2014

[ more ]  [ reply ]
ToorCon 16 Call For Papers! 2014-08-20
h1kari toorcon org
TOORCON 16 CALL FOR PAPERS

It's that time of year again! ToorCon 16 is coming so get your code finished and submit a talk this time around. We're letting you decide if you want to be a part of our 50-minute talks on Saturday, 20-minute talks on Sunday, and 75-minute talks for our Deep Knowledge Sem

[ more ]  [ reply ]
ArcGIS for Server Vulnerability Disclosure 2014-08-20
Romano, Christian (cromano caanes com)
Product: ArcGIS for Server
Vendor: ESRI
Vulnerable Version: 10.1.1
Tested Version: 10.1.1
Vendor Notification: June 19, 2014
Public Disclosure: August 15, 2014
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-5121
Risk Level: Medium
CVSSv2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N

[ more ]  [ reply ]
CVE-2014-4973 - Privilege Escalation in ESET Windows Products 2014-08-20
Portcullis Advisories (advisories portcullis-security com)
Vulnerability title: Privilege Escalation in ESET Windows Products
CVE: CVE-2014-4973
Vendor: ESET
Product: ESET Windows Products
Affected version: v5.0 - 7.0 (Firewall Module Build 1183 (20140214) and
earlier)
Fixed version: v6 - v7 (Firewall Module Build 1212 (20140609))
Reported by: Kyriakos Econ

[ more ]  [ reply ]
SQL Injection Vulnerability in ArticleFR 2014-08-20
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23225
Product: ArticleFR
Vendor: Free Reprintables
Vulnerable Version(s): 3.0.4 and probably prior
Tested Version: 3.0.4
Advisory Publication: July 23, 2014 [without technical details]
Vendor Notification: July 23, 2014
Public Disclosure: August 20, 2014
Vulnerability Type: SQL I

[ more ]  [ reply ]
CVE-2014-5307 - Privilege Escalation in Panda Security Products 2014-08-20
Portcullis Advisories (advisories portcullis-security com)
Vulnerability title: Privilege Escalation in Panda Security
CVE: CVE-2014-5307
Vendor: Panda Security
Product: Multiple
Affected version: Panda 2014 Products
Fixed version: Hotfix hft131306s24_r1
Reported by: Kyriakos Economou

Details:

Latest, and possibly earlier builds, of the PavTPK.sys kernel

[ more ]  [ reply ]
[SECURITY] [DSA 3007-1] cacti security update 2014-08-20
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3007-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
August 20, 2014

[ more ]  [ reply ]
Deutsche Telekom CERT Advisory [DTC-A-20140820-001] check_mk vulnerabilities 2014-08-20
CERT telekom de
Deutsche Telekom CERT Advisory [DTC-A-20140820-001]

Summary:
Several vulnerabilities were found in check_mk prior versions 1.2.4p4 and 1.2.5i4.
The vulnerabilities are:
1 - Reflected Cross-Site Scripting (XSS)
2 - write access to config files (.mk files)
3 - arbitrary code execution

Recommend

[ more ]  [ reply ]
ICETC2014 - IEEE Extended Submission until Aug. 28, 2014 2014-08-20
jackie sdiwc info
Apologies for cross-posting.
Kindly forward to those who may be of interest.
=======================================================================
International Conference on Education Technologies and Computers
(ICETC2014)
Lodz University of Technology, Lodz, Poland

[ more ]  [ reply ]
[security bulletin] HPSBUX03095 SSRT101674 rev.1 - HP-UX running OpenSSL, Multiple Vulnerabilities 2014-08-19
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04404655

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04404655
Version: 1

HPSBUX03095 SS

[ more ]  [ reply ]
[security bulletin] HPSBUX03092 SSRT101668 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2014-08-19
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04398943

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04398943
Version: 1

HPSBUX03092 SS

[ more ]  [ reply ]
[security bulletin] HPSBUX03091 SSRT101667 rev.1 - HP-UX running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2014-08-19
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04398922

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04398922
Version: 1

HPSBUX03091 SS

[ more ]  [ reply ]
[security bulletin] HPSBMU03101 rev.1 - HP Asset Manager, CloudSystem Chargeback, running OpenSSL, Remote Disclosure of Information or Unauthorized Access 2014-08-19
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04401858

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04401858
Version: 1

HPSBMU03101 re

[ more ]  [ reply ]
[security bulletin] HPSBMU03094 rev.1 - HP Connect-IT, running OpenSSL, Remote Disclosure of Information or Unauthorized Access 2014-08-19
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04401666

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04401666
Version: 1

HPSBMU03094 re

[ more ]  [ reply ]
[Call For Papers] RiseCON - Rosario, Argentina 2014-08-19
Info RiseCON (info risecon org)
RiseCON - Rosario Information Security Conference 2014
www.risecon.org
Fechas: 6 y 7 de noviembre de 2014
Locación: Plataforma Lavarden (Av Mendoza 1085) - Rosario, Santa Fe, Argentina

RiseCON es el primer y mayor evento de seguridad informática y hacking
realizado en la ciudad de Rosario, con

[ more ]  [ reply ]
ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerabilities 2014-08-19
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerabilities

EMC Identifier: ESA-2014-071

CVE Identifier: CVE-2014-2517, CVE-2014-2505, CVE-2014-0640, CVE-2014-0641

Severity Rating: CVSS v2 Base Score: See below for individual scores

[ more ]  [ reply ]
[CVE-2014-0232] Apache OFBiz Cross-site scripting (XSS) vulnerability 2014-08-19
Jacopo Cappellato (jacopoc apache org)
CVE-2014-0232: Apache OFBiz Cross-site scripting (XSS) vulnerability

Severity: Important

Vendor:
The Apache Software Foundation

Versions Affected:
Apache OFBiz 11.04.01 to 11.04.04
Apache OFBiz 12.04.01 to 11.04.03
The unsupported Apache OFBiz 09.04.x, 10.04.x versions may be also affected

Desc

[ more ]  [ reply ]
ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities 2014-08-18
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities

EMC Identifier: ESA-2014-079

CVE Identifier: See below for individual CVEs

Severity Rating: CVSS v2 Base Score: See below for individual CVSS score for each CVE

Affecte

[ more ]  [ reply ]
ESA-2014-067: EMC Documentum D2 Privilege Escalation Vulnerability 2014-08-18
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-067: EMC Documentum D2 Privilege Escalation Vulnerability

EMC Identifier: ESA-2014-067

CVE Identifier: CVE-2014-2515

Severity: CVSSv2 Base Score: 8.5 (AV:N/AC:M/Au:S/C:C/I:C/A:C)

Affected products:

? EMC Documentum D2 3.1 and

[ more ]  [ reply ]
ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities 2014-08-18
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities

EMC Identifier: ESA-2014-059

CVE Identifier: CVE-2014-2511

Severity Rating: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Affected products:

? EMC WebTop 6

[ more ]  [ reply ]
ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities 2014-08-18
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities

EMC Identifier: ESA-2014-073

CVE Identifier: CVE-2014-2518

Severity Rating: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Affected products:

? EMC Do

[ more ]  [ reply ]
(Page 15 of 1565)  < Prev  10 11 12 13 14 15 16 17 18 19 20  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus