|
|
Colapse all |
Post message
[slackware-security] mozilla-thunderbird (SSA:2015-056-02) 2015-02-26 Slackware Security Team (security slackware com) [security bulletin] HPSBUX03273 SSRT101951 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2015-02-26 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04580241 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04580241 Version: 1 HPSBUX03273 SS [ more ] [ reply ] [security bulletin] HPSBUX03244 SSRT101885 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilites 2015-02-26 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04556853 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04556853 Version: 2 HPSBUX03244 SS [ more ] [ reply ] [security bulletin] HPSBUX03162 SSRT101885 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilites 2015-02-25 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04556853 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04556853 Version: 1 HPSBUX03162 SS [ more ] [ reply ] [SECURITY] [DSA 3173-1] libgtk2-perl security update 2015-02-25 Salvatore Bonaccorso (carnil debian org) GDS Labs Alert [CVE-2015-2080] - JetLeak Vulnerability: Remote Leakage Of Shared Buffers In Jetty Web Server 2015-02-25 rgutierrez gdssecurity com GDS LABS ALERT: CVE-2015-2080 JetLeak Vulnerability Remote Leakage Of Shared Buffers In Jetty Web Server SYNOPSIS ======== Gotham Digital Science discovered a critical information leakage vulnerability in the Jetty web server that allows an unauthenticated remote attacker to read arbitrary data fro [ more ] [ reply ] EnanoCMS 1.1.8pl1 XSS Vulnerability 2015-02-25 dennis veninga gmail com # Exploit Title: EnanoCMS 1.1.8pl1 XSS Vulnerability # Google Dork: "Website engine powered by Enano" # Date: 24-2-2015 # Exploit Author: Dennis Veninga # Vendor Homepage: http://enanocms.org # Version: 1.1.8pl1 # Tested on: Firefox 36 & Chrome 38 / W8.1-x64 XSS Vulnerability in comments: http://{t [ more ] [ reply ] TangoBB 1.5.0-A3 XSS Vulnerability 2015-02-25 dennis veninga gmail com # Exploit Title: TangoBB 1.5.0-A3 XSS Vulnerability # Google Dork: "Powered by TangoBB" # Date: 24-2-2015 # Exploit Author: Dennis Veninga # Vendor Homepage: https://github.com/Codetana/TangoBB # Version: 1.5.0-A3 # Tested on: Firefox 36 & Chrome 38 / W8.1-x64 # CVE : NONE Published: 24- [ more ] [ reply ] [security bulletin] HPSBMU03260 rev.1 - HP System Management Homepage running OpenSSL on Linux and Windows, Remote Disclosure of Information 2015-02-25 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04571379 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04571379 Version: 1 HPSBMU03260 r [ more ] [ reply ] [Onapsis Security Advisory 2015-004] SAP Business Objects Unauthorized Audit Information Delete via CORBA 2015-02-25 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory ONAPSIS-2015-004: SAP Business Objects Unauthorized Audit Information Delete via CORBA 1. Impact on Business ===================== By exploiting this vulnerability a remote unauthenticated attacker would be able to delete a [ more ] [ reply ] [Onapsis Security Advisory 2015-005] SAP Business Objects Unauthorized Audit Information Access via CORBA 2015-02-25 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security AdvisoryONAPSIS-2015-005: SAP Business Objects Unauthorized Audit Information Access via CORBA 1. Impact on Business ===================== By exploiting this vulnerability a remote unauthenticated attacker would be able to read audi [ more ] [ reply ] [Onapsis Security Advisory 2015-003] SAP Business Objects Unauthorized File Repository Server Write via CORBA 2015-02-25 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security AdvisoryONAPSIS-2015-003: SAP Business Objects Unauthorized File Repository Server Write via CORBA 1. Impact on Business ===================== By exploiting this vulnerability a remote unauthenticated attacker would be able to overw [ more ] [ reply ] [Onapsis Security Advisory 2015-002] SAP Business Objects Unauthorized File Repository Server Read via CORBA 2015-02-25 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory ONAPSIS-2015-002: SAP Business Objects Unauthorized File Repository Server Read via CORBA 1. Impact on Business ===================== By exploiting this vulnerability a remote unauthenticated attacker would be able to retri [ more ] [ reply ] [Onapsis Security Advisory 2015-001] Multiple Reflected Cross Site Scripting Vulnerabilities in SAP HANA Web-based Development Workbench 2015-02-25 Onapsis Research Labs (research onapsis com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security AdvisoryONAPSIS-2015-001: Multiple Reflected Cross Site Scripting Vulnerabilities in SAP HANA Web-based Development Workbench 1. Impact on Business ===================== By exploiting this vulnerability a remote unauthenticated atta [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-15:05.bind 2015-02-25 FreeBSD Security Advisories (security-advisories freebsd org) FreeBSD Security Advisory FreeBSD-SA-15:04.igmp 2015-02-25 FreeBSD Security Advisories (security-advisories freebsd org) [SECURITY] [DSA 3168-1] ruby-redcloth security update 2015-02-22 Sebastien Delafond (seb debian org) CVE-2014-8487: Kony EMM insecurity Direct Object Reference 2015-02-22 michael hendrickx helpag com ------------------------------------------------------------------------ Product: Enterprise Mobile Management Vendor: Kony Vulnerable Version(s): Kony EMM 1.2 and probably older versions Tested Version: Drupal Kony EMM 1.2 Advisory Publication: 24 December 2014 Vendor Notification: 8 December 20 [ more ] [ reply ] Defense in depth -- the Microsoft way (part 29): contradicting, ambiguous, incomplete documentation 2015-02-21 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, the MSDN documents the BRAINDEAD behaviour of the functions CreateProcess() <https://msdn.microsoft.com/en-us/library/ms682425.aspx>, CreateProcessAsUser() <https://msdn.microsoft.com/en-us/library/ms682429.aspx> CreateProcessWithLogonW() <https://msdn.microsoft.com/en-us/library/ms682431.a [ more ] [ reply ] |
|
Privacy Statement |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] mozilla-thunderbird (SSA:2015-056-02)
New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.
Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p
[ more ] [ reply ]