|
|
Colapse all |
Post message
Safebreach adsivory: Node.js HTTP Response Splitting (CVE-2016-2216) 2016-02-09 Amit Klein (aksecurity gmail com) ESA-2016-010 EMC Documentum xCP Security Update for Multiple Vulnerabilities 2016-02-09 Security Alert (Security_Alert emc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2016-010 EMC Documentum xCP Security Update for Multiple Vulnerabilities EMC Identifier: ESA-2016-010 CVE Identifier: CVE-2016-0881, CVE-2016-0882 Severity Rating: CVSS v3 Base Score: Please refer the Details section for individual scores [ more ] [ reply ] Privilege escalation Vulnerability in ManageEngine Network Configuration Management 2016-02-09 kingkaustubh me com ======================================================================== =========== Privilege escalation Vulnerability in ManageEngine Network Configuration Management ======================================================================== =========== . contents:: Table Of Content Overview ======= [ more ] [ reply ] [slackware-security] curl (SSA:2016-039-01) 2016-02-08 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] curl (SSA:2016-039-01) New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patc [ more ] [ reply ] [slackware-security] libsndfile (SSA:2016-039-02) 2016-02-08 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libsndfile (SSA:2016-039-02) New libsndfile packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patch [ more ] [ reply ] [SECURITY] [DSA 3472-1] wordpress security update 2016-02-08 Salvatore Bonaccorso (carnil debian org) WordPress WP User Frontend Plugin [Unrestricted File Upload] 2016-02-08 Panagiotis Vagenas (pan vagenas gmail com) * Exploit Title: WordPress WP User Frontend Plugin [Unrestricted File Upload] * Discovery Date: 2016-02-04 * Public Disclosure: 2016-02-08 * Exploit Author: Panagiotis Vagenas * Contact: https://twitter.com/panVagenas * Vendor Homepage: https://wedevs.com * Software Link: https://wordpress.org/plugi [ more ] [ reply ] WordPress WooCommerce - Store Toolkit Plugin [Privilege Escalation] 2016-02-08 Panagiotis Vagenas (pan vagenas gmail com) * Exploit Title: WordPress WooCommerce - Store Toolkit Plugin [Privilege Escalation] * Discovery Date: 2016-02-06 * Public Disclosure Date: 2016-02-08 * Exploit Author: Panagiotis Vagenas * Contact: https://twitter.com/panVagenas * Vendor Homepage: http://www.visser.com.au/ * Software Link: https:// [ more ] [ reply ] PressePortal NewsAktuell (DPA) - Multiple Vulnerabilities 2016-02-08 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== PressePortal NewsAktuell (DPA) - Multiple Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1676 Vulnerability Magazine: http://magazine.vulnerability-db.com/?q=articles/2016/02/08/researcher-u ncovers-mult [ more ] [ reply ] Ebay Inc (Pages) - Client Side Cross Site Scripting Vulnerabilities 2016-02-08 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Ebay Inc (Pages) - Client Side Cross Site Scripting Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1626 Release Date: ============= 2016-02-07 Vulnerability Laboratory ID (VL-ID): =================== [ more ] [ reply ] Alsovalue CMS 2016Q1 - SQL Injection Web Vulnerability 2016-02-08 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Alsovalue CMS 2016Q1 - SQL Injection Web Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1714 Release Date: ============= 2016-02-08 Vulnerability Laboratory ID (VL-ID): ================================ [ more ] [ reply ] Getdpd BB #4 - (name) Persistent Validation Vulnerability 2016-02-08 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Getdpd BB #4 - (name) Persistent Validation Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1568 ID: #14772 Release Date: ============= 2016-02-08 Vulnerability Laboratory ID (VL-ID): ================= [ more ] [ reply ] Getdpd BB #5 - Persistent Filename Vulnerability 2016-02-08 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Getdpd BB #5 - Persistent Filename Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1569 ID: #14773 Release Date: ============= 2016-02-05 Vulnerability Laboratory ID (VL-ID): ========================== [ more ] [ reply ] JavaScript Anywhere v3.0.4 iOS - Persistent Vulnerability 2016-02-08 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== JavaScript Anywhere v3.0.4 iOS - Persistent Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1709 Release Date: ============= 2016-02-08 Vulnerability Laboratory ID (VL-ID): ============================= [ more ] [ reply ] Local Microsoft Windows 7 / 8 / 10 Buffer Overflow via Third-Party USB-Driver (ser2co64.sys) 2016-02-08 Ralf Spenneberg (info os-t de) OS-S Security Advisory 2016â??02-08 Prolific Ser2co64.sys Stack Buffer Overflow Date: December 23th, 2015 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: Not assigned yet CVSS: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C) Title: Local Microsoft Windows 7 / 8 / 10 Buffer Overflow via Third-Pa [ more ] [ reply ] Symphony CMS multiple vulnerabilities 2016-02-08 Filippo Cavallarin (filippo cavallarin wearesegment com) Advisory ID: SGMA-16002 Title: Symphony CMS multiple vulnerabilities Product: Symphony CMS Version: 2.6.5 and probably prior Vendor: www.getsymphony.com Vulnerability type: SQL-injection, Unrestriced File Upload Risk level: 4 / 5 Credit: filippo.cavallarin (at) wearesegment (dot) com [email concealed] CVE: N/A Vendor notificati [ more ] [ reply ] WordPress User Meta Manager Plugin [Information Disclosure] 2016-02-08 Panagiotis Vagenas (pan vagenas gmail com) * Exploit Title: WordPress User Meta Manager Plugin [Information Disclosure] * Discovery Date: 2015-12-28 * Public Disclosure Date: 2016-02-01 * Exploit Author: Panagiotis Vagenas * Contact: https://twitter.com/panVagenas * Vendor Homepage: http://jasonlau.biz/home/ * Software Link: https://wordpres [ more ] [ reply ] Executable installers are vulnerable^WEVIL (case 25): WinRAR's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege 2016-02-07 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, the executable installers of WinRAR 5.30 and earlier versions as well as ALL self-extracting archives created with them load and execute UXTheme.dll, RichEd32.dll and RichEd20.dll from their "application directory". For software downloaded with a web browser the application directory is ty [ more ] [ reply ] CFP: SIN 2016 - 9th International Conference on Security of Information and Networks 2016-02-07 Hossain Shahriar (hshahria kennesaw edu) ======================================================================== = Please accept our apologies if you receive multiple copies of this CFP ======================================================================== = CALL FOR CONTRIBUTIONS ====================== 9th International Conference on Se [ more ] [ reply ] [SECURITY] [DSA 3467-1] tiff security update 2016-02-06 Salvatore Bonaccorso (carnil debian org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------ - Debian Security Advisory DSA-3467-1 security (at) debian (dot) org [email concealed] https://www.debian.org/security/ Laszlo Boszormenyi (GCS) February 06, 2016 [ more ] [ reply ] Multiple vulnerabilities in Open Real Estate v 1.15.1 2016-02-05 Simon Waters \(Surevine\) (simon waters surevine com) Introduction: Open Real Estate is an open source CMS for managing estate agent websites. It is written in PHP and uses the YII CMF. It supports multiple languages. It is supported by MonoRay.net The product has a number of commercial support offerings available and an internal market for extensi [ more ] [ reply ] [security bulletin] HPSBGN03430 rev.3 - HP ArcSight products, Local Elevation of Privilege 2016-02-05 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c04872416 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04872416 Version: 3 HPSBGN03430 r [ more ] [ reply ] [CVE-2016-0602, CVE-2016-0603] Executable installers are vulnerable^WEVIL (case 24): Oracle Java 6/7/8 SE and VirtualBox 2016-02-05 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, the installers or Oracle's Java 6/7/8 for Windows and VirtualBox for Windows load and execute several DLLs from their "application directory". * The online installer jxpiinstall.exe: UXTheme.dll and RASAdHlp.dll plus (on Windows XP) SetupAPI.dll, HNetCfg.dll and XPSP2Res.dll (on Wind [ more ] [ reply ] [security bulletin] HPSBGN03434 rev.1 - HP Continuous Delivery Automation using Java Deserialization, Remote Arbitrary Code Execution 2016-02-05 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c04958567 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04958567 Version: 1 HPSBGN03434 r [ more ] [ reply ] [security bulletin] HPSBHF03431 rev.2 - HPE Network Switches, local Bypass of Security Restrictions, Indirect Vulnerabilities 2016-02-05 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c04920918 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04920918 Version: 2 HPSBHF03431 r [ more ] [ reply ] CVE-2015-3252: Apache CloudStack VNC authentication issue 2016-02-05 John Kinsella (jlk thrashyour com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2015-3252: Apache CloudStack VNC authentication issue CVSS v2: 4.3 (AV:N/AC:H/Au:M/C:P/I:P/A:P) Vendors: The Apache Software Foundation Citrix, Inc. Versions Afffected: Apache CloudStack 4.4.4, 4.5.1 Description: Apache CloudStack sets a VNC p [ more ] [ reply ] |
|
Privacy Statement |
Safebreach just published an advisory on HTTP Response Splitting
vulnerability in Node.js:
http://info.safebreach.com/hubfs/Node-js-Response-Splitting.pdf
The advisory is accompanied by a blog post:
http://blog.safebreach.com/2016/02/09/http-response-splitting-in-node-js
-root-cause-analy
[ more ] [ reply ]