|
|
Prev week |
Colapse all |
Post message
XSS vulnerability in TWiki < 5.0.2 2011-05-18 Netsparker Advisories (advisories mavitunasecurity com) Information ----------------------------------- Name : XSS vulnerability in TWiki Software : TWiki 5.0.1 and possibily below. Vendor Hompeage : http://twiki.org/ Vulnerability Type : Cross-Site Scripting Severity : High Researcher : Mesut Timur <mesut [at] mavitunasecurity [dot] com> Advisory [ more ] [ reply ] CVE-2010-0217 - Zeacom Chat Server JSESSIONID weak SessionID Vulnerability 2011-05-17 Daniel Clemens (daniel clemens packetninjas net) Ruxcon 2011 Call For Papers 2011-05-17 cfp ruxcon org au Ruxcon 2011 Call For Papers The Ruxcon team is pleased to announce the call for papers for the seventh annual Ruxcon conference. This year the conference will take place over the weekend of 19th and 20th of November at the CQ Function Centre, Melbourne, Australia. The deadline for submissions is [ more ] [ reply ] HTB22981: Multiple XSS (Cross Site Scripting) vulnerabilities in PHP Calendar Basic 2011-05-17 advisory htbridge ch Vulnerability ID: HTB22981 Reference: http://www.htbridge.ch/advisory/multiple_xss_cross_site_scripting_vulner abilities_in_php_calendar_basic.html Product: PHP Calendar Basic Vendor: Kubelabs.com ( http://www.kubelabs.com/ ) Vulnerable Version: 2.3 and probably prior versions Vendor Notification: 0 [ more ] [ reply ] [SECURITY] CVE-2011-1582 Apache Tomcat security constraint bypass 2011-05-17 Mark Thomas (markt apache org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2011-1582 Apache Tomcat security constraint bypass Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.12-7.0.13 - - Earlier versions are not affected Description: An error in the fixes for CVE-2011-1088/ [ more ] [ reply ] [USN-1132-1] apturl vulnerability 2011-05-16 Marc Deslauriers (marc deslauriers canonical com) ======================================================================== == Ubuntu Security Notice USN-1132-1 May 16, 2011 apturl vulnerability ======================================================================== == A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu [ more ] [ reply ] ZDI-11-168: Multiple Vendor librpc.dll Remote Information Disclosure Vulnerability 2011-05-16 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-168: Multiple Vendor librpc.dll Remote Information Disclosure Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-168 May 16, 2011 -- CVE ID: CVE-2011-0321 & CVE-2011-1210 -- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C) -- Affected Vendors: IBM EMC -- Affected Products: IBM Informix [ more ] [ reply ] Vulnerable and completely outdated 3rd party ZIP code in FastStone image viewer 2011-05-16 Stefan Kanthak (stefan kanthak nexgo de) The FastStone image viewer <http://www.faststone.org/> (and most probably other FastStone products too) contains a 3rd party ZipDll.dll 1.6.0.0 dated 2001-10-28. This DLL was originally written by Chris Vleghert and Eric W. Engler, based on InfoZIPs <http://infozip.org> code from 2000. It is but v [ more ] [ reply ] PR10-15: Multiple XSS flaws within Mitel's AWC (Mitel Audio and Web Conferencing) 2011-05-16 research (research procheckup com) PR10-15: Multiple XSS flaws within Mitel's AWC (Mitel Audio and Web Conferencing) Vulnerability found: 21st July 2010 Vendor informed: 26th July 2010 Vulnerability fixed: Severity: High Description: Mitel Audio and Web Conferencing (AWC) are a simple, cost-effective and scalable audio and web [ more ] [ reply ] MalBox Release! A Program Behavior Analysis System! 2011-05-16 Xiaobo (xbma sei xjtu edu cn) | | __ \ / _ \\ \/ / | Y Y \ / __ \_| |__| \_\ \( <_ ) < |__|_| /(____ /|____/|___ / \____//__/\_ \ \/ \/ \/ \/ MalBox Release!! A Program Behavior Analysis System! MalBox is a program/malware behavior analysis system that is able to analyze the local and network behaviors, including file/pro [ more ] [ reply ] WebTech Conference 2011 Call for Papers 2011-05-16 Carsten Eilers (ceilers-lists gmx de) Hello, the next WebTech Conference will take place from 10.-12. October in Mainz, Germany. Subjects are Web Development, Web Security and Webstandards: * Web Development * Web Security * Webstandards * JavaScript * Mobile Web * E-Commerce Solutions & Mash-ups * APIs, Mash-ups & Widgets * Tools an [ more ] [ reply ] Linux Kernel 2.6.38 Remote NULL Pointer Dereference 2011-05-16 roberto paleari emaze net Linux Kernel 2.6.38 Remote NULL Pointer Dereference ==================================================== [Advisory Information] Title: Linux kernel 2.6.38: Remote NULL pointer dereference Release date: 11/05/2011 Last update: 11/05/2011 Credits: Aristide Fattori, Università degli S [ more ] [ reply ] DC4420 - London DEFCON - May meet - Tuesday 24th May 2011 2011-05-16 Major Malfunction (majormal pirate-radio org) NSENSE-2011-002: Novell eDirectory/Netware LDAP-SSL daemon 2011-05-16 Henri Lindberg henri+lists (at) nsense (dot) fi [email concealed] (henri+lists nsense fi) ESA-2011-016: EMC SourceOne ASP.NET application tracing information disclosure vulnerability 2011-05-13 Security_Alert emc com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-016: EMC SourceOne ASP.NET application tracing information disclosure vulnerability. EMC Identifier: ESA-2011-016 CVE Identifier: CVE-2011-1424 Severity Rating: CVSS v2 Base Score: 6.8 (AV:N/AC:L/Au:S/C:C/I:N/A:N) Affected products [ more ] [ reply ] Multiple Vendors libc/fnmatch(3) DoS (incl apache poc) 2011-05-12 cxib securityreason com [ Multiple Vendors libc/fnmatch(3) DoS (incl apache poc) ] Author: Maksymilian Arciemowicz http://netbsd.org/donations/ http://securityreason.com/ http://cxib.net/ Date: - Dis.: 29.01.2011 - Pub.: 13.05.2011 CVE: CVE-2011-0419 CWE: CWE-399 Affected Software (verified): - Apache 2.2.17 - NetBSD 5 [ more ] [ reply ] [Annoucement] ClubHack Magazine - Call for Articles 2011-05-13 abhijeet clubhack com ClubHack Magazine is seeking for submissions for next issue i.e. June 2011 issue. If you have something interesting and would like to share, please send in your articles to abhijeet (at) clubhack (dot) com [email concealed] Topics/Themes for June issue is - Wireless Pentesting It has as 6 sections: 1.Tech Gyan - Main article [ more ] [ reply ] [security bulletin] HPSBMA02681 SSRT100493 rev.1 - HP Business Availability Center (BAC) Running on Windows and Solaris, Remote Cross Site Scripting (XSS) 2011-05-13 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02823184 Version: 1 HPSBMA02681 SSRT100493 rev.1 - HP Business Availability Center (BAC) Running on Windows and Solaris, Remote Cross Site Scripting (XSS) NOTICE: The information in this Securit [ more ] [ reply ] CORE-2011-0204: Adobe Audition vulnerability processing malformed session file 2011-05-12 CORE Security Technologies Advisories (advisories coresecurity com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ Adobe Audition vulnerability processing malformed session file 1. *Advisory Information* Title: Adobe Audition vulnerability processing malformed session fi [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:092
http://www.mandriva.com/security/
______________________________________________________________________
[ more ] [ reply ]