|
|
Prev week |
Colapse all |
Post message
Final Penultimate last Call for Papers for CanSecWest 2011 (deadline Jan. 17th, conf March 9-11) 2011-01-13 Dragos Ruiu (dr kyx net) CONFidence 2011 - Call for Papers - 24-25.05.2011 Krakow, Poland 2011-01-12 Andrzej Targosz (andrzej targosz proidea org pl) CONFIDENCE 9TH EDITION CALL FOR PAPERS. ####################################### Calling all practitioners in the field of IT security! The 9th edition of the international IT security conference, CONFidence 2011, is taking place in May 24/25, 2011. We invite all to send the proposed topic and ab [ more ] [ reply ] [SECURITY] [DSA-2141-4] New lighttpd packages fix regression 2011-01-12 Stefan Fritsch (sf debian org) [security bulletin] HPSBMA02621 SSRT100352 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code 2011-01-12 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02670501 Version: 2 HPSBMA02621 SSRT100352 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted [ more ] [ reply ] [Onapsis Security Advisory 2011-002] SAP Management Console Information Disclosure 2011-01-12 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-002: SAP Management Console Information Disclosure This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforeh [ more ] [ reply ] [Onapsis Security Advisory 2011-001] SAP Management Console Unauthenticated Service Restart 2011-01-12 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-001: SAP Management Console Unauthenticated Service Restart This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access t [ more ] [ reply ] Call for Papers: DIMVA 2011 - Extended Deadline Jan 21 2011-01-12 Konrad Rieck (konrad rieck tu-berlin de) [USN-1043-1] Little CMS vulnerability 2011-01-12 Steve Beattie (sbeattie ubuntu com) =========================================================== Ubuntu Security Notice USN-1043-1 January 12, 2011 lcms vulnerability CVE-2009-0793 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 9.10 U [ more ] [ reply ] SECURITY ADVISORY IBM Cognos 8 Business Intelligence 8.4.1 2011-01-12 Spala Ferenc (spala ferenc kancellar hu) 1. Affected software IBM Cognos 8 Business Intelligence 8.4.1 Prior versions may also be affected. "IBM Cognos 8 Business Intelligence delivers the complete range of BI capabilities: Reporting, Analysis, Dashboarding and Scorecards on a single, service-oriented architecture (SOA). Author, share an [ more ] [ reply ] [USN-1009-2] GNU C Library vulnerability 2011-01-12 Kees Cook (kees ubuntu com) =========================================================== Ubuntu Security Notice USN-1009-2 January 12, 2011 eglibc, glibc vulnerability https://launchpad.net/bugs/701783 =========================================================== A security issue affects the following Ubuntu releases: [ more ] [ reply ] [USN-1042-1] PHP vulnerabilities 2011-01-12 Steve Beattie (sbeattie ubuntu com) =========================================================== Ubuntu Security Notice USN-1042-1 January 11, 2011 php5 vulnerabilities CVE-2009-5016, CVE-2010-3436, CVE-2010-3709, CVE-2010-3710, CVE-2010-3870, CVE-2010-4156, CVE-2010-4409, CVE-2010-4645 ======================================== [ more ] [ reply ] 2011 Rocky Mountain Information Security Conference Call for Papers 2011-01-12 alex wood issa-denver org Rocky Mountain Information Security Conference Call for Papers Friday, May 13, 2011 (PreConference Workshops on Thursday, May 12, 2011) Sheraton Denver Downtown Denver, CO 80202 DEADLINE FOR PAPER SUBMISSION: FEBRUARY 11, 2011 Go Here to Submit a Paper: https://www.eiseverywhere.com/ereg/index.p [ more ] [ reply ] iDefense Security Advisory 01.10.11: HP Network Node Manager Command Injection Vulnerability 2011-01-11 labs-no-reply (labs-no-reply ivcp vrsn com) iDefense Security Advisory 01.10.11 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 10, 2011 I. BACKGROUND HP Network Node Manager Command Injection Vulnerability HP Network Node Manager (NNM) is an application suite that is used to map out and manage network topography. NNM runs on a v [ more ] [ reply ] [security bulletin] HPSBMA02557 SSRT100025 rev.2 - HP OpenView Network Node Manager (OV NNM) Running on Windows, Remote Execution of Arbitrary Code 2011-01-11 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02286088 Version: 2 HPSBMA02557 SSRT100025 rev.2 - HP OpenView Network Node Manager (OV NNM) Running on Windows, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulle [ more ] [ reply ] [TOOL RELEASE] T50 Sukhoi PAK FA Mixed Packet Injector v2.45r-H2HC 2011-01-11 Nelson Brito (nbrito sekure org) T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool, that is capable of: 1. Send sequentially (i.e., ALMOST on the same time) the following protocols: - ICMP: Internet Control Message Prot [ more ] [ reply ] [SECURITY] [DSA 2122-2] New glibc packages fix privilege escalation 2011-01-11 Florian Weimer (fw deneb enyo de) [security bulletin] HPSBMA02621 SSRT100352 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code 2011-01-11 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02670501 Version: 1 HPSBMA02621 SSRT100352 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted [ more ] [ reply ] ASPR #2011-01-11-1: Remote Binary Planting in Multiple F-Secure Products 2011-01-11 ACROS Security Lists (lists acros si) =====[BEGIN-ACROS-REPORT]===== PUBLIC ======================================================================= ACROS Security Problem Report #2011-01-11-1 ------------------------------------------------------------------------ - ASPR #2011-01-11-1: Remote Binary Planting in Multiple F-Secure Produc [ more ] [ reply ] XSRF (CSRF) in whCMS 2011-01-11 advisory htbridge ch Vulnerability ID: HTB22767 Reference: http://www.htbridge.ch/advisory/xsrf_csrf_in_whcms.html Product: whCMS Vendor: Joram van den Boezem ( http://whcms.burolaga.nl/ ) Vulnerable Version: 0.115 alpha and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: CSRF (Cross- [ more ] [ reply ] XSRF (CSRF) in Cambio 2011-01-11 advisory htbridge ch Vulnerability ID: HTB22768 Reference: http://www.htbridge.ch/advisory/xsrf_csrf_in_cambio.html Product: Cambio Vendor: Joram van den Boezem ( http://www.cambiocms.org/ ) Vulnerable Version: 0.5a nightly r37 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: CSRF [ more ] [ reply ] XSS vulnerability in diafan.CMS 2011-01-11 advisory htbridge ch Vulnerability ID: HTB22775 Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_diafan_cms.html Product: diafan.CMS Vendor: Diafan ( http://www.diafan.ru/ ) Vulnerable Version: 4.3 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: Stored XSS (Cross Si [ more ] [ reply ] XSRF (CSRF) in diafan.CMS 2011-01-11 advisory htbridge ch Vulnerability ID: HTB22777 Reference: http://www.htbridge.ch/advisory/xsrf_csrf_in_diafan_cms.html Product: diafan.CMS Vendor: Diafan ( http://www.diafan.ru/ ) Vulnerable Version: 4.3 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: CSRF (Cross-Site Request For [ more ] [ reply ] XSS vulnerability in VaM Shop 2011-01-11 advisory htbridge ch Vulnerability ID: HTB22778 Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_vam_shop.html Product: VaM Shop Vendor: Vamsoft ( http://vamshop.ru/ ) Vulnerable Version: 1,60 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: Stored XSS (Cross Site Sc [ more ] [ reply ] XSS vulnerability in VaM Shop 2011-01-11 advisory htbridge ch Vulnerability ID: HTB22781 Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_vam_shop_2.html Product: VaM Shop Vendor: Vamsoft ( http://vamshop.ru/ ) Vulnerable Version: 1.6 and Probably Prior Versions Vendor Notification: 28 December 2010 Vulnerability Type: XSS (Cross Site Scriptin [ more ] [ reply ] XSRF (CSRF) in Energine 2011-01-11 advisory htbridge ch Vulnerability ID: HTB22782 Reference: http://www.htbridge.ch/advisory/xsrf_csrf_in_energine.html Product: Energine Vendor: Energine ( http://www.energine.org/ ) Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: CSRF (Cross-Site Request [ more ] [ reply ] Path disclosure in Energine 2011-01-11 advisory htbridge ch Vulnerability ID: HTB22784 Reference: http://www.htbridge.ch/advisory/path_disclosure_in_energine.html Product: Energine Vendor: Energine ( http://www.energine.org/ ) Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: Path disclosure Sta [ more ] [ reply ] Stored XSS vulnerability in diafan.CMS 2011-01-11 advisory htbridge ch Vulnerability ID: HTB22776 Reference: http://www.htbridge.ch/advisory/stored_xss_vulnerability_in_diafan_cms.h tml Product: diafan.CMS Vendor: Diafan ( http://www.diafan.ru/ ) Vulnerable Version: 4.3 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: Stored XSS (C [ more ] [ reply ] XSS vulnerability in VaM Shop 2011-01-11 advisory htbridge ch Vulnerability ID: HTB22779 Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_vam_shop_1.html Product: VaM Shop Vendor: Vamsoft ( http://vamshop.ru/ ) Vulnerable Version: 1.6 and Probably Prior Versions Vendor Notification: 28 December 2010 Vulnerability Type: XSS (Cross Site Scriptin [ more ] [ reply ] XSRF (CSRF) in VaM Shop 2011-01-11 advisory htbridge ch Vulnerability ID: HTB22780 Reference: http://www.htbridge.ch/advisory/xsrf_csrf_in_vam_shop.html Product: VaM Shop Vendor: Vamsoft ( http://vamshop.ru/ ) Vulnerable Version: 1.6 and Probably Prior Versions Vendor Notification: 28 December 2010 Vulnerability Type: CSRF (Cross-Site Request Forgery) [ more ] [ reply ] |
|
Privacy Statement |
then they fight you, then you win." -- Mahatma Ghandi.
Well if Fox's new comedy show "Breaking In" is any
indication, infosec has now entered Ghandi's second
stage. http://goo.gl/ZpLDp [youtube] (hat tip to Adam
O'Donnell for this humorous find, an
[ more ] [ reply ]