BugTraq Mode:
(Page 245 of 1746)  < Prev  240 241 242 243 244 245 246 247 248 249 250  Next >
ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities 2013-11-19
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities

EMC Identifier: ESA-2013-078

CVE Identifier: CVE-2013-6173, CVE-2013-6174, CVE-2013-6175, CVE-2013-6176, CVE-2013-6177

Severity Rating: CVSS v2 Base Score: See below

[ more ]  [ reply ]
[ MDVSA-2013:267 ] java-1.7.0-openjdk 2013-11-19
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:267
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2013:266 ] java-1.6.0-openjdk 2013-11-19
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:266
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
16TH AVAR INTERNATIONAL SECURITY CONFERENCE 2013 - (4th-7th Dec'13, Chennai. India) 2013-11-19
Gregory Panakkal (gregory_panakkal fastmail fm)

We are pleased to announce that for the first time ever, one of the
largest international Security Conferences - AVAR 2013 - is set to be
held in Chennai, India.

AVAR (Association of Antivirus Asia Researchers) is an independent and
not-for-profit organization oriented in the Asia-Pacific regio

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-13:14.openssh 2013-11-19
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

========================================================================
=====
FreeBSD-SA-13:14.openssh Security Advisory
The FreeBSD Project

Topic: Op

[ more ]  [ reply ]
SKIDATA RFID Freemotion.Gate Unauthenticated Web Service Aribtrary Remote Command Execution 2013-11-19
Dennis Kelly (dennis kelly gmail com)
Title: SKIDATA RFID Freemotion.Gate Unauthenticated Web Service
Aribtrary Remote Command Execution
Product: Freemotion.Gate
Vendor: SKIDATA, http://www.skidata.com/en/
RTP|One, http://http://www.rtp.com/
Vulnerable Versions: 4.1.3.5 and likely all prior versions.
Tested Version: 4.1.3.5
Origina

[ more ]  [ reply ]
Paypal Inc Bug Bounty #47 ALYZ - Persistent Search Vulnerability 2013-11-19
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Paypal Inc Bug Bounty #47 ALYZ - Persistent Search Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=807

PayPal Security UID: dx1f89rtd

Release Date:
=============
2013-11-19

Vulnerability Laboratory ID

[ more ]  [ reply ]
PayPal Inc Bug Bounty #42 - Persistent POST Inject Vulnerability 2013-11-19
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PayPal Inc Bug Bounty #42 - Persistent POST Inject Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=801

PayPal Security UID: kxy1ea5ech

Release Date:
=============
2013-11-18

Vulnerability Laboratory ID

[ more ]  [ reply ]
[slackware-security] seamonkey (SSA:2013-322-04) 2013-11-19
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] seamonkey (SSA:2013-322-04)

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packag

[ more ]  [ reply ]
PayPal Inc Bug Bounty #65 China - Redirect Web Vulnerability 2013-11-19
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PayPal Inc Bug Bounty #65 China - Redirect Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=860

PayPal Security UID: rdbeeur

Release Date:
=============
2013-11-17

Vulnerability Laboratory ID (VL-ID

[ more ]  [ reply ]
[slackware-security] samba (SSA:2013-322-03) 2013-11-19
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] samba (SSA:2013-322-03)

New samba packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/samba

[ more ]  [ reply ]
[slackware-security] openssh (SSA:2013-322-02) 2013-11-19
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] openssh (SSA:2013-322-02)

New openssh packages are available for Slackware 14.1 and -current to fix a
security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/openss

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2013-322-01) 2013-11-19
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2013-322-01)

New mozilla-firefox packages are available for Slackware 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+-----------------------

[ more ]  [ reply ]
[SOJOBO-ADV-13-04] - PHP-Nuke 8.2.4 multiple vulnerabilities 2013-11-18
advisories enkomio com
[SOJOBO-ADV-13-04] - PHP-Nuke 8.2.4 multiple vulnerabilities

I. * Information *
==================
Name : PHP-Nuke 8.2.4 multiple vulnerabilities
Software : PHP-Nuke 8.2.4 and possibly below.
Vendor Homepage : http://www.phpnuke.org/
Vulnerability Type : File Inclusion and Reflected Cross-Site Scri

[ more ]  [ reply ]
Re: Fwd: vulnerability issue for DB2 express 2013-11-18
shatter appsecinc com
This was a bug in the DB2 code and was fixed by IBM long ago.
Both, v6 and v7 of DB2 are very old and out of support versions. Even if you apply the Fix Packs mentioned below you will still have many other security vulnerabilities in the system.
My recommendation is to plan on upgrading the DB2 serv

[ more ]  [ reply ]
[OVSA20131108] OpenVAS Manager And OpenVAS Administrator Vulnerable To Partial Authentication Bypass 2013-11-15
Tim Brown (timb openvas org)
Summary

It has been identified that OpenVAS Manager and OpenVAS Administrator are
vulnerable to authentication bypass due to an incorrect state assignment when
processing OMP and OAP requests. It has been identified that this
vulnerability may allow unauthorised access to OpenVAS Manager and OpenV

[ more ]  [ reply ]
Information Security Forecast 2014 2013-11-17
Jeimy Cano (jjcano yahoo com)

Dear members,

Attached link to my recent post in my blog IT-Insecurity about information security forecast for 2014. This has been published in Spanish, but you can use Google translator to read it in english.

I hope this information could be useful for you.

Thanks in advance,

Jeimy.

Original

[ more ]  [ reply ]
[SECURITY] [DSA 2798-1] curl security update 2013-11-17
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2798-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Michael Gilbert
November 17, 2013

[ more ]  [ reply ]
[SECURITY] [DSA 2797-1] chromium-browser security update 2013-11-17
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2797-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Michael Gilbert
November 16, 2013

[ more ]  [ reply ]
[SECURITY] [DSA 2795-2] lighttpd regression update 2013-11-17
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2795-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Michael Gilbert
November 16, 2013

[ more ]  [ reply ]
XADV-2013006 FreeBSD <= 10 kernel qlxge/qlxgbe Driver IOCTL Multiple Kernel Memory Leak Bugs 2013-11-16
geinblues gmail com


XADV-2013006
FreeBSD <= 10 kernel qlxge/qlxgbe Driver IOCTL Multiple Kernel Memory Leak Bugs

1. Overview

The qlxge Driver is Qlogic 10Gb Ethernet Driver for Qlogic 8100
Series CNA Adapter [1]. The qlxgbe for the QLogic 8300 series
of the same ethernet driver.

The qlxge/qlxgbe Driver in freebsd

[ more ]  [ reply ]
XADV-2013005 FreeBSD 10 <= nand Driver IOCTL Kernel Memory Leak Bug 2013-11-16
geinblues gmail com


XADV-2013005
FreeBSD 10 <= nand Driver IOCTL Kernel Memory Leak Bug

1. Overview

The nand driver in freebsd <= 10 has a vulnerability to leak
arbitrary kernel memory to the userspace. It's occured at
nand_ioctl() kernel function and because no proper initialize
the allocated kernel memory. It's

[ more ]  [ reply ]
[CVE-2013-6356] Avira Secure Backup v1.0.0.1 Multiple Registry Key Value Parsing Local Buffer Overflow Vulnerability 2013-11-16
Julien Ahrens (info rcesecurity com)
RCE Security Advisory
http://www.rcesecurity.com


1. ADVISORY INFORMATION
-----------------------
Product: Avira Secure Backup
Vendor URL: www.avira.com
Type: Improper Restriction of Operations within the Bounds of
a Memory Buffer [CWE-119]
Date found: 2013-10-30
Date pub

[ more ]  [ reply ]
Cross-Site Scripting (XSS) in Tweet Blender Wordpress Plugin 2013-11-15
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23180
Product: Tweet Blender Wordpress Plugin
Vendor: kirilln
Vulnerable Version(s): 4.0.1 and probably prior
Tested Version: 4.0.1
Advisory Publication: October 25, 2013 [without technical details]
Vendor Notification: October 25, 2013
Vendor Patch: November 13, 2013
Public Disc

[ more ]  [ reply ]
NEW VMSA-2013-0013 VMware Workstation host privilege escalation vulnerability 2013-11-15
\VMware Security Response Center\ (security vmware com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

VMware Security Advisory

Advisory ID: VMSA-2013-0013
Synopsis: VMware Workstation host privilege escalation vulnerability
Issue date: 2013-11-14
Updated o

[ more ]  [ reply ]
Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x 2013-11-14
Kevin Cernekee (cernekee gmail com)
On Thu, Nov 14, 2013 at 7:44 AM, Gleb O. Raiko <raiko (at) niisi.msk (dot) ru [email concealed]> wrote:
> Considering ChainsDD Superuser you mentioned.
> Unfortunately, your mail describes just potential attack vectors. While I
> can't say for sure, Superuser isn't vulnerable at all, I'd like to note that
> su invokes the am sc

[ more ]  [ reply ]
APPLE-SA-2013-11-14-1 iOS 7.0.4 2013-11-14
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-11-14-1 iOS 7.0.4

iOS 7.0.4 is now available and addresses the following:

App Store
Available for: iPhone 4 and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: App and In-App purchases may be completed with insuf

[ more ]  [ reply ]
Re: [security bulletin] HPSBUX02922 SSRT101305 rev.1 - HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-11-14
Rodzbry27 yahoo com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03898880

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03898880
Version: 1

HPSBUX02922 S

[ more ]  [ reply ]
Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager 2013-11-14
Rodzbry27 yahoo com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager

Advisory ID: cisco-sa-20130918-dcnm

Revision 1.0

For Public Release 2013 September 18 16:00 UTC (GMT)

+--------------------------------------------------

[ more ]  [ reply ]
(Page 245 of 1746)  < Prev  240 241 242 243 244 245 246 247 248 249 250  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus