|
|
Colapse all |
Post message
[SECURITY] [DSA 3438-1] xscreensaver security update 2016-01-10 Michael Gilbert (mgilbert debian org) CVE-2015-8396: GDCM buffer overflow in ImageRegionReader::ReadIntoBuffer 2016-01-11 Stelios Tsampas (stelios census-labs com) Grassroots DICOM (GDCM) is a C++ library for processing DICOM medical images. It provides routines to view and manipulate a wide range of image formats and can be accessed through many popular programming languages like Python, C#, Java and PHP. GDCM versions 2.6.0 and 2.6.1 (and possibly previous [ more ] [ reply ] CVE-2015-8397: GDCM out-of-bounds read in JPEGLSCodec::DecodeExtent 2016-01-11 Stelios Tsampas (stelios census-labs com) Grassroots DICOM (GDCM) is a C++ library for processing DICOM medical images. It provides routines to view and manipulate a wide range of image formats and can be accessed through many popular programming languages like Python, C#, Java and PHP. GDCM versions 2.6.0 and 2.6.1 (and possibly previous [ more ] [ reply ] [security bulletin] HPSBUX03435 SSRT102977 rev.1 - HP-UX Web Server Suite running Apache, Remote Denial of Service (DoS) 2016-01-09 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c04926789 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04926789 Version: 1 HPSBUX03435 S [ more ] [ reply ] Executable installers are vulnerable^WEVIL (case 20): TrueCrypt's installers allow arbitrary (remote) code execution and escalation of privilege 2016-01-08 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, the executable installers "TrueCrypt Setup 7.1a.exe" and TrueCrypt-7.2.exe load and execute USP10.dll, RichEd20.dll, NTMarta.dll and SRClient.dll from their "application directory". For software downloaded with a web browser the application directory is typically the user's "Downloads" dir [ more ] [ reply ] MobaXTerm before version 8.5 vulnerability in "jump host" functionality 2016-01-08 Thomas Bleier (thomas bleier at) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 == Description == MobaXTerm (http://www.mobatek.net/), a Windows SSH/RDP/VNC/etc. client, includes a functionality to open remote sessions via a so-called "jump host" or "SSH gateway". In the end this creates a "SSH Port Forward" by binding a local [ more ] [ reply ] [RT-SA-2015-005] o2/Telefonica Germany: ACS Discloses VoIP/SIP Credentials 2016-01-08 RedTeam Pentesting GmbH (release redteam-pentesting de) Advisory: o2/Telefonica Germany: ACS Discloses VoIP/SIP Credentials The o2 Auto Configuration Server (ACS) discloses VoIP/SIP credentials of arbitrary customers when receiving manipulated CWMP packets. These credentials can then be used by an attacker to register any VoIP number of the victim. This [ more ] [ reply ] WP Symposium Pro Social Network Plugin XSS and Critical CSRF Vulnerability 2016-01-08 Rahul Pratap Singh (techno rps gmail com) [security bulletin] HPSBUX03435 SSRT102977 rev.1 - HP-UX Web Server Suite running Apache, Remote Denial of Service (DoS) 2016-01-07 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c04926789 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04926789 Version: 1 HPSBUX03435 S [ more ] [ reply ] Symantec EP DOS 2016-01-08 hyp3rphp gmail com #include <windows.h> #include <Tlhelp32.h> #define SMC_EXE "Smc.exe" #define SMC_GUI "SmcGui.exe" #define CC_SVC_HST "ccSvcHst.exe" /* By Gerardo Sanchez (hyp3rphp) - Dc 2014 - hyp3rphp.altervista.org Symantec Endpoint Protection version 12.1.4013 First reported to Symantec - Jan 20, 2015 Goal: Ki [ more ] [ reply ] APPLE-SA-2016-01-07-1 QuickTime 7.7.9 2016-01-08 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-01-07-1 QuickTime 7.7.9 QuickTime 7.7.9 is now available and addresses the following: QuickTime Available for: Windows 7 and Windows Vista Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termin [ more ] [ reply ] APPLE-SA-2016-01-07-1 QuickTime 7.7.9 2016-01-08 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-01-07-1 QuickTime 7.7.9 [Re-sending with a valid signature] QuickTime 7.7.9 is now available and addresses the following: QuickTime Available for: Windows 7 and Windows Vista Impact: Viewing a maliciously crafted movie file may lead [ more ] [ reply ] Possible vulnerability in F5 BIG-IP LTM - Improper input validation of the HTTP version number of the HTTP reqest allows any payload size and conent to pass through 2016-01-07 Eitan Caspi (eitanc yahoo com) Initial note: The vendor has graded this issue as a vulnerability graded as "High" in my email exchange with it, but eventually posted the issue as a "Know Issue", so some of this issue's characteristic that follows can be treated as initial ones, as I ask the IS community to look into this issue an [ more ] [ reply ] [CVE-2015-7242] AVM FRITZ!Box: HTML Injection Vulnerability 2016-01-07 Daniel Schliebner (mail ds-develop de) Serendipity Security Advisory - XSS Vulnerability - CVE-2015-8603 2016-01-07 Onur Yilmaz (onur netsparker com) Information -------------------- Advisory by Netsparker Name: XSS Vulnerability in Serendipity Affected Software : Serendipity Affected Versions: v2.0.2 and possibly below Vendor Homepage : http://www.s9y.org Vulnerability Type : Cross-site Scripting Severity : Important Status : Fixed CVE-ID : CVE- [ more ] [ reply ] [RT-SA-2015-001] AVM FRITZ!Box: Remote Code Execution via Buffer Overflow 2016-01-07 RedTeam Pentesting GmbH (release redteam-pentesting de) Advisory: AVM FRITZ!Box: Remote Code Execution via Buffer Overflow RedTeam Pentesting discovered that several models of the AVM FRITZ!Box are vulnerable to a stack-based buffer overflow, which allows attackers to execute arbitrary code on the device. Details ======= Product: AVM FRITZ!Box 3272/7 [ more ] [ reply ] [RT-SA-2014-014] AVM FRITZ!Box: Arbitrary Code Execution Through Manipulated Firmware Images 2016-01-07 RedTeam Pentesting GmbH (release redteam-pentesting de) Advisory: AVM FRITZ!Box: Arbitrary Code Execution Through Manipulated Firmware Images The firmware upgrade process of the FRITZ!Box 7490 is flawed. Specially crafted firmware images can overwrite critical files. Arbitrary code can get executed if an attempt is made to install such a manip [ more ] [ reply ] Executable installers are vulnerable^WEVIL (case 19): ZoneAlarm's installers allow arbitrary (remote) code execution and escalation of privilege 2016-01-07 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, the executable installers ZASPSetupWeb_141_011_000.exe and zafwSetupWeb_141_011_000.exe load and execute (at least) UXTheme.dll, WindowsCodecs.dll and ProfAPI.dll from their "application directory". For software downloaded with a web browser the application directory is typically the user' [ more ] [ reply ] [SYSS-2015-062] ownCloud Information Exposure Through Directory Listing (CVE-2016-1499) 2016-01-07 erlijn vangenuchten syss de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-062 Product: ownCloud Manufacturer: ownCloud Inc., Community Affected Version(s): ownCloud <= 8.2.1, <= 8.1.4, <= 8.0.9 Tested Version(s): 8.1.1, 8.1.4 Vulnerability Type: Information Exposure Through Directory Listing (CWE-548) [ more ] [ reply ] Executable installers are vulnerable^WEVIL (case 18): EMSISoft's installers allow arbitrary (remote) code execution and escalation of privilege 2016-01-07 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, EmsisoftAntiMalwareSetup.exe as well as EmsisoftAntiMalwareXPSetup.exe, EmsisoftEmergencyKit.exe and EmsisoftHiJackFreeSetup.exe load and execute UXTheme.dll (plus other DLLs like RichEd20.dll and RichEd32.dll) eventually found in the directory they are started from (the "application direct [ more ] [ reply ] [security bulletin] HPSBGN03530 rev.1 - HPE UCMDB Browser, Remote Disclosure of Sensitive Information, Local Unauthorized Access 2016-01-06 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c04924053 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04924053 Version: 1 HPSBGN03530 r [ more ] [ reply ] [SECURITY] [DSA 3435-1] git security update 2016-01-05 Laszlo Boszormenyi \(GCS\) (gcs debian org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------ - Debian Security Advisory DSA-3435-1 security (at) debian (dot) org [email concealed] https://www.debian.org/security/ Laszlo Boszormenyi (GCS) January 05, 2016 [ more ] [ reply ] CVE-2015-7944, CVE-2015-7945 - Ganeti Security Advisory (DoS, Unauthenticated Info Leak) 2016-01-04 Pierre Kim (pierre kim sec gmail com) Hello, Please find a text-only version below sent to security mailing-lists. The html version on analysing the vulnerabilities in Ganeti is posted here: https://pierrekim.github.io/blog/2016-01-05-Ganeti-Info-Leak-DoS.html === text-version of the advisory === -----BEGIN PGP SIGNED MESSAGE [ more ] [ reply ] Executable installers/self-extractors are vulnerable^WEVIL (case 17): Kaspersky Labs utilities 2016-01-03 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, quite some utilities offered for free by Kaspersky Lab load and execute rogue/bogus DLLs (UXTheme.dll, HNetCfg.dll, RichEd20.dll, RASAdHlp.dll, SetupAPI.dll, ClbCatQ.dll, XPSP2Res.dll, CryptNet.dll, OLEAcc.dll etc.) eventually found in the directory they are started from (the "application d [ more ] [ reply ] [SECURITY] CVE-2015-5349: Apache Directory Studio command injection vulnerability 2016-01-02 Stefan Seelmann (seelmann apache org) CVE-2015-5349: Apache Directory Studio command injection vulnerability Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: - Apache LDAP Studio 0.6.0 to 0.8.1 - Apache Directory Studio 1.0.0 to 2.0.0-M9 Description: The CSV export didnâ??t escape the fields properly. Mal [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA512
- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3438-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Michael Gilbert
January 09, 2016
[ more ] [ reply ]