SecurityFocus

FreeBSD Security Advisory FreeBSD-SA-15:13.tcp 2015-07-22
FreeBSD Security Advisories (security-advisories freebsd org)

Logstash vulnerability CVE-2015-5378 2015-07-21
Kevin Kluge (kevin elastic co)

Summary:

Logstash 1.5.2 and prior versions are vulnerable to a SSL/TLS security issue called the FREAK attack. If you are using the Lumberjack input, FREAK allows an attacker to successfully implement a man in the middle attack, intercepting communication between the Logstash Forwarder agent and Lo

[ more ] [ reply ]

WorldCIST'2016 - Brazil: Call for Workshops Proposals - Best Papers published by ISI/SCI Journals 2015-07-21
Maria Lemos (marialemos72 gmail com)

-----------
CALL FOR WORKSHOPS PROPOSALS
WorldCIST'16 - 4th World Conference on Information Systems and Technologies
Recife, PE, Brazil
22th-24th of March 2016
http://www.aisti.eu/worldcist16/
-------------------------------------------

WORKSHOP FORMAT

The Information Systems and Technologies res

[ more ] [ reply ]

CVE-2015-5379: Axigen XSS vulnerability for html attachments 2015-07-21
Ioan Indreias (ioan indreias axigen com)

CVEID: CVE-2015-5379

SUBJECT: Axigen XSS vulnerability for html attachments

DESCRIPTION: Axigen's WebMail Ajax interface implements a view
attachment function that executes javascript code that is part of email
HTML attachments.
This allows a malicious user to craft email messages that could expos

[ more ] [ reply ]

[security bulletin] HPSBMU03380 rev.1 - HP System Management Homepage (SMH) on Linux and Windows, Multiple Vulnerabilities 2015-07-20
security-alert hp com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04746490

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04746490
Version: 1

HPSBMU03380 re

[ more ] [ reply ]

[security bulletin] HPSBMU03377 rev.1 - HP Release Control running RC4, Remote Disclosure of Information 2015-07-20
security-alert hp com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04743784

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04743784
Version: 1

HPSBMU03377 re

[ more ] [ reply ]

[security bulletin] HPSBUX03379 SSRT101976 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-07-20
security-alert hp com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04745746

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04745746
Version: 1

HPSBUX03379 SS

[ more ] [ reply ]

[SECURITY] [DSA 3311-1] mariadb-10.0 security update 2015-07-20
Salvatore Bonaccorso (carnil debian org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3311-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 20, 2015

[ more ] [ reply ]

[SECURITY] [DSA 3310-1] freexl security update 2015-07-19
Moritz Muehlenhoff (jmm debian org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3310-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
July 19, 2015

[ more ] [ reply ]

[SECURITY] [DSA 3309-1] tidy security update 2015-07-18
Alessandro Ghedini (ghedo debian org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3309-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Alessandro Ghedini
July 18, 2015

[ more ] [ reply ]

[SECURITY] [DSA 3308-1] mysql-5.5 security update 2015-07-18
Salvatore Bonaccorso (carnil debian org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3308-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 18, 2015

[ more ] [ reply ]

[slackware-security] httpd (SSA:2015-198-01) 2015-07-17
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] httpd (SSA:2015-198-01)

New httpd packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/httpd

[ more ] [ reply ]

[slackware-security] php (SSA:2015-198-02) 2015-07-17
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2015-198-02)

New php packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/php-5.4.4

[ more ] [ reply ]

AirDroid ID - Client Side JSONP Callback Vulnerability 2015-07-17
Vulnerability Lab (research vulnerability-lab com)

Document Title:
===============
AirDroid ID - Client Side JSONP Callback Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1544

Release Date:
=============
2015-07-10

Vulnerability Laboratory ID (VL-ID):
================================

[ more ] [ reply ]

FoxyCart Bug Bounty #1 - Filter Bypass & Persistent Vulnerability 2015-07-17
Vulnerability Lab (research vulnerability-lab com)

Document Title:
===============
FoxyCart Bug Bounty #1 - Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1451

098bdc9b309783df65044c5abb690dafdd4bcd436c380ae68c924fe37e14b4e0

Release Date:
=============
2015-

[ more ] [ reply ]

UDID+ v2.5 iOS - Mail Command Inject Vulnerability 2015-07-17
Vulnerability Lab (research vulnerability-lab com)

Document Title:
===============
UDID+ v2.5 iOS - Mail Command Inject Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1542

Release Date:
=============
2015-07-06

Vulnerability Laboratory ID (VL-ID):
====================================

[ more ] [ reply ]

Oracle E-Business Suite Servlet URL Redirection Vulnerability 2015-07-17
owais md khan gmail com

Oracle E-Business Suite Servlet URL Redirection vulnerability (CVE-2015-2630)

Versions Affected: 11.5.10.2, 12.0.6, 12.1.3

Discussion:
Oracle E-Business Suite is prone to a remote URL-redirection vulnerability. This vulnerability may allow a malicious user to perform a phishing attack by sending a

[ more ] [ reply ]

Novell GroupWise 2014 WebAccess vulnerable to XSS attacks 2015-07-17
adrian vollmer syss de

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-021
Product: GroupWise
Vendor: Novell
Affected Version(s): 2014
Tested Version(s): 2014
Vulnerability Type: Cross-Site Scripting (CWE-79)
Risk Level: High
Solution Status: Fixed
Vendor Notification: 2015-05-04
Solution Date: 20

[ more ] [ reply ]

SEC Consult SA-20150716-0 :: Permanent Cross-Site Scripting in Oracle Application Express 2015-07-16
SEC Consult Vulnerability Lab (research sec-consult com)

Elasticsearch CVE-2015-5531 2015-07-16
Kevin Kluge (kevin elastic co)

Summary:
Elasticsearch versions from 1.0.0 to 1.6.0 are vulnerable to a directory traversal attack that allows an attacker to retrieve files that are readable by the Elasticsearch JVM process.

We have been assigned CVE-2015-5531 for this issue.

Fixed versions:
Versions 1.6.1 and 1.7.0 address t

[ more ] [ reply ]

Elasticsearch CVE-2015-5377 2015-07-16
Kevin Kluge (kevin elastic co)

Summary:
Elasticsearch versions prior to 1.6.1 are vulnerable to an engineered attack on its transport protocol that enables remote code execution. This issue is related to the Groovy announcement in CVE-2015-3253.

Deployments are vulnerable even when Groovy dynamic scripting is disabled.

We

[ more ] [ reply ]

ESA-2015-123: EMC Documentum WebTop Open Redirect Vulnerability 2015-07-16
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-123: EMC Documentum WebTop Open Redirect Vulnerability

ESA Identifier: ESA-2015-123

CVE Identifier: CVE-2015-4529

Severity Rating: CVSS v2 Base Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)

Affected products:

? EMC Documentum WebTop v

[ more ] [ reply ]

ESA-2015-122: EMC Documentum CenterStage Cross-site Scripting Vulnerability 2015-07-16
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-122: EMC Documentum CenterStage Cross-site Scripting Vulnerability

EMC Identifier: ESA-2015-122

CVE Identifier: CVE-2015-4528

Severity Rating: CVSS v2 Base Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

Affected products:

? EMC Documen

[ more ] [ reply ]

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:

All unsupported versions ranging from 1.7.0 to 2.4.3.

Impact

Remote execution of untrusted code, DoS

Description

When an application has Groovy on classpath and that it uses standard
Java serialization mechanims to

[ more ] [ reply ]

Backdoor and RCE found in 8 TOTOLINK router models 2015-07-15
Pierre Kim (pierre kim sec gmail com)

Hello,

Please find a text-only version below sent to security mailing-lists.

The complete version on analysing the backdoor in TOTOLINK products is
posted here:

https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-
TOTOLINK-products.html

=== text-version of the advisory wi

[ more ] [ reply ]

Backdoor credentials found in 4 TOTOLINK router models 2015-07-15
Pierre Kim (pierre kim sec gmail com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

## Advisory Information

Title: Backdoor credentials found in 4 TOTOLINK router models
Advisory URL: https://pierrekim.github.io/advisories/2015-totolink-0x03.txt
Blog URL: https://pierrekim.github.io/blog/2015-07-16-backdoor-credentials-found-i
n-4-TO

[ more ] [ reply ]

4 TOTOLINK router models vulnerable to CSRF and XSS attacks 2015-07-15
Pierre Kim (pierre kim sec gmail com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

## Advisory Information

Title: 4 TOTOLINK router models vulnerable to CSRF and XSS attacks
Advisory URL: https://pierrekim.github.io/advisories/2015-totolink-0x01.txt
Blog URL: http://pierrekim.github.io/blog/2015-07-16-4-TOTOLINK-products-vulnerabl
e

[ more ] [ reply ]

15 TOTOLINK router models vulnerable to multiple RCEs 2015-07-15
Pierre Kim (pierre kim sec gmail com) (1 replies)

Hash: SHA512

## Advisory Information

Title: 15 TOTOLINK router models vulnerable to multiple RCEs
Advisory URL: https://pierrekim.github.io/advisories/2015-totolink-0x00.txt
Blog URL: https://pierrekim.github.io/blog/2015-07-16-15-TOTOLINK-products-vulnera
ble-to-multiple-RCEs.html
Date published:

[ more ] [ reply ]

Re: [FD] 15 TOTOLINK router models vulnerable to multiple RCEs 2015-07-16
Joshua Wright (jwright hasborg com)

Cisco Security Advisory: Cisco Videoscape Delivery System Denial of Service Vulnerability 2015-07-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)