BugTraq Mode:
(Page 257 of 1747)  < Prev  252 253 254 255 256 257 258 259 260 261 262  Next >
[ MDVSA-2013:237 ] firefox 2013-09-18
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:237
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2013-260-03) 2013-09-18
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2013-260-03)

New mozilla-thunderbird packages are available for Slackware 13.37, 14.0,
and -current to fix security issues.

Here are the details from the Slackware 14.0 ChangeLog:
+---------------------

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2013-260-02) 2013-09-18
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2013-260-02)

New mozilla-firefox packages are available for Slackware 13.37, 14.0,
and -current to fix security issues.

Here are the details from the Slackware 14.0 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
[SECURITY] [DSA 2758-1] python-django security update 2013-09-17
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2758-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
September 17, 2013

[ more ]  [ reply ]
APPLE-SA-2013-09-17-1 OS X Server v2.2.2 2013-09-17
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-09-17-1 OS X Server v2.2.2

OS X Server v2.2.2 is now available and addresses the following:

ClamAV
Available for: OS X Mountain Lion v10.8 or later
Impact: Multiple vulnerabilities in ClamAV
Description: Multiple vulnerabilities exist

[ more ]  [ reply ]
[ MDVSA-2013:236 ] subversion 2013-09-17
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:236
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
EarthVPN certificate configuration vulnerabilities 2013-09-17
y6whynrzab snkmail com
EarthVPN (www.earthvpn.com) is a VPN service provider which claims "When connected, your data will be secured and encrypted, keeping all your personal details private. EarthVPN will make sure that your online presence cannot be intercepted, monitored and recorded by your internet service provider, c

[ more ]  [ reply ]
ExpressionEngine 2.6 Persistent XSS 2013-09-16
Richard Clifford (darkmantis cybershade org)
Hi,

I'd like to disclose a vulnerability I found in ExpressionEngine 2.6 and
below.

The issue is when you submit a new entry through Admin -> Content ->
Publish and you are using the RTE, if you enter HTML into that editor,
the next page will execute the HTML, which it shouldn?t. The RTE should

[ more ]  [ reply ]
[ MDVSA-2013:235 ] mediawiki 2013-09-16
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:235
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Botconf 2013 - Pre-programme pubished & registration open (Nantes, France, 5-6/12/2013) 2013-09-15
Eric Freyssinet (eric freyssinet gmail com)
Dear security community,

Botconf 2013 - An international conference on the fight against
botnets will take place on 5 & 6 December 2013 in Nantes, France.

The preliminary programme has been published:
https://www.botconf.eu/index.php/programme-preliminary/ (more to come:
short talks, keynotes).

R

[ more ]  [ reply ]
OWASP ESAPI Security Advisory: MAC Bypass in ESAPI Symmetric Encryption 2013-09-15
Kevin W. Wall (kevin w wall gmail com)
OWASP ESAPI for Java Security Advisory #1 The OWASP Foundation

MAC Bypass in ESAPI Symmetric Encryption

Summary
=======
Category: Symmetric cryptography
Module: ESAPI (Encryptor interface)
Announced: 2013-08-23 via ESAPI-Dev mailing list

(ht

[ more ]  [ reply ]
Moodle 2.5.0-1 (badges/external.php) PHP Object Injection Vulnerability 2013-09-15
emilio pinn gmail com
=============================================
- Original release date: 15 September, 2013
- Discovered by: Emilio Pinna (Application Security Analyst at Abinsula)
- Contact: emilio # pinn # gmail
=============================================

VULNERABILITY
----------------------
Moodle CMS version 2

[ more ]  [ reply ]
[SECURITY] [DSA 2757-1] wordpress security update 2013-09-14
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2757-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Yves-Alexis Perez
September 14, 2013

[ more ]  [ reply ]
[ MDVSA-2013:234 ] python-django 2013-09-13
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:234
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2013:232 ] libmodplug 2013-09-13
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:232
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Zimbra Collaboration Suite (ZCS) Session Replay Vulnerability 2013-09-13
brianwarehime gmail com
Product: Zimbra Collaboration Suite
Vendor: VMWare
Vulnerable Version: 6.0.16 and probably prior
Tested Version: 6.0.16
Vendor Notification: 09/03/2013
Public Disclosure: 09/13/2013
Vulnerability Type: Authentication Bypass by Capture-replay (CWE-294)
CVE: CVE-2013-5119
Discovered and Provided By: B

[ more ]  [ reply ]
[SECURITY] [DSA 2756-1] wireshark security update 2013-09-13
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2756-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
September 13, 2013

[ more ]  [ reply ]
[ MDVSA-2013:233 ] python-OpenSSL 2013-09-13
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:233
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 2753-1] mediawiki security update 2013-09-13
Thijs Kinkhorst (thijs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2753-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Thijs Kinkhorst
September 13, 2013

[ more ]  [ reply ]
OpenSSL,OpenSSH ecdsa authentication code inconsistent return values.. no vulnerability? 2013-09-13
king cope (isowarez isowarez isowarez googlemail com)
Hello lists,

Attached is the blog post for the mentioned issues that in its shape
are not a vulnerability, still interesting to see.

http://kingcope.wordpress.com/2013/09/13/opensslopenssh-ecdsa-authentica
tion-code-inconsistent-return-values-no-vulnerability/

Cheers,

Kingcope

[ more ]  [ reply ]
APPLE-SA-2013-09-12-2 Safari 5.1.10 2013-09-12
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-09-12-2 Safari 5.1.10

Safari 5.1.10 is now available and addresses the following:

JavaScriptCore
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8
Impact: Visiting a maliciously crafted website may lead to an
unexpected applicat

[ more ]  [ reply ]
APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004 2013-09-12
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update
2013-004

OS X Mountain Lion v10.8.5 and Security Update 2013-004 is now
available and addresses the following:

Apache
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Li

[ more ]  [ reply ]
WordPress Fixes Multiple Vulnerabilities With 3.6.1 Release 2013-09-13
danielthomson72 gmail com
Multiple vulnerabilities were reported in WordPress. WordPress has released version 3.6.1 to fix three security issues.

Check this URL:
http://www.itsecuritycenter.com/wordpress-fixes-multiple-vulnerabilities
-3-6-1-release.html

[ more ]  [ reply ]
[iBliss Security Advisory] Cross-Site Scripting (XSS) vulnerability in Design-approval-system wordpress plugin 2013-09-12
Alexandro Silva (alexos ibliss com br)
[Design-Approval-System Wordpress plugin XSS ]

[vendor product description]
A system to streamline the process of getting designs, photos,
documents, videos or music approved by clients quickly.

[Bug Description]
The walkthrouth web page does not validate the step parameter leading to
a Cross-si

[ more ]  [ reply ]
[ MDVSA-2013:231 ] openswan 2013-09-12
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:231
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2013:230 ] gdm 2013-09-11
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:230
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
OWASP Zed Attack Proxy 2.2.0 2013-09-11
psiinon (psiinon gmail com)
Hi folks,

ZAP 2.2.0 is now available from http://code.google.com/p/zaproxy/downloads/list

This includes support for scripts embedded in ZAP components like the
active and passive scanners as well as support for Zest - a new
security focused scripting language from the Mozilla security team.
It als

[ more ]  [ reply ]
[security bulletin] HPSBUX02928 SSRT101274 rev.1 - HP-UX running perl, Remote Denial of Service (DoS) 2013-09-11
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03924247

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03924247
Version: 1

HPSBUX02928 SS

[ more ]  [ reply ]
[SECURITY] [DSA 2755-1] python-django security update 2013-09-11
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2755-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
September 11, 2013

[ more ]  [ reply ]
ProFTPd mod_sftp/mod_sftp_pam invalid pool allocation in kbdint authentication 2013-09-11
king cope (isowarez isowarez isowarez googlemail com)
Hi there!

See my blog post about the mentioned vulnerability.

http://kingcope.wordpress.com/2013/09/11/proftpd-mod_sftpmod_sftp_pam-in
valid-pool-allocation-in-kbdint-authentication/

Cheers,

Kingcope

[ more ]  [ reply ]
(Page 257 of 1747)  < Prev  252 253 254 255 256 257 258 259 260 261 262  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus