|
|
Colapse all |
Post message
[security bulletin] HPSBPV02918 rev.2 - HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM), SQL Injection, Remote Code Execution, Session Reuse 2013-10-16 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03897409 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03897409 Version: 2 HPSBPV02918 re [ more ] [ reply ] PayPal Inc Bug Bounty #61 - Persistent Mail Encoding Vulnerability 2013-10-16 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== PayPal Inc Bug Bounty #61 - Persistent Mail Encoding Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=846 PayPal Security UID: bzbe1he Release Date: ============= 2013-10-16 Vulnerability Laboratory ID [ more ] [ reply ] [SE-2012-01] Issue 69 details and IBM Java vulnerabilities 2013-10-16 Security Explorations (contact security-explorations com) Hello All, The CPU released yesterday (Oct 15, 2013) by Oracle included information about a fix for Java SE 7 vulnerability (Issue 69) that was reported to the company in July. Issue 69 allows to conduct a very classic attack against Java VM - the so called class spoofing attack. To quote the pap [ more ] [ reply ] Remote Code Execution in Microweber 2013-10-16 High-Tech Bridge Security Research (advisory htbridge com) Advisory ID: HTB23175 Product: Microweber Vendor: Microweber Vulnerable Version(s): 0.8 and probably prior Tested Version: 0.8 Advisory Publication: September 25, 2013 [without technical details] Vendor Notification: September 25, 2013 Vendor Patch: September 26, 2013 Public Disclosure: October [ more ] [ reply ] [ISecAuditors Security Advisories] PL/SQL Injection in Oracle Portal Demo Organization Chart 2013-10-16 ISecAuditors Security Advisories (advisories isecauditors com) ============================================= INTERNET SECURITY AUDITORS ALERT 2012-001 - Original release date: November 8th, 2012 - Last revised: March 20th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 7,1/10 (CVSS Base Score) - CVE-ID: CVE-2013-3831 ================================= [ more ] [ reply ] APPLE-SA-2013-10-15-1 Java for OS X 2013-005 and Mac OS X v10.6 Update 17 2013-10-15 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-10-15-1 Java for OS X 2013-005 and Mac OS X v10.6 Update 17 Java for OS X 2013-005 and Mac OS X v10.6 Update 17 is now available and addresses the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 [ more ] [ reply ] [security bulletin] HPSBMU02931 rev.1 - HP Service Manager, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS) 2013-10-15 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03960916 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03960916 Version: 1 HPSBMU02931 re [ more ] [ reply ] ZAPms v1.42 CMS - Client Side Cross Site Scripting Web Vulnerability 2013-10-15 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== ZAPms v1.42 CMS - CS Cross Site Scripting Web Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1112 Release Date: ============= 2013-10-15 Vulnerability Laboratory ID (VL-ID): =========================== [ more ] [ reply ] Training : Advanced Android & iOS Hands-on Exploitation at Toorcon San Diego [16th-17th Oct,2013] 2013-10-15 xys3c team (security xysec com) XYSec Labs will be running a 2-day training class at Toorcon San Diego from Oct 16-17 on "Advanced Android and iOS Hands-on Exploitation", which had a great feedback at Syscan 2013, OWASP Appsec APAC (2013) and BlackHat US 2013 (under Mobile Hacking by Hotwan). Student Feedbacks : "This is the bes [ more ] [ reply ] DornCMS Application v1.4 - Multiple Web Vulnerabilities 2013-10-15 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== DornCMS Application v1.4 - Multiple Web Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1113 Release Date: ============= 2013-10-14 Vulnerability Laboratory ID (VL-ID): =============================== [ more ] [ reply ] Apple iOS 7.2 - Sim Lock Screen Display Bypass Vulnerability 2013-10-15 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Apple iOS 7.2 - Sim Lock Screen Display Bypass Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1105 Video: http://www.vulnerability-lab.com/get_content.php?id=1104 Release Date: ============= 2013-10-04 [ more ] [ reply ] Paypal Inc Bug Bounty #105 MOS - Multiple Persistent Print Layout Vulnerabilities 2013-10-15 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Paypal Inc Bug Bounty #105 MOS - Multiple Persistent Print Layout Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1039 PayPal Security UID: xE1128lV Release Date: ============= 2013-10-15 Vulnerabili [ more ] [ reply ] My File Explorer v1.3.1 iOS - Multiple Web Vulnerabilities 2013-10-15 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== My File Explorer v1.3.1 iOS - Multiple Web Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1107 Release Date: ============= 2013-10-09 Vulnerability Laboratory ID (VL-ID): ============================ [ more ] [ reply ] SEC Consult SA-20131015-0 :: Multiple vulnerabilities in SpamTitan 2013-10-15 SEC Consult Vulnerability Lab (research sec-consult com) OliveOffice Mobile Suite 2.0.3 iOS - File Include Vulnerability 2013-10-15 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== OliveOffice Mobile Suite 2.0.3 iOS - File Include Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1110 Release Date: ============= 2013-10-13 Vulnerability Laboratory ID (VL-ID): ======================= [ more ] [ reply ] [slackware-security] gnupg2 (SSA:2013-287-02) 2013-10-15 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] gnupg2 (SSA:2013-287-02) New gnupg2 packages are available for Slackware 13.37, 14.0, and -current to fix security issues. These packages will require the updated libgpg-error package. Here are the details from the Slackware 1 [ more ] [ reply ] Training : Advanced Android & iOS Hands-on Exploitation at Toorcon San Diego [16th-17th Oct,2013] 2013-10-15 xys3c team (security xysec com) XYSec Labs will be running a 2-day training class at Toorcon San Diego from Oct 16-17 on "Advanced Android and iOS Hands-on Exploitation", which had a great feedback at Syscan 2013, OWASP Appsec APAC (2013) and BlackHat US 2013 (under Mobile Hacking by Hotwan). Student Feedbacks : "This is the bes [ more ] [ reply ] Critical vulnerabilities discovered in Gazelle and TBDEV.net 2013-10-15 Bogdan Calin (bogdan acunetix com) Hi guys, Gazelle and TBDEV.NET are the most popular web applications used as BitTorrent trackers. A BitTorrent tracker is an application that assists in the communication between peers using the BitTorrent protocol. BitTorrent trackers can be public/open where anybody can join or private (where an [ more ] [ reply ] [slackware-security] xorg-server (SSA:2013-287-05) 2013-10-15 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] xorg-server (SSA:2013-287-05) New xorg-server packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: +------------ [ more ] [ reply ] [slackware-security] gnupg (SSA:2013-287-01) 2013-10-15 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] gnupg (SSA:2013-287-01) New gnupg packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +------------------------- [ more ] [ reply ] [slackware-security] gnutls (SSA:2013-287-03) 2013-10-15 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] gnutls (SSA:2013-287-03) New gnutls packages are available for Slackware 12.1, 12.2, 13.0, 13.1, and 13.37 to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: +--------------------------+ patches/pa [ more ] [ reply ] [slackware-security] libgpg-error (SSA:2013-287-04) 2013-10-15 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libgpg-error (SSA:2013-287-04) New libgpg-error packages are available for Slackware 13.37 and 14.0. These are needed for the updated gnupg2 package. Here are the details from the Slackware 14.0 ChangeLog: +--------------------- [ more ] [ reply ] CFP: Passwords^13 Bergen (Norway), December 2-3 2013 2013-10-13 Per Thorsheim (per thorsheim net) Passwords^13 (PasswordsCon.org) December 2-3, 2013 Bergen, Norway CALL FOR SUBMISSIONS ==================================== Per Thorsheim, with the support of FRISC (www.frisc.no), the University of Bergen and Stricture Consulting Group, organize PasswordsCon, the fifth edition of a technical conf [ more ] [ reply ] [SECURITY] [DSA 2778-1] libapache2-mod-fcgid security update 2013-10-11 Salvatore Bonaccorso (carnil debian org) |
|
Privacy Statement |
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2013:250
http://www.mandriva.com/en/support/security/
___________________________________________________________
[ more ] [ reply ]