|
|
Prev week |
Colapse all |
Post message
ESA-2010-017: RSA, The Security Division of EMC, announces a security update for RSA Authentication Agent 7.0 for Web, which addresses a potential directory traversal vulnerability 2010-09-22 Security_Alert emc com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2010-017: RSA, The Security Division of EMC, announces a security update for RSA Authentication Agent 7.0 for Web, which addresses a potential directory traversal vulnerability Security Advisory Updated September 20, 2010 Summary: Th [ more ] [ reply ] CONFidence 2.0 2010 - Call for Papers - 29-30.11.2010 Prague 2010-09-21 Andrzej Targosz (andrzej targosz proidea org pl) CONFIDENCE 2.0 #8TH EDITION# CALL FOR PAPERS. Calling all practitioners in the field of IT security! The 8th edition of the international IT security conference, CONFidence 2010, is taking place in November 29/30, 2010, Prague, Czech Republic. We invite all to send the proposed topic and abstracts [ more ] [ reply ] [ECHO_ADV_113$2010] BSI Hotel Booking System Admin Login Bypass Vulnerability 2010-09-22 adv e-rdc org TimeTrack 1.2.4 Joomla Component Multiple SQL Injection Vulnerabilities 2010-09-22 Salvatore Fresta aka Drosophila (drosophilaxxx gmail com) Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities 2010-09-22 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities Advisory ID: cisco-sa-20100922-cucmsip http://www.cisco.com/warp/public/707/cisco-sa-20100922-cucmsip.shtml Revision 1.0 For Public Release 2010 Septe [ more ] [ reply ] Cisco Security Advisory: Cisco IOS SSL VPN Vulnerability 2010-09-22 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco IOS SSL VPN Vulnerability Advisory ID: cisco-sa-20100922-sslvpn http://www.cisco.com/warp/public/707/cisco-sa-20100922-sslvpn.shtml Revision 1.0 For Public Release 2010 September 22 1600 UTC (GMT) - ------------------------------------------- [ more ] [ reply ] Cisco Security Advisory: Cisco IOS Software Internet Group Management Protocol Denial of Service Vulnerability 2010-09-22 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Software Internet Group Management Protocol Denial of Service Vulnerability Advisory ID: cisco-sa-20100922-igmp http://www.cisco.com/warp/public/707/cisco-sa-20100922-igmp.shtml Revision 1.0 For Public Release 2010 [ more ] [ reply ] Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities 2010-09-22 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Advisory ID: cisco-sa-20100922-sip http://www.cisco.com/warp/public/707/cisco-sa-20100922-sip.shtml Revision 1.0 For Public Release 2010 Septem [ more ] [ reply ] Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities 2010-09-22 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities Advisory ID: cisco-sa-20100922-nat http://www.cisco.com/warp/public/707/cisco-sa-20100922-nat.shtml Revision 1.0 For Public Release 2010 September 22 1600 UTC (G [ more ] [ reply ] [ISecAuditors Security Advisories] Reflected XSS in Atmail WebMail < v6.2.0 2010-09-21 ISecAuditors Security Advisories (advisories isecauditors com) ============================================= INTERNET SECURITY AUDITORS ALERT 2010-009 - Original release date: August 30th, 2010 - Last revised: September 21st, 2010 - Discovered by: Vicente Aguilera Diaz - Severity: 4.3/10 (CVSSv2 Base Scored) ============================================= I. VU [ more ] [ reply ] [ISecAuditors Security Advisories] Insecure Direct Object Reference in tuenti.com allow to read of any message user 2010-09-21 ISecAuditors Security Advisories (advisories isecauditors com) ============================================= INTERNET SECURITY AUDITORS ALERT 2010-008 - Original release date: August 30th, 2010 - Last revised: September 21st, 2010 - Discovered by: Vicente Aguilera Diaz - Severity: 4/10 (CVSSv2 Base Scored) ============================================= I. VULNE [ more ] [ reply ] CollabNet Subversion Edge Log Parser XSS/Code Injection Vulnerability 2010-09-21 sk (sk10_0 yahoo com) CollabNet Subversion Edge Log Parser XSS/Code Injection Vulnerability Discovery Date: Sep 10, 2010 Risk: Important Description: There is a Cross Site Script (XSS) vulnerability that exists in CollabNet Subversion Edge 1.2 and prior versions. This said vulnerability can be exploited by send [ more ] [ reply ] [USN-990-2] Apache vulnerability 2010-09-21 Marc Deslauriers (marc deslauriers canonical com) =========================================================== Ubuntu Security Notice USN-990-2 September 21, 2010 apache2 vulnerability CVE-2009-3555 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.0 [ more ] [ reply ] [USN-990-1] OpenSSL vulnerability 2010-09-21 Marc Deslauriers (marc deslauriers canonical com) =========================================================== Ubuntu Security Notice USN-990-1 September 21, 2010 openssl vulnerability CVE-2009-3555 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.0 [ more ] [ reply ] Exploit Next Generation® Methodology 2010-09-19 Nelson Brito (nbrito sekure org) Some of you already heard about the Exploit Next Generation® Methodology - or ENG++ (pronounced /Ä?n'jÄn/ incremented)... And some of you were in its very first appearance: - The Departed: Exploit Next Generation @ H2HC 6th Edition The ENG++ helps to create new exploit variants, maintaining the [ more ] [ reply ] Security Contact Allianz IT-Infrastructure - Germany 2010-09-21 Stefan Bauer (stefan bauer cubewerk de) I'm looking for a security Contact to Allianz IT-Infrastructure Team - Germany. Anyone a clue howto reach them? Cheers -- cubewerk ------------------------------ stefan.bauer (at) cubewerk (dot) de [email concealed] IT-Beratung + Planung ------------------- Tel +49 8621 996 02 37 Herzog-Otto-Strasse 32 ------------------ Fax [ more ] [ reply ] [USN-989-1] PHP vulnerabilities 2010-09-20 Marc Deslauriers (marc deslauriers canonical com) =========================================================== Ubuntu Security Notice USN-989-1 September 20, 2010 php5 vulnerabilities CVE-2010-0397, CVE-2010-1128, CVE-2010-1129, CVE-2010-1130, CVE-2010-1866, CVE-2010-1868, CVE-2010-1917, CVE-2010-2094, CVE-2010-2225, CVE-2010-2531, CVE-2010- [ more ] [ reply ] Binary Planting Attack Vectors - There's more than one way to skin a cat... or plant a binary, for that matter 2010-09-20 ACROS Security Lists (lists acros si) ACROS Security is presenting an analysis of many different delivery methods for binary planting attacks, providing a hopefully more comprehensive view on the feasibility of such attacks. We looked at some of the most popular web browsers, most popular e-mail clients and most popular document reader [ more ] [ reply ] Vulnerable 3rd-party DLLs used in TrendMicro's malware scanner HouseCall 2010-09-20 Stefan Kanthak (stefan kanthak nexgo de) Trend Micro <http://www.trendmicro.com/> / <http://www.antivirus.com/> offer a free malware cleanup tool named "HouseCall 7.1" for Windows: <http://housecall.trendmicro.com/> <http://go.trendmicro.com/housecall7/HousecallLauncher.exe> <http://go.trendmicro.com/housecall7/HousecallLauncher64.exe> V [ more ] [ reply ] Battle.net Mobile Authenticator MITM Vulnerability 2010-09-20 yawninglol gmail com The Blizzard Entertainment Battle.net mobile authenticator application that is used as part of an optional two factor authentication scheme to safeguard accounts is vulnerable to a passive eavesdropper during the initialization process which occurs once per the lifetime of a given device. An [ more ] [ reply ] [USN-986-3] dpkg vulnerability 2010-09-20 Jamie Strandboge (jamie canonical com) =========================================================== Ubuntu Security Notice USN-986-3 September 20, 2010 dpkg vulnerability CVE-2010-0405 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 L [ more ] [ reply ] n.runs-SA-2010.001 - Alcatel-Lucent - unauthenticated administrative access to CTI CCA Server 2010-09-20 security nruns com n.runs-SA-2010.002 - Alcatel-Lucent - arbitrary code execution on OmniVista 4760 2010-09-20 security nruns com n.runs-SA-2010.002 - Alcatel-Lucent - arbitrary code execution on OmniVista 4760 2010-09-20 security nruns com |
|
Privacy Statement |
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2010:188
http://www.mandriva.com/security/
______________________________________________________________________
[ more ] [ reply ]