|
|
Colapse all |
Post message
[security bulletin] HPESBGN03698 rev.1 - HPE DDMi using OpenSSL, Remote Arbitrary Code Execution, Bypass Security Restrictions, Denial of Service (DoS) 2017-02-11 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053868 04 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05386804 Version: 1 HPESBGN03698 rev.1 [ more ] [ reply ] [security bulletin] HPSBMU03692 rev.1 - HPE Matrix Operating Environment, Multiple Remote Vulnerabilities 2017-02-11 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053856 80 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05385680 Version: 1 HPSBMU03692 rev.1 [ more ] [ reply ] [slackware-security] tcpdump (SSA:2017-041-04) 2017-02-10 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] tcpdump (SSA:2017-041-04) New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. NOTE: These updates also require the updated libpcap package. Here are the details from t [ more ] [ reply ] [slackware-security] openssl (SSA:2017-041-02) 2017-02-10 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] openssl (SSA:2017-041-02) New openssl packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/openssl- [ more ] [ reply ] [security bulletin] HPESBHF03704 rev.1 - HPE OfficeConnect Network Switches, Local Unauthorized Data Modification 2017-02-10 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053889 48 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05388948 Version: 1 HPESBHF03704 rev.1 [ more ] [ reply ] [security bulletin] HPESBNS03702 rev.1 - HPE NonStop OSS Core Utilities with Bash Shell, Local Arbitrary Command Execution, Elevation of Privilege 2017-02-09 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053881 15 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05388115 Version: 1 HPESBNS03702 rev.1 [ more ] [ reply ] TP-Link C2 and C20i vulnerable to command injection (authenticated root RCE), DoS, improper firewall rules 2017-02-08 Pierre Kim (pierre kim sec gmail com) Hello, Please find a text-only version below sent to security mailing lists. The HTML version on "Vulnerabilities found in TP-Link C2 and C20i" is posted here: https://pierrekim.github.io/blog/2017-02-09-tplink-c2-and-c20i-vulnerabl e.html === text-version of the advisory === -----BEGIN PGP [ more ] [ reply ] [slackware-security] php (SSA:2017-041-03) 2017-02-10 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] php (SSA:2017-041-03) New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/php [ more ] [ reply ] WebKitGTK+ Security Advisory WSA-2017-0002 2017-02-10 Carlos Alberto Lopez Perez (clopez igalia com) Authentication bypass vulnerability in Western Digital My Cloud 2017-02-08 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Authentication bypass vulnerability in Western Digital My Cloud ------------------------------------------------------------------------ Remco Vermeulen, Januari 2017 ----------------------------------------------------------- [ more ] [ reply ] Cisco Security Advisory: Cisco ASA Clientless SSL VPN CIFS Heap Overflow Vulnerability 2017-02-08 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Cisco Security Advisory: Cisco ASA Clientless SSL VPN CIFS Heap Overflow Vulnerability Advisory ID: cisco-sa-20170208-asa Revision 1.0 For Public Release 2017 February 8 16:00 GMT (UTC) +---------------------------------------------------------- [ more ] [ reply ] Cisco Security Advisory: Cisco AnyConnect Secure Mobility Client for Windows SBL Privileges Escalation Vulnerability 2017-02-08 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Cisco Security Advisory: Cisco AnyConnect Secure Mobility Client for Windows SBL Privileges Escalation Vulnerability Advisory ID: cisco-sa-20170208-anyconnect Revision 1.0 For Public Release 2017 February 8 16:00 GMT (UTC) +-------------------- [ more ] [ reply ] ESA-2017-001: EMC Isilon InsightIQ Authentication Bypass Vulnerability 2017-02-07 EMC Product Security Response Center (Security_Alert emc com) SEC Consult SA-20170207 :: Path Traversal, Backdoor accounts & KNX group address password bypass in JUNG Smart Visu server 2017-02-07 SEC Consult Vulnerability Lab (research sec-consult com) [security bulletin] HPESBUX03699 SSRT110304 rev.1 - HP-UX BIND, Multiple Remote Denial of Service (DoS) 2017-02-06 HPE Product Security Response Team (security-alert hpe com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053816 87 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05381687 Version: 1 HPESBUX03699 SS [ more ] [ reply ] Teleopti WFM <= 7.1.0 Multiple Vulnerabilities 2017-02-06 Graph-X (graphx sigaint org) ############################################################# # Advisory Title: Teleopti WFM (Multiple Vulnerabilities) # Date: 2/4/2017 # Researcher: Graph-X ((email: graphx (at) sigaint (dot) org [email concealed])) # Vendor Homepage: http://www.teleopti.com # Version: <= 7.1.0 # CVE: is dead ################################ [ more ] [ reply ] [SECURITY] [DSA 3781-1] svgsalamander security update 2017-02-05 Moritz Muehlenhoff (jmm debian org) ZoneMinder - multiple vulnerabilities 2017-02-05 john terabyteit com au -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ======================================================================== == Product: ZoneMinder Versions: Multiple versions - see inline Vulnerabilities: File disclosure, XSS, CSRF, Auth bypass & Info disclosure CVE-IDs: CVE-2017-5595, CVE-2017-5367, CVE [ more ] [ reply ] [FOXMOLE SA 2016-07-05] ZoneMinder - Multiple Issues 2017-02-02 FOXMOLE Advisories (advisories foxmole com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 === FOXMOLE - Security Advisory 2016-07-05 === Zoneminder multiple vulnerabilities ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Affected Versions ================= Zoneminder 1.29,1.30 Issue Overview ============== Vulnerability Type: SQL Injection, Cross S [ more ] [ reply ] Ghostscript 9.20 Filename Command Execution 2017-02-02 apparitionsec gmail com (hyp3rlinx) [+]##################################################################### ############################ [+] Credits: John Page AKA hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/GHOSTSCRIPT-FILENAME-COMMAND- EXECUTION.txt [+] ISR: ApparitionSec [ more ] [ reply ] [security bulletin] HPSBST03588 rev 1. - HPE StoreVirtual 4000 Storage and StoreVirtual VSA Software running LeftHand OS, Remote Arbitrary Command Execution 2017-02-01 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053829 58 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05382958 Version: 1 HPSBST03588 rev 1. [ more ] [ reply ] Cisco Security Advisory: Cisco Prime Home Authentication Bypass Vulnerability 2017-02-01 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Prime Home Authentication Bypass Vulnerability Advisory ID: cisco-sa-20170201-prime-home Revision 1.0 For Public Release 2017 February 1 16:00 UTC (GMT) +--------------------------------------------------------------- [ more ] [ reply ] ESA-2017-003: EMC Network Configuration Manager (NCM) Multiple Vulnerabilities 2017-02-01 EMC Product Security Response Center (Security_Alert emc com) ----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ESA-2017-003: EMC Network Configuration Manager (NCM) Multiple Vulnerabilities EMC Identifier: ESA-2017-003 CVE Identifier: CVE-2017-2767, CVE-2017-2768 Severity Rating: CVSS v3 Base Score: See below for scores Affected products: EMC Sof [ more ] [ reply ] [security bulletin] HPESBHF03700 rev.1 - HPE iMC PLAT, Remote Disclosure of Information, Denial of Service (DoS) 2017-01-31 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053824 18 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05382418 Version: 1 HPESBHF03700 rev.1 [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA256
- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3787-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
February 13, 2017
[ more ] [ reply ]