|
|
Colapse all |
Post message
[slackware-security] gnutls (SSA:2015-233-01) 2015-08-21 Slackware Security Team (security slackware com) [security bulletin] HPSBGN03395 rev.1 - HP KeyView running on HP-UX, Linux, Solaris, Windows, FreeBSD, and AIX, Remote Code Execution 2015-08-21 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04771027 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04771027 Version: 1 HPSBGN03395 r [ more ] [ reply ] Logstash vulnerability CVE-2015-5619 2015-08-21 Suyog Rao (suyog elastic co) Summary: Logstash 1.5.3 and prior versions are vulnerable to a SSL/TLS security issue which allows an attacker to successfully implement a man in the middle attack. This vulnerability is not present in the initial installation of Logstash. This insecurity is exposed when users configure Lumberjack o [ more ] [ reply ] [security bulletin] HPSBUX03410 SSRT102175 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-08-21 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04774040 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04774040 Version: 1 HPSBUX03410 S [ more ] [ reply ] APPLE-SA-2015-08-20-1 QuickTime 7.7.8 2015-08-20 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-08-20-1 QuickTime 7.7.8 QuickTime 7.7.8 is now available and addresses the following: QuickTime Available for: Windows 7 and Windows Vista Impact: Processing a maliciously crafted file may lead to an unexpected application termination [ more ] [ reply ] Re: Micro Login System v1.0 (userpwd.txt) Password Disclosure Vulnerability 2015-08-20 anonymous yahoo com [security bulletin] HPSBUX03369 SSRT102037 rev.1 - HP-UX execve(2), Local Elevation of Privilege 2015-08-20 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04735247 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04735247 Version: 1 HPSBUX03369 S [ more ] [ reply ] [oCERT-2015-009] VLC arbitrary pointer dereference 2015-08-20 Andrea Barisani (lcars ocert org) #2015-009 VLC arbitrary pointer dereference Description: The VLC media player is an open source media player and streaming media server. The stable VLC version suffers from an arbitrary pointer dereference vulnerability. The vulnerability affects the 3GP file format parser, insufficient restric [ more ] [ reply ] UBNT Bug Bounty #3 - Persistent Filename Vulnerability 2015-08-20 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== UBNT Bug Bounty #3 - Persistent Filename Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1467 Video: http://www.vulnerability-lab.com/get_content.php?id=1468 Release Date: ============= 2015-08-11 Vuln [ more ] [ reply ] UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability 2015-08-20 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1465 #52988 Release Date: ============= 2015-08-17 Vulnerability Laboratory ID (VL-ID): =========== [ more ] [ reply ] WebSolutions India Design CMS - SQL Injection Vulnerability 2015-08-20 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== WebSolutions India Design CMS - SQL Injection Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1577 Release Date: ============= 2015-08-20 Vulnerability Laboratory ID (VL-ID): =========================== [ more ] [ reply ] ChiefPDF Software v2.x - Buffer Overflow Vulnerability 2015-08-20 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== ChiefPDF Software v2.x - Buffer Overflow Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1578 Release Date: ============= 2015-08-20 Vulnerability Laboratory ID (VL-ID): ================================ [ more ] [ reply ] PDF Shaper v3.5 - (MSF) Remote Buffer Overflow Vulnerability 2015-08-20 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== PDF Shaper v3.5 - (MSF) Remote Buffer Overflow Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1579 Video: https://youtu.be/-HTEIisSiH8 Release Date: ============= 2015-08-16 Vulnerability Laboratory I [ more ] [ reply ] Microsoft HTA (HTML Application) - Remote Code Execution Vulnerability (MS14-064) 2015-08-20 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Microsoft HTA (HTML Application) - Remote Code Execution Vulnerability (MS14-064) References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1576 Video: http://youtu.be/Vkswz7vt23M http://web.nvd.nist.gov/view/vuln/detail?vulnId= [ more ] [ reply ] [SECURITY] [DSA 3341-1] conntrack security update 2015-08-20 Salvatore Bonaccorso (carnil debian org) ESA-2015-132: EMC Documentum D2 Fail Open Vulnerability 2015-08-20 Security Alert (Security_Alert emc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-132: EMC Documentum D2 Fail Open Vulnerability EMC Identifier: ESA-2015-132 CVE Identifier: CVE-2015-4537 Severity Rating: CVSS v2 Base Score: 8.5 (AV:N/AC:M/Au:S/C:C/I:C/A:C) Affected products: ? EMC Documentum D2 4.2 and earli [ more ] [ reply ] [SECURITY] [DSA 3340-1] zendframework security update 2015-08-19 Alessandro Ghedini (ghedo debian org) [security bulletin] HPSBUX03400 SSRT102211 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-08-19 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04769567 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04769567 Version: 1 HPSBUX03400 S [ more ] [ reply ] CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability 2015-08-19 Christofer Dutz (cdutz apache org) CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Flex BlazeDS 4.7.0 Description: When receiving XML encoded AMF messages containing DTD entities, the default XML parser configura [ more ] [ reply ] Privilege escalation through RPC commands in EMC Documentum Content Server (incomplete fix in CVE-2015-4532) 2015-08-19 andrew panfilov tel Product: EMC Documentum Content Server Vendor: EMC Version: ANY CVE: N/A Risk: High Status: public/not fixed For detailed description see attached VRF#HUFG9EBA.txt and VRF#HX5OLZ0F.txt, for vendor announcement see CVE-2015-4532 in http://seclists.org/bugtraq/2015/Aug/86. The problem is PoC code p [ more ] [ reply ] Re: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information 2015-08-19 Asher995 gmail com (2 replies) Good brunettes will obtain loads of favorable assessment from their customers. There are several online assessment websites the place you may try to discover a overview of the brunette escort that you've got chosen. Since there are a number of brunette escorts in Istanbul, it should be a cakewalk [ more ] [ reply ] Re: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information 2015-08-19 paul szabo sydney edu au (1 replies) Re: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information 2015-08-20 Steve Shockley (steve shockley shockley net) RE: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information 2015-08-19 Chillman, Paul, Vodafone UK (Paul Chillman vodafone com) [SYSS-2015-041] XSS in OpenText Secure MFT 2015-08-19 adrian vollmer syss de Advisory ID: SYSS-2015-041 Product: Secure MFT Vendor: OpenText Affected Version(s): 2013 R1, 2014 R1, 2014 R2 Tested Version(s): 2014 R2 SP4 Vulnerability Type: Cross-Site Scripting (CWE-79) Risk Level: Medium Solution Status: Fixed Vendor Notification: 2015-08-05 Solution Date: 2015-08-14 Public D [ more ] [ reply ] Trend Micro Deep Discovery XSS 2015-08-19 apparitionsec gmail com [+] Credits: John Page aka hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-DDI-081815b.txt Vendor: ================================ www.trendmicro.com Product: ============================================================== T [ more ] [ reply ] |
|
Privacy Statement |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] gnutls (SSA:2015-233-01)
New gnutls packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.
IMPORTANT: On Slackware 14.0, install the new updated nettle package first.
Here are the details from t
[ more ] [ reply ]