|
|
Prev week |
Colapse all |
Post message
ZDI-11-086: Oracle Java Webstart Trusted JNLP Extension Remote Code Execution Vulnerability 2011-02-15 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-086: Oracle Java Webstart Trusted JNLP Extension Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-086 February 15, 2011 -- CVE ID: CVE-2010-4463 -- CVSS: 9.7, (AV:N/AC:L/Au:N/C:C/I:C/A:P) -- Affected Vendors: Oracle -- Affected Products: Oracle Java [ more ] [ reply ] ZDI-11-083: Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability 2011-02-15 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-083: Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-083 February 15, 2011 -- CVE ID: CVE-2010-4465 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Oracle -- Affected Products: Oracle Java Runti [ more ] [ reply ] [USN-1065-1] shadow vulnerability 2011-02-15 Kees Cook (kees ubuntu com) =========================================================== Ubuntu Security Notice USN-1065-1 February 15, 2011 shadow vulnerability CVE-2011-0721 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 Ubuntu 10.04 LT [ more ] [ reply ] Gain Windows Domain Admin Privileges - Online Challenge 2011-02-16 Ivan Buetler (ivan buetler csnc ch) Do you feel like a free online web wargame? Try to gain Windows Domain Admin Privileges from a Terminal Server. Try out the Swiss Cyber Storm 3 February CarGame challenge. http://www.hacking-lab.com/sh/6PKVZ9M or http://www.hacking-lab.com/sh/LNANTtz Enjoy! Ivan www.swisscyberstorm.com [ more ] [ reply ] ZDI-11-084: Oracle Java Unsigned Applet Applet2ClassLoader Remote Code Execution Vulnerability 2011-02-15 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-084: Oracle Java Unsigned Applet Applet2ClassLoader Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-084 February 15, 2011 -- CVE ID: CVE-2010-4452 -- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C) -- Affected Vendors: Oracle -- Affected Products: Oracle Jav [ more ] [ reply ] [SECURITY] CVE-2011-0533: Apache Archiva cross-site scripting vulnerability 2011-02-16 Brett Porter (brett apache org) CVE-2011-0533: Apache Archiva cross-site scripting vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Archiva 1.3.0 - 1.3.3 The unsupported versions Archiva 1.0 - 1.2.2 are also affected. Description: A request that included a specially crafted request pa [ more ] [ reply ] ZDI-11-085: Oracle Java XGetSamplePtrFromSnd Remote Code Execution Vulnerability 2011-02-15 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-085: Oracle Java XGetSamplePtrFromSnd Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-085 February 15, 2011 -- CVE ID: CVE-2010-4462 -- CVSS: 7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P) -- Affected Vendors: Oracle -- Affected Products: Oracle Java Runtime - [ more ] [ reply ] ZDI-11-082: Oracle Java Runtime NTLM Authentication Information Leakage Vulnerability 2011-02-15 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-082: Oracle Java Runtime NTLM Authentication Information Leakage Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-082 February 15, 2011 -- CVE ID: CVE-2010-4466 -- CVSS: 6.4, (AV:N/AC:L/Au:N/C:P/I:P/A:N) -- Affected Vendors: Oracle -- Affected Products: Oracle Java Runti [ more ] [ reply ] [USN-1064-1] OpenSSL vulnerability 2011-02-15 Steve Beattie (sbeattie ubuntu com) =========================================================== Ubuntu Security Notice USN-1064-1 February 15, 2011 openssl vulnerability CVE-2011-0014 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 10.04 LTS Ubuntu 10 [ more ] [ reply ] Tembria Server Monitor Weak Cryptographic Password Storage Vulnerability 2011-02-15 robkraus solutionary com Tembria Server Monitor Weak Cryptographic Password Storage Vulnerability Solutionary ID: SERT-VDN-1004 Solutionary Disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Tembria-Server-Mo nitor-Weak-Xpto-Pwd-Storage.html CVE ID: Pending Product: Tembria Server Monitor [ more ] [ reply ] HTB22825: SQL Injection in Seo Panel 2011-02-15 advisory htbridge ch Vulnerability ID: HTB22825 Reference: http://www.htbridge.ch/advisory/sql_injection_in_seo_panel_2.html Product: Seo Panel Vendor: http://www.seopanel.in/ ( http://www.seopanel.in/ ) Vulnerable Version: 2.2.0 Vendor Notification: 01 February 2011 Vulnerability Type: SQL Injection Risk level: High [ more ] [ reply ] Tembria Server Monitor Multiple Cross-site Scripting (XSS) Vulnerabilities 2011-02-15 robkraus solutionary com Tembria Server Monitor Multiple Cross-site Scripting (XSS) Vulnerabilities Solutionary ID: SERT-VDN-1003 Solutionary Disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Tembria-Server-Mo nitor-XSS.html CVE ID: Pending Product: Tembria Server Monitor Application Ven [ more ] [ reply ] HTB22823: SQL Injection in Seo Panel 2011-02-15 advisory htbridge ch Vulnerability ID: HTB22823 Reference: http://www.htbridge.ch/advisory/sql_injection_in_seo_panel.html Product: Seo Panel Vendor: http://www.seopanel.in/ ( http://www.seopanel.in/ ) Vulnerable Version: 2.2.0 Vendor Notification: 01 February 2011 Vulnerability Type: SQL Injection Risk level: High C [ more ] [ reply ] HTB22827: File Content Disclosure in Wikipad 2011-02-15 advisory htbridge ch Vulnerability ID: HTB22827 Reference: http://www.htbridge.ch/advisory/file_content_disclosure_in_wikipad.html Product: Wikipad Vendor: Cherry-Design ( http://www.cherry-software.spb.ru/ ) Vulnerable Version: 1.6.0 Vendor Notification: 01 February 2011 Vulnerability Type: File Content Disclosure Ri [ more ] [ reply ] HTB22824: SQL Injection in Seo Panel 2011-02-15 advisory htbridge ch Vulnerability ID: HTB22824 Reference: http://www.htbridge.ch/advisory/sql_injection_in_seo_panel_1.html Product: Seo Panel Vendor: http://www.seopanel.in/ ( http://www.seopanel.in/ ) Vulnerable Version: 2.2.0 Vendor Notification: 01 February 2011 Vulnerability Type: SQL Injection Risk level: High [ more ] [ reply ] HTB22826: Multiple XSS vulnerabilities in Wikipad 2011-02-15 advisory htbridge ch Vulnerability ID: HTB22826 Reference: http://www.htbridge.ch/advisory/multiple_xss_vulnerabilities_in_wikipad. html Product: Wikipad Vendor: Cherry-Design ( http://www.cherry-software.spb.ru/ ) Vulnerable Version: 1.6.0 Vendor Notification: 01 February 2011 Vulnerability Type: XSS (Cross Site Scrip [ more ] [ reply ] HTB22830: Multiple XSS vulnerabilities in Gollos 2011-02-15 advisory htbridge ch Vulnerability ID: HTB22830 Reference: http://www.htbridge.ch/advisory/multiple_xss_vulnerabilities_in_gollos.h tml Product: Gollos Vendor: Gollos ( http://www.gollos.com/ ) Vulnerable Version: 2.8 and probably prior versions Vendor Notification: 01 February 2011 Vulnerability Type: XSS (Cross Site [ more ] [ reply ] HTB22832: Path disclosure in ArtGK CMS 2011-02-15 advisory htbridge ch Vulnerability ID: HTB22832 Reference: http://www.htbridge.ch/advisory/path_disclosure_in_artgk_cms.html Product: ArtGK CMS Vendor: ArtGK ( http://artgk-cms.ru/ ) Vulnerable Version: 2009-08-28 16:00:00 and Probably Prior Versions Vendor Notification: 01 February 2011 Vulnerability Type: Path discl [ more ] [ reply ] HTB22833: Information Disclosure in Arctic Fox CMS 2011-02-15 advisory htbridge ch Vulnerability ID: HTB22833 Reference: http://www.htbridge.ch/advisory/information_disclosure_in_arctic_fox_cms .html Product: Arctic Fox CMS Vendor: Michael Armbruster ( http://sourceforge.net/projects/arcticfox/ ) Vulnerable Version: 0.9.4 and probably prior versions Vendor Notification: 01 Februar [ more ] [ reply ] HTB22831: XSS vulnerability in Gollos 2011-02-15 advisory htbridge ch Vulnerability ID: HTB22831 Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_gollos.html Product: Gollos Vendor: Gollos ( http://www.gollos.com/ ) Vulnerable Version: 2.8 and probably prior versions Vendor Notification: 01 February 2011 Vulnerability Type: XSS (Cross Site Scripting) [ more ] [ reply ] HTB22828: Multiple XSS vulnerabilities in Photopad 2011-02-15 advisory htbridge ch Vulnerability ID: HTB22828 Reference: http://www.htbridge.ch/advisory/multiple_xss_vulnerabilities_in_photopad .html Product: Photopad Vendor: Cherry-Design ( http://www.cherry-software.spb.ru/ ) Vulnerable Version: 1.2.0 Vendor Notification: 01 February 2011 Vulnerability Type: XSS (Cross Site Scr [ more ] [ reply ] HTB22829: Path disclosure in Xaraya 2011-02-15 advisory htbridge ch Vulnerability ID: HTB22829 Reference: http://www.htbridge.ch/advisory/path_disclosure_in_xaraya.html Product: Xaraya Vendor: Xaraya Development Group ( http://www.xaraya.com/ ) Vulnerable Version: 2.2.0 (beta 1) Vendor Notification: 01 February 2011 Vulnerability Type: Path disclosure Risk level: [ more ] [ reply ] [USN-1062-1] Kerberos vulnerabilities 2011-02-15 Steve Beattie (sbeattie ubuntu com) =========================================================== Ubuntu Security Notice USN-1062-1 February 15, 2011 krb5 vulnerabilities CVE-2010-4022, CVE-2011-0281, CVE-2011-0282 =========================================================== A security issue affects the following Ubuntu releases [ more ] [ reply ] [USN-1063-1] QEMU vulnerability 2011-02-14 Kees Cook (kees ubuntu com) =========================================================== Ubuntu Security Notice USN-1063-1 February 14, 2011 qemu-kvm vulnerability CVE-2011-0011 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 Ubuntu 10.04 [ more ] [ reply ] Re: Linksys WAP610N Unauthenticated Root Console 2011-02-14 Matteo Ignaccolo (matteo ignaccolo securenetwork it) The correct public disclosure date is 10/02/2011 In data Thursday 10 February 2011 00:12:10, Matteo Ignaccolo ha scritto: > Secure Network - Security Research Advisory > > Vuln name: Linksys WAP610N Unauthenticated Access With Root Privileges > Systems affected: WAP610N (Firmware Version: 1.0.01) [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2164-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Nico Golde
February 16, 2011
[ more ] [ reply ]