BugTraq Mode:
(Page 3 of 1627)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[security bulletin] HPSBMU03345 rev.1 - HP Network Node Manager i (NNMi) and Smart Plugins (iSPIs) for HP-UX, Linux, Solaris, and Windows, Remote Disclosure of Information, Unauthorized Modification 2015-08-24
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04773241

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04773241
Version: 1

HPSBMU03345 r

[ more ]  [ reply ]
[SYSS-2015-026] Denial of Service (CWE-730) and Overly Restrictive Account Lockout Mechanism (CWE-645) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-026
Product: Page2Flip
Vendor: w!ssenswerft GmbH
Affected Version(s): Premium App 2.5, probably also in Business App
and Basic App, and in lower versions
Tested Version(s): Premium App 2.5
Vulnerability Typ

[ more ]  [ reply ]
[SYSS-2015-027] Cross-Site Scripting (CWE-79) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-027
Product: Page2Flip
Vendor: w!ssenswerft GmbH
Affected Version(s): Premium App 2.5, probably also in Business App
and Basic App, and in lower versions
Tested Version(s): Premium App 2.5
Vulnerability Typ

[ more ]  [ reply ]
[SYSS-2015-028] Cross-Site Scripting (CWE-79) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-028
Product: Page2Flip
Vendor: w!ssenswerft GmbH
Affected Version(s): Premium App 2.5, probably also in Business App
and Basic App, and in lower versions
Tested Version(s): Premium App 2.5
Vulnerability Typ

[ more ]  [ reply ]
[SYSS-2015-029] Insecure Direct Object Reference (CWE-932) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-029
Product: Page2Flip
Vendor: w!ssenswerft GmbH
Affected Version(s): Premium App 2.5, probably also in Business App
and Basic App, and in lower versions
Tested Version(s): Premium App 2.5
Vulnerability Typ

[ more ]  [ reply ]
[SYSS-2015-032] Broken Authentication and Session Management (CWE-930) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-032
Product: Page2Flip
Vendor: w!ssenswerft GmbH
Affected Version(s): Premium App 2.5, probably also in Business App
and Basic App, and in lower versions
Tested Version(s): Premium App 2.5
Vulnerability Typ

[ more ]  [ reply ]
[SYSS-2015-030] Improper Handling of Insufficient Privileges (CWE-274) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-030
Product: Page2Flip
Vendor: w!ssenswerft GmbH
Affected Version(s): Premium App 2.5, probably also in Business App
and Basic App, and in lower versions
Tested Version(s): Premium App 2.5
Vulnerability Typ

[ more ]  [ reply ]
SYSS-2015-033: Missing Function Level Access Control (CWE-935) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-033
Product: Page2Flip
Vendor: w!ssenswerft GmbH
Affected Version(s): Premium App 2.5, probably also in Business App
and Basic App, and in lower versions
Tested Version(s): Premium App 2.5
Vulnerability Typ

[ more ]  [ reply ]
Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation 2015-08-24
ajs swordshield com
Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation

Vendor Website : http://www.sonicwall.com

INDEX
---------------------------------------
1. CVE
2. Background
3. Description
4. Affected Products
5. Solution
6. Credit
7. Disclosure Timeline

1. CVE
-------

[ more ]  [ reply ]
Cross site request forgery vulnerability in Linksys WAG120N 2015-08-23
DonVallejo . (j v vallejo gmail com)
Hello all,

i want to share a problem that i found with Linksys router WAG120N. It
could be possible to modify router's configuration when a user visit a
webpage with an specific <form> (it is a similar problem that i sent
some days ago with Comtrend routers:
http://www.securityfocus.com/archive/1/5

[ more ]  [ reply ]
[SYSS-2015-025] Netop Remote Control - Insufficiently Protected Credentials 2015-08-24
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-025
Product: Netop Remote Control
Vendor: Netop
Affected Version(s): 11.52, 12.11
Tested Version(s): 11.52, 12.11
Vulnerability Type: Use of Hard-coded Cryptographic Key (CWE-321)
Insufficiently Protected Cre

[ more ]  [ reply ]
Logstash vulnerability CVE-2015-5619 2015-08-21
Suyog Rao (suyog elastic co)
Summary:
Logstash 1.5.3 and prior versions are vulnerable to a SSL/TLS security
issue which allows an attacker to successfully implement a man in the
middle attack. This vulnerability is not present in the initial
installation of Logstash. This insecurity is exposed when users
configure Lumberjack o

[ more ]  [ reply ]
[security bulletin] HPSBGN03395 rev.1 - HP KeyView running on HP-UX, Linux, Solaris, Windows, FreeBSD, and AIX, Remote Code Execution 2015-08-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04771027

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04771027
Version: 1

HPSBGN03395 r

[ more ]  [ reply ]
[slackware-security] gnutls (SSA:2015-233-01) 2015-08-21
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] gnutls (SSA:2015-233-01)

New gnutls packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

IMPORTANT: On Slackware 14.0, install the new updated nettle package first.

Here are the details from t

[ more ]  [ reply ]
[security bulletin] HPSBGN03395 rev.1 - HP KeyView running on HP-UX, Linux, Solaris, Windows, FreeBSD, and AIX, Remote Code Execution 2015-08-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04771027

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04771027
Version: 1

HPSBGN03395 r

[ more ]  [ reply ]
Logstash vulnerability CVE-2015-5619 2015-08-21
Suyog Rao (suyog elastic co)
Summary:
Logstash 1.5.3 and prior versions are vulnerable to a SSL/TLS security
issue which allows an attacker to successfully implement a man in the
middle attack. This vulnerability is not present in the initial
installation of Logstash. This insecurity is exposed when users
configure Lumberjack o

[ more ]  [ reply ]
[security bulletin] HPSBUX03410 SSRT102175 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-08-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04774040

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04774040
Version: 1

HPSBUX03410 S

[ more ]  [ reply ]
Re: [SECURITY] [DSA 3325-2] apache2 regression update 2015-08-21
franzskinn gmail com
All my sources are fake packages and my I have a lot of malware in my phone

[ more ]  [ reply ]
APPLE-SA-2015-08-20-1 QuickTime 7.7.8 2015-08-20
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2015-08-20-1 QuickTime 7.7.8

QuickTime 7.7.8 is now available and addresses the following:

QuickTime
Available for: Windows 7 and Windows Vista
Impact: Processing a maliciously crafted file may lead to an
unexpected application termination

[ more ]  [ reply ]
[security bulletin] HPSBUX03369 SSRT102037 rev.1 - HP-UX execve(2), Local Elevation of Privilege 2015-08-20
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04735247

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04735247
Version: 1

HPSBUX03369 S

[ more ]  [ reply ]
[SECURITY] [DSA 3342-1] vlc security update 2015-08-20
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3342-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Alessandro Ghedini
August 20, 2015

[ more ]  [ reply ]
[oCERT-2015-009] VLC arbitrary pointer dereference 2015-08-20
Andrea Barisani (lcars ocert org)

#2015-009 VLC arbitrary pointer dereference

Description:

The VLC media player is an open source media player and streaming media
server.

The stable VLC version suffers from an arbitrary pointer dereference
vulnerability.

The vulnerability affects the 3GP file format parser, insufficient
restric

[ more ]  [ reply ]
UBNT Bug Bounty #3 - Persistent Filename Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
UBNT Bug Bounty #3 - Persistent Filename Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1467

Video: http://www.vulnerability-lab.com/get_content.php?id=1468

Release Date:
=============
2015-08-11

Vuln

[ more ]  [ reply ]
UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1465

#52988

Release Date:
=============
2015-08-17

Vulnerability Laboratory ID (VL-ID):
===========

[ more ]  [ reply ]
WebSolutions India Design CMS - SQL Injection Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
WebSolutions India Design CMS - SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1577

Release Date:
=============
2015-08-20

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
ChiefPDF Software v2.x - Buffer Overflow Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
ChiefPDF Software v2.x - Buffer Overflow Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1578

Release Date:
=============
2015-08-20

Vulnerability Laboratory ID (VL-ID):
================================

[ more ]  [ reply ]
PDF Shaper v3.5 - (MSF) Remote Buffer Overflow Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PDF Shaper v3.5 - (MSF) Remote Buffer Overflow Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1579

Video: https://youtu.be/-HTEIisSiH8

Release Date:
=============
2015-08-16

Vulnerability Laboratory I

[ more ]  [ reply ]
Microsoft HTA (HTML Application) - Remote Code Execution Vulnerability (MS14-064) 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Microsoft HTA (HTML Application) - Remote Code Execution Vulnerability (MS14-064)

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1576

Video: http://youtu.be/Vkswz7vt23M

http://web.nvd.nist.gov/view/vuln/detail?vulnId=

[ more ]  [ reply ]
[SECURITY] [DSA 3341-1] conntrack security update 2015-08-20
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3341-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
August 20, 2015

[ more ]  [ reply ]
(Page 3 of 1627)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus