|
|
Prev week |
Colapse all |
Post message
Securstar - DriveCrypt - Local Kernel Denial of Service/Memory Disclosure/Privilege Escalation 2011-07-20 Digit Security Research (research digit-security com) CA20110720-01: Security Notice for CA Gateway Security and Total Defense 2011-07-20 Kotas, Kevin J (Kevin Kotas ca com) -----BEGIN PGP SIGNED MESSAGE----- CA20110720-01: Security Notice for CA Gateway Security and Total Defense Issued: July 20, 2011 CA Technologies support is alerting customers to a security risk with CA Gateway Security. A vulnerability exists that can allow a remote attacker to execute arbitrary [ more ] [ reply ] ZDI-11-237: CA Total Defense Suite Gateway Security Malformed HTTP Packet Remote Code Execution Vulnerability 2011-07-20 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-237: CA Total Defense Suite Gateway Security Malformed HTTP Packet Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-237 July 20, 2011 -- CVE ID: CVE-2011-2667 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: CA -- Affected Products: CA [ more ] [ reply ] iDefense Security Advisory 07.20.11: Multiple Vendor WebKit SVG animVal Memory Corruption Vulnerability 2011-07-20 labs-no-reply (labs-no-reply ivcp vrsn com) iDefense Security Advisory 07.20.11 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 20, 2011 I. BACKGROUND WebKit is an open source web browser engine. It is currently used by Apple Inc.'s Safari browser, as well as by Google's Chrome browser. For more information, see the vendor's site [ more ] [ reply ] iDefense Security Advisory 07.20.11: Apple Safari innerText Use-After-Free Vulnerability 2011-07-20 labs-no-reply (labs-no-reply ivcp vrsn com) iDefense Security Advisory 07.20.11 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 20, 2011 I. BACKGROUND Safari is Apple's web browser, and is based on the open source WebKit browser engine. MobileSafari is Safari for Apple's mobile devices including the iPad and iPhone. For more info [ more ] [ reply ] Cisco Security Advisory: Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities 2011-07-20 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities Advisory ID: cisco-sa-20110720-sa500 Revision 1.0 For Public Release 2011 July 20 1600 UTC (GMT) +------------------------------------------ [ more ] [ reply ] Cisco Security Advisory: Cisco ASR 9000 Series Routers Line Card IP Version 4 Denial of Service Vulnerability 2011-07-20 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco ASR 9000 Series Routers Line Card IP Version 4 Denial of Service Vulnerability Advisory ID: cisco-sa-20110720-asr9k Revision 1.0 For Public Release 2011 July 20 1600 UTC (GMT) +-------------------------------------- [ more ] [ reply ] APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6 2011-07-20 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6 Safari 5.1 and Safari 5.0.6 are now available and address the following: CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- [ more ] [ reply ] XSS in Tiki Wiki CMS Groupware 2011-07-20 advisory htbridge ch Vulnerability ID: HTB23027 Reference: http://www.htbridge.ch/advisory/xss_in_tiki_wiki_cms_groupware.html Product: Tiki Wiki CMS Groupware Vendor: info.tiki.org ( http://info.tiki.org ) Vulnerable Version: 7.0 and probably prior Tested on: 7.0 Vendor Notification: 29 June 2011 Vulnerability Type: [ more ] [ reply ] OSI Security: Elitecore Cyberoam UTM - Authenticated Cross-Site Scripting Vulnerability 2011-07-20 Patrick Webster (patrick osisecurity com au) Elitecore Cyberoam UTM - Authenticated Cross-Site Scripting Vulnerability http://www.osisecurity.com.au/advisories/cyberoam-authenticated-cross-si te-scripting Release Date: 20-Jul-2011 Software: Elitecore Technologies - Cyberoam http://www.cyberoam.com/ "Cyberoam Unified Threat Management applian [ more ] [ reply ] HTC / Android OBEX FTP Service Directory Traversal Vulnerability 2011-07-20 alberto morenot gmail com Oracle Sun GlassFish Enterprise Server Stored XSS Vulnerability - Security Advisory - SOS-11-009 2011-07-20 Lists (lists senseofsecurity com) H2HC Brazil (Hackers 2 Hackers Conference) 8th Edition - Call for Papers 2011-07-20 Rodrigo Rubira Branco \(BSDaemon\) (rodrigo kernelhacking com) CALL FOR PAPERS - Hackers 2 Hackers Conference 8th edition The call for papers for H2HC 8th edition is now open. H2HC is a hacker conference taking place in Sao Paulo, Brazil, from 29 to 30 October 2011. [ - Introduction - ] For the eighth consecutive year and past success we have been having, t [ more ] [ reply ] [SECURITY] [DSA 2279-1] libapache2-mod-authnz-external security update 2011-07-19 white debian org (Steffen Joeris) ZDI-11-236: EMC Documentum eRoom Indexing Server OpenText HummingBird Connector Remote Code Execution Vulnerability 2011-07-18 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-236: EMC Documentum eRoom Indexing Server OpenText HummingBird Connector Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-236 July 18, 2011 -- CVE ID: CVE-2011-1741 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: EMC -- Affected Produ [ more ] [ reply ] Call for Papers: ICITST-2011 2011-07-18 Call for papers (call for papers is gmail com) Apologies for cross-postings. Please send it to interested colleagues and students. Thanks! CALL FOR PAPERS ************************************************************************ *********************** The 6th International Conference for Internet Technology and Secured Transactions (ICITST-20 [ more ] [ reply ] Reminder - DeepSec 2011 Call For Papers 2011-07-17 DeepSec Conference (deepsec deepsec net) --- DeepSec 2011 "High Five" - Call for Papers - REMINDER For the fifth time the DeepSec In-Depth Security Conference invites security researchers and professionals to submit suggestions for talks and workshops for our conference which will take place in November 2011 in Vienna. Please visit our up [ more ] [ reply ] APPLE-SA-2011-07-15-1 iOS 4.3.4 Software Update 2011-07-15 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-07-15-1 iOS 4.3.4 Software Update iOS 4.3.4 Software Update is now available and addresses the following: CoreGraphics Available for: iOS 3.0 through 4.3.3 for iPhone 3GS and iPhone 4 (GSM), iOS 3.1 through 4.3.3 for iPod touch (3rd gene [ more ] [ reply ] APPLE-SA-2011-07-15-2 iOS 4.2.9 Software Update for iPhone 2011-07-15 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-07-15-2 iOS 4.2.9 Software Update for iPhone iOS 4.2.9 Software Update for iPhone is now available and addresses the following: CoreGraphics Available for: iOS 4.2.5 through 4.2.8 for iPhone 4 (CDMA) Impact: Viewing a maliciously craft [ more ] [ reply ] ESA-2011-022: EMC Documentum eRoom Indexing Server HummingBird Client Connector Buffer Overflow Vulnerability 2011-07-15 Security_Alert emc com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-022: EMC Documentum eRoom Indexing Server HummingBird Client Connector Buffer Overflow Vulnerability EMC Identifier: ESA-2011-022 CVE Identifier: CVE-2011-1741 Severity Rating: CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) [ more ] [ reply ] [slackware-security] seamonkey (SSA:2011-195-01) 2011-07-15 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] seamonkey (SSA:2011-195-01) New seamonkey packages are available for Slackware 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: +--------------------------+ patches/packages/s [ more ] [ reply ] [slackware-security] mozilla-firefox (SSA:2011-195-02) 2011-07-15 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-firefox (SSA:2011-195-02) New mozilla-firefox packages are available for Slackware 13.0 and 13.1 to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: +--------------------------+ patches/packa [ more ] [ reply ] iDefense Security Advisory 07.14.11: Citrix Access Gateway ActiveX Stack Buffer Overflow Vulnerability 2011-07-14 labs-no-reply (labs-no-reply ivcp vrsn com) iDefense Security Advisory 07.14.11 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 14, 2011 I. BACKGROUND Citrix's Access Gateway solution provides remote access to customers via the Web browser. This is accomplished through the use of an ActiveX control that enables an SSL based VPN. [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2281-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Steffen Joeris
July 21, 2011
[ more ] [ reply ]