BugTraq Mode:
(Page 14 of 524)  < Prev  9 10 11 12 13 14 15 16 17 18 19  Next >
[SECURITY] [DSA 3767-1] mysql-5.5 security update 2017-01-19
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3767-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
January 19, 2017

[ more ]  [ reply ]
Novel Contributions to the field - How I broke MySQL's code-base (Part 2) [CVE-2016-5541] MySQL cluster remote 0day 2017-01-19
Nicholas Lemonias. (lem nikolas googlemail com)
************************************************************************
************
*
*
* Copyright (c) 2017, Advanced Information Security Corp / Oracle Inc. *
*
*
*

[ more ]  [ reply ]
Novel Contributions to the Field - How I broke MySQL's codebase (Part 2) [CVE-2016-5541] MySQL Cluster 0day 2017-01-18
lem nikolas gmail com
**************************************************
(c) 2017 Advanced Information Security Corporation and Oracle Inc.

**************************************************

Author: Nicholas Lemonias
Date: 17/01/2017

MySQL Remote 0day / Remote Buffer Overflows in 'NDBAPI' Cluster

Full report

[ more ]  [ reply ]
[RCESEC-2016-012] Mattermost <= 3.5.1 "/error" Unauthenticated Reflected Cross-Site Scripting / Content Injection 2017-01-18
Julien Ahrens (info rcesecurity com)
RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: Mattermost
Vendor URL: www.mattermost.org
Type: Cross-site Scripting [CWE-79]
Date found: 02/12/2016
Date published: 16/01/2017
CVSSv3 Score: 4.7 (CVSS:3.0/AV:N/AC:

[ more ]  [ reply ]
[security bulletin] HPSBMU03685 rev.1 - HPE Insight Control server provisioning (ICsp), Multiple Remote Vulnerabilities 2017-01-18
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053769
17

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05376917

Version: 1

HPSBMU03685 rev.1

[ more ]  [ reply ]
ESA-2016-161: EMC Isilon OneFS LDAP Injection Vulnerability 2017-01-18
EMC Product Security Response Center (Security_Alert emc com)

----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-161: EMC Isilon OneFS LDAP Injection Vulnerability

EMC Identifier: ESA-2016-161

CVE Identifier: CVE-2016-9870

Severity Rating: CVSS v3 Base Score: 6.0 (AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N)

Affected products:

? EMC Isilon

[ more ]  [ reply ]
ESA-2016-143: EMC Documentum Webtop and Clients Stored Cross-Site Scripting Vulnerability 2017-01-18
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-143: EMC Documentum Webtop and Clients Stored Cross-Site Scripting Vulnerability

EMC Identifier: ESA-2016-143

CVE Identifier: CVE-2016-8213

Severity Rating: CVSS v3 Base Score: 6.5 (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)

Affected p

[ more ]  [ reply ]
[SECURITY] CVE-2016-8748: Apache NiFi XSS vulnerability in connection details dialogue 2017-01-16
Joe Witt (joewitt apache org)
CVE-2016-8748: Apache NiFi XSS vulnerability in connection details dialogue

Severity: Moderate

Vendor: The Apache Software Foundation

Versions Affected:
Apache NiFi 1.0.0
Apache NiFi 1.1.0

Description: There is a cross-site scripting vulnerability in
connection details dialog when accessed by an

[ more ]  [ reply ]
[SECURITY] [DSA 3765-1] icoutils security update 2017-01-14
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3765-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
January 14, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3743-2] python-bottle regression update 2017-01-15
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3743-2 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
January 15, 2017

[ more ]  [ reply ]
[security bulletin] HPSBGN03689 rev.1 - HPE Diagnostics, Remote Cross-Site Scripting and Click Jacking 2017-01-13
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053701
00

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05370100

Version: 1

HPSBGN03689 rev.1

[ more ]  [ reply ]
[security bulletin] HPSBST03671 rev.2 - HPE StoreEver MSL6480 Tape Library Management Interface, Multiple Remote Vulnerabilities 2017-01-13
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053332
97

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05333297

Version: 2

HPSBST03671 rev.2

[ more ]  [ reply ]
[SECURITY] [DSA 3764-1] pdns security update 2017-01-13
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3764-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
January 13, 2017

[ more ]  [ reply ]
[security bulletin] HPSBGN03694 rev.1 - HPE SiteScope, Remote Disclosure of Information 2017-01-12
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053694
03

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05369403

Version: 1

HPSBGN03694 rev.1

[ more ]  [ reply ]
ICMPv6 PTBs and IPv6 frag filtering (particularly at BGP peers) 2017-01-12
Fernando Gont (fgont si6networks com)
Folks,

I'm curious about whether folks are filtering ICMPv6 PTB<1280
and/or IPv6 fragments targeted to BGP routers (off-list datapoints are
welcome).

In any case, you mind find it worth reading to check if you're affected
(from Section 2 of recently-published RFC8021):

---- cut here ----
The s

[ more ]  [ reply ]
[SECURITY] [DSA 3760-1] ikiwiki security update 2017-01-12
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3760-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
January 12, 2017

[ more ]  [ reply ]
CVE-2017-5350: Unexpected SystemUI FC driven by arbitrary application 2017-01-12
unlimitsec gmail com
Description of the potential vulnerability:Lack of appropriate exception handling in some applications allows attackers to make a systemUI crash easily resulting in a possible DoS attack
Affected versions: L(5.0/5.1), M(6.0), and N(7.0)
Disclosure status: Privately disclosed.
The patch prevents sys

[ more ]  [ reply ]
[slackware-security] bind (SSA:2017-011-01) 2017-01-12
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] bind (SSA:2017-011-01)

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------

[ more ]  [ reply ]
[slackware-security] gnutls (SSA:2017-011-02) 2017-01-12
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] gnutls (SSA:2017-011-02)

New gnutls packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packag

[ more ]  [ reply ]
CA20170109-01: Security Notice for CA Service Desk Manager 2017-01-12
Kotas, Kevin J (Kevin Kotas ca com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

CA20170109-01: Security Notice for CA Service Desk Manager

Issued: January 10, 2017
Last Updated: January 10, 2017

CA Technologies support is alerting customers to a potential risk
with CA Service Desk Manager. A vulnerability exists in RESTful
web

[ more ]  [ reply ]
[SECURITY] [DSA 3758-1] bind9 security update 2017-01-11
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3758-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Florian Weimer
January 11, 2017

[ more ]  [ reply ]
Multiple Vulnerabilities in cPanel 2017-01-11
Open Security (open opensecurity ca)
===[ Introduction ]===

cPanel offers web hosting software that automates the intricate workings
of web hosting servers.
cPanel equips server administrators with the necessary tools to provide
top-notch hosting to customers on tens of thousands of servers worldwide.

===[ Description ]===

I) Cross

[ more ]  [ reply ]
IKEv1 cipher suite configuration mismatch in Siemens SIMATIC CP 343-1 Advanced 2017-01-11
Andrea Barisani (andrea inversepath com)

The following issue has been reported to Siemens ProductCERT in relation to
Siemens Security Advisory SSA-603476, published on 2016-11-21.

The issue has been treated with lower priority and treated outside the scope
of SSA-603476 due to its lower security impact.

As the finding is now addressed [

[ more ]  [ reply ]
[SECURITY] [DSA 3757-1] icedove security update 2017-01-11
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3757-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
January 11, 2017

[ more ]  [ reply ]
Re: [oss-security] Docker 1.12.6 - Security Advisory 2017-01-11
Andreas Stieger (astieger suse com)

On 01/11/2017 03:29 AM, Kurt Seifried wrote:
> On Tue, Jan 10, 2017 at 6:58 PM, Nathan McCauley <nathan.mccauley (at) docker (dot) com [email concealed]
>> [CVE-2016-9962] Insecure opening of file-descriptor allows privilege
>> escalation
>>
>> [...]
>> Credit for this discovery goes to Aleksa Sarai from SUSE and Tõnis Tiigi

[ more ]  [ reply ]
Cobi Tools v1.0.8 iOS - Persistent Web Vulnerability 2017-01-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Cobi Tools v1.0.8 iOS - Persistent Web Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2028

Release Date:
=============
2017-01-10

Vulnerability Laboratory ID (VL-ID):
=================================

[ more ]  [ reply ]
Bit Defender #39 - Auth Token Bypass Vulnerability 2017-01-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Bit Defender #39 - Auth Token Bypass Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1683

Release Date:
=============
2017-01-09

Vulnerability Laboratory ID (VL-ID):
====================================

[ more ]  [ reply ]
BlackBoard LMS 9.1 SP14 - (Title) Persistent Vulnerability 2017-01-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
BlackBoard LMS 9.1 SP14 - (Title) Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1901

Release Date:
=============
2017-01-10

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
Blackboard LMS 9.1 SP14 - (Profile) Persistent Vulnerability 2017-01-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Blackboard LMS 9.1 SP14 - (Profile) Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1900

Release Date:
=============
2017-01-09

Vulnerability Laboratory ID (VL-ID):
=========================

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-17:01.openssh 2017-01-11
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-17:01.openssh Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability 2017-01-10
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability

EMC Identifier: ESA-2016-096

CVE Identifier: CVE-2016-0917

Severity Rating: CVSS v3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affec

[ more ]  [ reply ]
Directadmin ControlPanel 1.50.1 denial of service Vulnerability 2017-01-10
iedb team gmail com
DirectAdmin Control Panel version 1.50.1 suffers from a denial of service vulnerability.

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@
# @@@

[ more ]  [ reply ]
ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability 2017-01-10
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability

EMC Identifier: ESA-2016-096

CVE Identifier: CVE-2016-0917

Severity Rating: CVSS v3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affec

[ more ]  [ reply ]
ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability 2017-01-10
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability

EMC Identifier: ESA-2016-096

CVE Identifier: CVE-2016-0917

Severity Rating: CVSS v3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affec

[ more ]  [ reply ]
Directadmin ControlPanel 1.50.1 Cross-Site-Scripting Vulnerability 2017-01-10
iedb team gmail com
DirectAdmin Control Panel version 1.50.1 suffers from a cross site scripting vulnerability.

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@
# @@

[ more ]  [ reply ]
QuickBooks 2017 Admin Credentials Disclosure 2017-01-06
info thegrideon com
+ Credits: Maxim Tomashevich
+ Website: https://www.thegrideon.com/quickbooks-forensics.html
+ Details: https://www.thegrideon.com/qb-internals-2017.html

Vendor:
---------------------
www.intuit.com
www.intuit.ca

Product:
---------------------
QuickBooks Desktop
versions: 2017

Vulnerability Ty

[ more ]  [ reply ]
[SECURITY] [DSA 3753-1] libvncserver security update 2017-01-05
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3753-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
January 05, 2017

[ more ]  [ reply ]
[SECURITY][UPDATE] CVE-2016-8745 Apache Tomcat Information Disclosure 2017-01-05
Mark Thomas (markt apache org)
CVE-2016-8745 Apache Tomcat Information Disclosure

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
Apache Tomcat 9.0.0.M1 to 9.0.0.M13
Apache Tomcat 8.5.0 to 8.5.8
Apache Tomcat 8.0.0.RC1 to 8.0.39 (new)
Apache Tomcat 7.0.0 to 7.0.73 (new)
Apache Tomcat 6.0.16 to 6.0

[ more ]  [ reply ]
ESA-2016-157: EMC ScaleIO Multiple Vulnerabilities 2017-01-05
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-157: EMC ScaleIO Multiple Vulnerabilities

EMC Identifier: ESA-2016-157

CVE Identifier: CVE-2016-9867, CVE-2016-9868, CVE-2016-9869

Severity Rating: CVSS v3Base Score: See below for individual scores

Affected products:

EMC Scale

[ more ]  [ reply ]
[security bulletin] HPSBGN03688 rev.1 - HPE Operations Orchestration, Remote Code Execution 2017-01-03
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053619
44

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05361944

Version: 1

HPSBGN03688 rev.1

[ more ]  [ reply ]
[SECURITY] [DSA 3750-2] libphp-phpmailer regression update 2017-01-03
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3750-2 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Thijs Kinkhorst
January 3, 2017

[ more ]  [ reply ]
0-day: QNAP NAS Devices suffer of heap overflow 2016-12-31
bashis (mcw noemail eu)
Greetings,

Twice I tried to use the QNAP Web page (https://aid.qnap.com/event/_module/nas/safe_report/) for reporting vulnerability, and twice I got mailer-daemon back.

So, Iâ??ll post my vulnerabilities here instead (Was not meant to be 0-dayâ?¦ whatever).

Have a nice day (and happy new ye

[ more ]  [ reply ]
[SECURITY] [DSA 3750-1] libphp-phpmailer security update 2016-12-31
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3750-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Thijs Kinkhorst
December 31, 2016

[ more ]  [ reply ]
[slackware-security] seamonkey (SSA:2016-365-03) 2016-12-30
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] seamonkey (SSA:2016-365-03)

New seamonkey packages are available for Slackware 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packag

[ more ]  [ reply ]
Fwd: [ANNOUNCE] CVE-2016-6793 Apache Wicket deserialization vulnerability 2016-12-31
Pedro Santos (pedrosans gmail com)
Forwarding the message em plain text mode to:

- be accepted by securityfocus's mail server ( didn't accepted MIME
Content-Type 'multipart/alternative' )
- add oss-security (at) lists.openwall (dot) com [email concealed] at the open receiver ( openwall
is not accepting emails if in BCC)
- adding missing Apache's security team (

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2016-365-02) 2016-12-30
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2016-365-02)

New mozilla-thunderbird packages are available for Slackware 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+----------------------

[ more ]  [ reply ]
[slackware-security] libpng (SSA:2016-365-01) 2016-12-30
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] libpng (SSA:2016-365-01)

New libpng packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+----------------------

[ more ]  [ reply ]
[CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage 2016-12-28
Oleksandr Rudyy (orudyy gmail com)
[CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage

Vendor: The Apache Software Foundation

Versions Affected: Apache Qpid Broker for Java versions 6.0.1,
6.0.2, 6.0.3, 6.0.4, 6.0.5, and 6.1.0

Description:

The Qpid Broker for Java can be configured to use differen

[ more ]  [ reply ]
PHPMailer < 5.2.20 Remote Code Execution PoC 0day Exploit (CVE-2016-10045) (Bypass of the CVE-2016-1033 patch) 2016-12-28
Dawid Golunski (dawid legalhackers com)
PHPMailer < 5.2.20 Remote Code Execution PoC 0day Exploit
(CVE-2016-10045) (Bypass of the CVE-2016-1033 patch)

Discovered by Dawid Golunski (@dawid_golunski)
https://legalhackers.com

Desc:

I discovered that the current PHPMailer versions (< 5.2.20) were still
vulnerable to RCE as it is possible t

[ more ]  [ reply ]
PHPMailer < 5.2.18 Remote Code Execution [updated advisory] [CVE-2016-10033] 2016-12-27
Dawid Golunski (dawid legalhackers com)
PHPMailer < 5.2.18 Remote Code Execution
CVE-2016-10033

Here's an updated version of the advisory with more details + simple PoC.

Still incomplete. There will be more updates/exploits soon at:

https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-C
VE-2016-10033-Vuln.html

https:/

[ more ]  [ reply ]
[SECURITY] [DSA 3746-1] graphicsmagick security update 2016-12-24
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3746-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
December 24, 2016

[ more ]  [ reply ]
[slackware-security] expat (SSA:2016-359-01) 2016-12-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] expat (SSA:2016-359-01)

New expat packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+-------------------------

[ more ]  [ reply ]
[slackware-security] openssh (SSA:2016-358-02) 2016-12-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] openssh (SSA:2016-358-02)

New openssh packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+---------------------

[ more ]  [ reply ]
[slackware-security] httpd (SSA:2016-358-01) 2016-12-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] httpd (SSA:2016-358-01)

New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages

[ more ]  [ reply ]
XAMPP Control Panel Memory Corruption Denial Of Service 2016-12-24
apparitionsec gmail com (HYP3RLINX)
[+] Credits: John Page (hyp3rlinx)

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/XAMPP-CONTROL-PANEL-MEMORY-CO
RRUPTION-DOS.txt

[+] ISR: ApparitionSec

Vendor:
=====================
www.apachefriends.org

Product:
===================
XAMPP Cont

[ more ]  [ reply ]
[SECURITY] [DSA 3744-1] libxml2 security update 2016-12-23
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3744-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
December 23, 2016

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-16:39.ntp 2016-12-22
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-16:39.ntp Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
CVE-2014-4138: MSIE 11 MSHTML CPaste­Command::Convert­Bitmapto­Png heap-based buffer overflow 2016-12-21
Berend-Jan Wever (berendj nwever nl)
Since November I have been releasing details on all vulnerabilities I
found that I have not released before. This is the 37th entry in the
series. This information is available in more detail on my blog at
http://blog.skylined.nl/20161221001.html. There you can find a repro
that triggered this issue

[ more ]  [ reply ]
[SECURITY] [DSA 3732-2] php-ssh2 regression update 2016-12-21
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3732-2 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
December 21, 2016

[ more ]  [ reply ]
ASP.NET Core 5-RC1 HTTP Header Injection 2016-12-21
Advisories (advisories compass-security com)
#############################################################
#
# COMPASS SECURITY ADVISORY
# http://www.csnc.ch/en/downloads/advisories.html
#
#############################################################
#
# Product: ASP.NET Core
# Vendor: Microsoft https://www.microsoft.com
# CSNC ID: CSNC

[ more ]  [ reply ]
[SECURITY] [DSA 3743-1] python-bottle security update 2016-12-20
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3743-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
December 20, 2016

[ more ]  [ reply ]
CVE-2014-1785: MSIE 11 MSHTML CSpliceTreeEngine::RemoveSplice use-after-free 2016-12-20
Berend-Jan Wever (berendj nwever nl)
Since November I have been releasing details on all vulnerabilities I
found that I have not released before. This is the 36th entry in the
series. This information is available in more detail on my blog at
http://blog.skylined.nl/20161220001.html. There you can find a repro
that triggered this issue

[ more ]  [ reply ]
[SECURITY] [DSA 3738-1] tomcat7 security update 2016-12-18
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3738-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
December 18, 2016

[ more ]  [ reply ]
Samsung DVR credentials encoded in base64 in cookie header 2016-12-17
Jacobo Avariento (spinfoo vuln gmail com)
Product: Samsung DVR
Impact: High

Intro
~~~~~~~~~~~~~~~

Samsung DVR Web Viewer is by default using HTTP (port 80) and transmits
the credentials encoded in the Cookie header using very bad security
practice, just encoding the login and password in BASE64 codification.
It is trivial to decode those

[ more ]  [ reply ]
[security bulletin] HPSBMU03684 rev.1 - HPE Version Control Repository Manager (VCRM), Multiple Remote Vulnerabilities 2016-12-16
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053563
63

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05356363

Version: 1

HPSBMU03684 rev.1

[ more ]  [ reply ]
[SECURITY] [DSA 3736-1] libupnp security update 2016-12-16
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3736-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
December 16, 2016

[ more ]  [ reply ]
CVE-2016-9277,CVE-2016-9966,CVE-2016-9967: Possible Privilege Escalation in telecom 2016-12-16
unlimitsec gmail com
Description of the potential vulnerability:Lack of appropriate exception handling in some receivers of the Telecom application allows attackers crash the system easily resulting in a possible DoS attack
Affected versions: L(5.0/5.1), M(6.0)
Disclosure status: Privately disclosed.
The patch prevents

[ more ]  [ reply ]
CVE-2013-0090: MSIE 9 IEFRAME CView::EnsureSize use-after-free 2016-12-16
Berend-Jan Wever (berendj nwever nl)
Since November I have been releasing details on all vulnerabilities I
found that I have not released before. This is the 34th entry in the
series. This information is available in more detail on my blog at
http://blog.skylined.nl/20161216001.html. There you can find a repro
that triggered this issue

[ more ]  [ reply ]
MSIE 9 IEFRAME CMarkup­Pointer::Move­To­Gap use-after-free 2016-12-15
Berend-Jan Wever (berendj nwever nl)
Since November I have been releasing details on all vulnerabilities I
found that I have not released before. This is the 33rd entry in the
series. This information is available in more detail on my blog at
http://blog.skylined.nl/20161215001.html. There you can find a repro
that triggered this issue

[ more ]  [ reply ]
Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565] 2016-12-15
Dawid Golunski (dawid legalhackers com)
Vulnerability:
Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution

CVE-2016-9565

Discovered by: Dawid Golunski (@dawid_golunski)
https://legalhackers.com

Severity: High

Nagios Core comes with a PHP/CGI front-end which allows to view status
of the monitored hosts.
This fr

[ more ]  [ reply ]
Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability 2016-12-14
apparitionsec gmail com (hyp3rlinx)
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/ADOBE-ANIMATE-MEMORY-CORRUPTI
ON-VULNERABILITY.txt

[+] ISR: ApparitionSec

Vendor:
=============
www.adobe.com

Product(s):
=============================
Adobe An

[ more ]  [ reply ]
Secunia Research: Microsoft Windows Type 1 Font Processing Vulnerability 2016-12-14
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2016/12/14

Microsoft Windows Type 1 Font Processing Vulnerability

======================================================================

Table of Contents

Affected Software......

[ more ]  [ reply ]
CVE-2013-3143: MSIE 9 IEFRAME CMarkup..Remove­Pointer­Pos use-after-free 2016-12-14
Berend-Jan Wever (berendj nwever nl)
Since November I have been releasing details on all vulnerabilities I
found that I have not released before. This is the 32nd entry in the
series. This information is available in more detail on my blog at
http://blog.skylined.nl/20161214001.html. There you can find a repro
that triggered this issue

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2016-348-01) 2016-12-13
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2016-348-01)

New mozilla-firefox packages are available for Slackware 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
pa

[ more ]  [ reply ]
MSIE 9 MSHTML CMarkup::ReloadInCompatView use-after-free 2016-12-13
Berend-Jan Wever (berendj nwever nl)
Since November I have been releasing details on all vulnerabilities I
found that I have not released before. This is the thirty-first entry
in the series. This information is available in more detail on my blog
at http://blog.skylined.nl/20161213001.html. There you can find a repro
that triggered th

[ more ]  [ reply ]
APPLE-SA-2016-12-13-7 Additional information for APPLE-SA-2016-12-12-2 watchOS 3.1.1 2016-12-13
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-13-7 Additional information for
APPLE-SA-2016-12-12-2 watchOS 3.1.1

watchOS 3.1.1 addresses the following:

Accounts
Available for: All Apple Watch models
Impact: An issue existed which did not reset the authorization
settings on ap

[ more ]  [ reply ]
APPLE-SA-2016-12-13-8 Transporter 1.9.2 2016-12-13
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-13-8 Transporter 1.9.2

Transporter 1.9.2 is now available and addresses the following:

iTMSTransporter
Available for: iTunes Producer 3.1.1, OS X v10.6 and later (64 bit),
Windows 7 and later (32 bit), and Red Hat Enterprise Linux (

[ more ]  [ reply ]
APPLE-SA-2016-12-13-5 Additional information for APPLE-SA-2016-12-12-1 iOS 10.2 2016-12-13
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-13-5 Additional information for
APPLE-SA-2016-12-12-1 iOS 10.2

iOS 10.2 addresses the following:

Accessibility
Available for: iPhone 5 and later, iPad 4th generation and later,
iPod touch 6th generation and later
Impact: A nearby u

[ more ]  [ reply ]
APPLE-SA-2016-12-13-2 Safari 10.0.2 2016-12-13
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-13-2 Safari 10.0.2

Safari 10.0.2 is now available and addresses the following:

Safari Reader
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.1
Impact: Enabling the Safari Reader feature on a

[ more ]  [ reply ]
APPLE-SA-2016-12-13-3 iTunes 12.5.4 2016-12-13
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-13-3 iTunes 12.5.4

iTunes 12.5.4 is now available and addresses the following:

WebKit
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addres

[ more ]  [ reply ]
[slackware-security] kernel (SSA:2016-347-01) 2016-12-12
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] kernel (SSA:2016-347-01)

New kernel packages are available for Slackware 14.2 and -current to
fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/linux-4.4

[ more ]  [ reply ]
[slackware-security] php (SSA:2016-347-03) 2016-12-12
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2016-347-03)

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/php

[ more ]  [ reply ]
Apple iOS/tvOS/watchOS Remote memory corruption through certificate 2016-12-12
submit cxsec org
Apple iOS/tvOS/watchOS Remote memory corruption through certificate file
Source:
https://cxsecurity.com/issue/WLB-2016110046

------------------------------------------------------------------------
--------------
0. Short description
Special crafted certificate file may lead to memory corruption of

[ more ]  [ reply ]
APPLE-SA-2016-12-12-2 watchOS 3.1.1 2016-12-12
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-12-2 watchOS 3.1.1

watchOS 3.1.1 is now available and addresses the following:

Accounts
Available for: All Apple Watch models
Impact: An issue existed which did not reset the authorization
settings on app uninstall
Description: Thi

[ more ]  [ reply ]
APPLE-SA-2016-12-12-3 tvOS 10.1 2016-12-12
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-12-3 tvOS 10.1

tvOS 10.1 is now available and addresses the following:

Profiles
Available for: Apple TV (4th generation)
Impact: Opening a maliciously crafted certificate may lead to
arbitrary code execution
Description: A memory c

[ more ]  [ reply ]
APPLE-SA-2016-12-12-1 iOS 10.2 2016-12-12
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-12-1 iOS 10.2

iOS 10.2 is now available and addresses the following:

Accessibility
Available for: iPhone 5 and later, iPad 4th generation and later,
iPod touch 6th generation and later
Impact: A nearby user may be able to overhear

[ more ]  [ reply ]
[SECURITY] CVE-2016-8745 Apache Tomcat Information Disclosure 2016-12-12
Mark Thomas (markt apache org)
CVE-2016-8745 Apache Tomcat Information Disclosure

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
Apache Tomcat 9.0.0.M1 to 9.0.0.M13
Apache Tomcat 8.5.0 to 8.5.8
Earlier versions are not affected.

Description
The refactoring of the Connector code for 8.5.x onwards

[ more ]  [ reply ]
[SECURITY] [DSA 3730-1] icedove security update 2016-12-11
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3730-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
December 11, 2016

[ more ]  [ reply ]
MSIE 9 MSHTML CElement::Has­Flag memory corruption 2016-12-09
Berend-Jan Wever (berendj nwever nl)
Since November I have been releasing details on all vulnerabilities I
found that I have not released before. This is the twenty-ninth entry
in the series. This information is available in more detail on my blog
at http://blog.skylined.nl/20161209001.html. There you can find a repro
that triggered th

[ more ]  [ reply ]
Symantec VIP Access Desktop Arbitrary DLL Execution 2016-12-09
apparitionsec gmail com - hyp3rlinx
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/SYMANTEC-VIP-ACCESS-ARBITRARY
-DLL-EXECUTION.txt

[+] ISR: ApparitionSec

Vendor:
================
www.symantec.com

Product:
===================
Symantec VIP Acce

[ more ]  [ reply ]
AST-2016-009: <br> 2016-12-08
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - ASTERISK-2016-009

Product Asterisk
Summary
Nature of Advisory Authentication Bypass
Susceptibility Remote unauthenticated s

[ more ]  [ reply ]
AST-2016-008: Crash on SDP offer or answer from endpoint using Opus 2016-12-08
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2016-008

Product Asterisk
Summary Crash on SDP offer or answer from endpoint using
Opus

[ more ]  [ reply ]
CVE-2013-1306: MSIE 9 MSHTML CDisp­Node::Insert­Sibling­Node use-after-free details 2016-12-08
Berend-Jan Wever (berendj nwever nl)
Since November I have been releasing details on all vulnerabilities I
found that I have not released before. This is the twenty-eighth entry
in the series. This information is available in more detail on my blog
at http://blog.skylined.nl/20161208001.html. There you can find a repro
that triggered t

[ more ]  [ reply ]
[security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information 2016-12-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053494
99

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05349499

Version: 1

HPSBHF03674 rev.1

[ more ]  [ reply ]
Microsoft Remote Desktop Client for Mac Remote Code Execution 2016-12-07
Filippo Cavallarin (filippo cavallarin wearesegment com)

Advisory ID: SGMA16-004
Title: Microsoft Remote Desktop Client for Mac Remote Code Execution
Product: Microsoft Remote Desktop Client for Mac
Version: 8.0.36 and probably prior
Vendor: www.microsoft.com
Vulnerability type: Undisclosed
Risk level: 4 / 5
Credit: filippo.cavallarin (at) wearesegment (dot) com [email concealed]
CV

[ more ]  [ reply ]
[ESNC-2041217] Critical Security Vulnerability in PwC ACE Software for SAP Security 2016-12-07
ESNC Security (secure esnc de)
[ESNC-2041217] Critical Security Vulnerability in PwC ACE Software for
SAP Security

Please refer to https://www.esnc.de for the original security
advisory, updates, and additional information.

----------------------------------------------------------------------
1. Business Impact
---------------

[ more ]  [ reply ]
CVE-2015-1730: MSIE jscript9 Java­Script­Stack­Walker memory corruption details and PoC 2016-12-06
Berend-Jan Wever (berendj nwever nl)
Since November I have been releasing details on all vulnerabilities I
found in web-browsers that I had not released before. I will try to
continue to publish all my old vulnerabilities, including those not in
web-browser, as long as I can find some time to do so. If you find this
information useful,

[ more ]  [ reply ]
Re: CVE-2016-3222: MS Edge CBaseScriptable::PrivateQueryInterface memory corruption 2016-12-06
Berend-Jan Wever (berendj nwever nl)
FYI: this link to my blog was 404 until early this morning. It is now up
if you are still interested in reading it.

On 05-12-2016 11:55, Berend-Jan Wever wrote:
> Since November I have been releasing details on all vulnerabilities I
> found in web-browsers that I had not released before. I will try

[ more ]  [ reply ]
CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used 2016-12-05
Eissing Stefan (stefan eissing gmail com)
Security Advisory - Apache Software Foundation
Apache HTTPD WebServer / httpd.apache.org

Server memory can be exhausted and service denied when HTTP/2 is used

CVE-2016-8740

The Apache HTTPD web server (from 2.4.17-2.4.23) did not apply limitations
on

[ more ]  [ reply ]
Microsoft MSINFO32.EXE ".NFO" Files XML External Entity 2016-12-04
apparitionsec gmail com/hyp3rlinx
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-MSINFO32-XXE-FILE-E
XFILTRATION.txt

[+] ISR: ApparitionSec

Vendor:
=================
www.microsoft.com

Product:
==========================
Windows Sys

[ more ]  [ reply ]
(Page 14 of 524)  < Prev  9 10 11 12 13 14 15 16 17 18 19  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus