|
|
Prev week |
Colapse all |
Post message
ICMPv6 Router Announcement flooding denial of service affecting multiple systems 2011-04-05 Marc Heuse (mh mh-sec de) StartSite.ir Cross-site Scripting Vulnerability 2011-04-05 md r00t defacer gmail com #------------In The Name Of God------------ # StartSite.ir Cross-site Scripting Vulnerability ################################### #AUTHOR: md.r00t #Mail: md.r00t.defacer (at) gmail (dot) com [email concealed] #Website: www.r00t.gigfa.com #Forum: http://ajaxtm.com/forum ################################### #Google D0rk: # "Powere [ more ] [ reply ] [security bulletin] HPSBMA02652 SSRT100432 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure 2011-04-05 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02776387 Version: 2 HPSBMA02652 SSRT100432 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure NOTICE: The information in this Security [ more ] [ reply ] HTB22911: XSS in Eleanor CMS 2011-04-05 advisory htbridge ch Vulnerability ID: HTB22911 Reference: http://www.htbridge.ch/advisory/xss_in_eleanor_cms.html Product: Eleanor CMS Vendor: Eleanor CMS ( http://eleanor-cms.ru/ ) Vulnerable Version: rc5 Vendor Notification: 22 March 2011 Vulnerability Type: XSS (Cross Site Scripting) Status: Fixed by Vendor Risk l [ more ] [ reply ] HTB22912: Multiple SQL Injections in Eleanor CMS 2011-04-05 advisory htbridge ch Vulnerability ID: HTB22912 Reference: http://www.htbridge.ch/advisory/multiple_sql_injections_in_eleanor_cms.h tml Product: Eleanor CMS Vendor: Eleanor CMS ( http://eleanor-cms.ru/ ) Vulnerable Version: rc5 Vendor Notification: 22 March 2011 Vulnerability Type: SQL Injection Status: Fixed by Vendor [ more ] [ reply ] HTB22913: Multiple CSRF (Cross-Site Request Forgery) in UseBB 2011-04-05 advisory htbridge ch Vulnerability ID: HTB22913 Reference: http://www.htbridge.ch/advisory/multiple_csrf_cross_site_request_forgery _in_usebb.html Product: UseBB Vendor: UseBB ( http://www.usebb.net/ ) Vulnerable Version: 1.0.11 Vendor Notification: 22 March 2011 Vulnerability Type: CSRF (Cross-Site Request Forgery) Ri [ more ] [ reply ] HTB22914: Local File Inclusion in UseBB 2011-04-05 advisory htbridge ch Vulnerability ID: HTB22914 Reference: http://www.htbridge.ch/advisory/local_file_inclusion_in_usebb.html Product: UseBB Vendor: UseBB ( http://www.usebb.net/ ) Vulnerable Version: 1.0.11 Vendor Notification: 22 March 2011 Vulnerability Type: Local File Inclusion Risk level: Medium Credit: High-Te [ more ] [ reply ] Re: Xymon monitor cross-site scripting vulnerabilities 2011-04-04 Henri Salo (henri nerv fi) On Sun, Apr 03, 2011 at 12:15:12PM +0200, Henrik Størner wrote: > Several cross-site scripting vulnerabilities have been identified in > the Xymon systems- and network-monitoring tool available at > http://sourceforge.net/projects/xymon/ > > All versions prior to 4.3.1 (released April 3, 2011) are [ more ] [ reply ] [USN-1104-1] FFmpeg vulnerabilities 2011-04-04 Marc Deslauriers (marc deslauriers canonical com) =========================================================== Ubuntu Security Notice USN-1104-1 April 04, 2011 ffmpeg vulnerabilities CVE-2010-3429, CVE-2010-3908, CVE-2010-4704, CVE-2011-0480, CVE-2011-0722, CVE-2011-0723 =========================================================== A secur [ more ] [ reply ] [USN-1103-1] tex-common vulnerability 2011-04-04 Marc Deslauriers (marc deslauriers canonical com) =========================================================== Ubuntu Security Notice USN-1103-1 April 04, 2011 tex-common vulnerability CVE-2011-1400 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 10.04 LTS Ubuntu [ more ] [ reply ] [USN-1102-1] tiff vulnerability 2011-04-04 Marc Deslauriers (marc deslauriers canonical com) =========================================================== Ubuntu Security Notice USN-1102-1 April 04, 2011 tiff vulnerability CVE-2011-1167 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 L [ more ] [ reply ] ZDI-11-116: Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability 2011-04-04 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-116: Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-116 April 4, 2011 -- CVE ID: CVE-2011-0994 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Novell -- Affected Products: Novell File Reporter [ more ] [ reply ] Re: DC4420 - London DEFCON - April meet - Wednesday 20th April 2011 2011-04-04 Adam Laurie (adam algroup co uk) Doh!!! 20th, not 22nd!!! Major Malfunction wrote: > I know it's 3 weeks out, but there's a lot going on that week so I > wanted to make sure you've got this in your calendars! > > You wanted technical, you got it.... In March we quantum'd your minds > then keylogged you with 13 lines of code: T [ more ] [ reply ] DC4420 - London DEFCON - April meet - Wednesday 22nd April 2011 2011-04-04 Major Malfunction (majormal pirate-radio org) I know it's 3 weeks out, but there's a lot going on that week so I wanted to make sure you've got this in your calendars! You wanted technical, you got it.... In March we quantum'd your minds then keylogged you with 13 lines of code: Thanks to Gregoire of IDQ for the drinks and the great talk. [ more ] [ reply ] RealNetworks RealGames StubbyUtil.ProcessMgr.1 ActiveX Control (InstallerDlg.dll v2.6.0.445) Multiple Remote Commands Execution Vulnerabilities 2011-04-02 nospam gmail it RealNetworks RealGames StubbyUtil.ProcessMgr.1 ActiveX Control (InstallerDlg.dll v2.6.0.445) Multiple Remote Commands Execution Vulnerabilities tested against Internet Explorer 9, Vista sp2 download url: http://www.gamehouse.com/ background: When choosing to play with theese online games ex. t [ more ] [ reply ] Xymon monitor cross-site scripting vulnerabilities 2011-04-03 Henrik Størner (henrik hswn dk) Several cross-site scripting vulnerabilities have been identified in the Xymon systems- and network-monitoring tool available at http://sourceforge.net/projects/xymon/ All versions prior to 4.3.1 (released April 3, 2011) are vulnerable. I would like to thank David Ferrest for notifying me of thi [ more ] [ reply ] RealNetworks RealGames StubbyUtil.ShellCtl.1 ActiveX Control (InstallerDlg.dll v2.6.0.445) Multiple Remote Commands Execution and Code Execution Vulnerabilities 2011-04-02 nospam gmail it RealNetworks RealGames StubbyUtil.ShellCtl.1 ActiveX Control (InstallerDlg.dll v2.6.0.445) Multiple Remote Commands Execution and Code Execution Vulnerabilities tested against Internet Explorer 9, Vista sp2 download url: http://www.gamehouse.com/ background: When choosing to play with theese o [ more ] [ reply ] THOMSON Router XSS 2011-04-02 edgard chammas balamand edu lb ##################################################################### # Vendor: THOMSON Router # Product Name: TG585 v7 # Software Release: 7.4.4.7 # Vulnerability type: XSS # Risk rating: Medium ##################################################################### # [Exploit] # http://[ROUTE [ more ] [ reply ] ZDI-11-115: IBM solidDB solid.exe Authentication Bypass Remote Code Execution Vulnerability 2011-04-01 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-115: IBM solidDB solid.exe Authentication Bypass Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-115 April 1, 2011 -- CVSS: 9.3, (AV:N/AC:M/Au:N/C:C/I:C/A:C) -- Affected Vendors: IBM -- Affected Products: IBM solidDB -- TippingPoint(TM) IPS Custome [ more ] [ reply ] ZDI-11-041: (0day) Multiple Browser Node Processing Stack Overflow Vulnerability 2011-04-01 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-041: (0day) Multiple Browser Node Processing Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-911 April 1, 2011 -- CVE ID: CVE-C000-00FD -- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C) -- Affected Vendors: Microsoft Mikul Apple ISC -- Affected Products: Mi [ more ] [ reply ] Stored and Reflective XSS in Yaws-Wiki 1.88-1 (Erlang) 2011-04-04 mike sitewat ch Software: yaws-wiki version affected: 1.88-1 platform: Erlang homepage:http://yaws.hyber.org/ Researcher: Michael Brooks Original Advisory:https://sitewat.ch/en/Advisory/4 Install instructions for Ubuntu: sudo apt-get install yaws-wiki Edit:/etc/yaws/conf.d/yaws-wiki.conf #add this: [ more ] [ reply ] XCon 2011 XFocus Information Security Conference Call for Paper 2011-04-02 xcon huayongxingan com XCon 2011 XFocus Information Security Conference Call for Paper September, 1st ? 2nd, 2011, Beijing, China (http://xcon.xfocus.net) Upholding rigorous work style, XCon sincerely welcomes contributions from information security technique enthusiasts and expects your participation and sharing. Atte [ more ] [ reply ] |
|
Privacy Statement |
the issue. Cisco did for its IOS and ASA within 3 months.
________________________________________________________________________
Title: ICMPv6 Router Announcement flooding denial of service affecting
multiple systems
Date:
[ more ] [ reply ]