|
|
Colapse all |
Post message
[security bulletin] HPSBMU03232 rev.3 - HP SiteScope, Remote Elevation of Privilege 2015-02-02 security-alert hp com [security bulletin] HPSBGN03237 rev.1 - HP Insight Remote Support v7 Clients running SSLv3, Remote Disclosure of Information 2015-02-02 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04553458 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04553458 Version: 1 HPSBGN03237 r [ more ] [ reply ] [security bulletin] HPSBGN03247 rev.1 - HP IceWall SSO Dfw using glibc, Remote Execution of Abitrary Code 2015-02-02 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04560440 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04560440 Version: 1 HPSBGN03247 re [ more ] [ reply ] [security bulletin] HPSBMU03239 rev.1 - HP UCMDB, Remote Disclosure of Information 2015-02-02 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04553906 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04553906 Version: 1 HPSBMU03239 re [ more ] [ reply ] [security bulletin] HPSBMU03236 rev.1 - HP Systems Insight Manager for Windows running Bash Shell, Remote Code Execution 2015-02-02 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04552143 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04552143 Version: 1 HPSBMU03236 r [ more ] [ reply ] Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities 2015-02-02 ITAS Team (itas team itas vn) Banner Effect Header Security Advisory - XSS Vulnerability - CVE-2015-1384 2015-01-31 Onur Yilmaz (onur netsparker com) Information ------------ Advisory by Netsparker. Name: XSS Vulnerability in Banner Effect Header Affected Software : Banner Effect Header Affected Versions: 1.2.7 and possibly below Vendor Homepage : https://wordpress.org/plugins/banner-effect-header/ Vulnerability Type : Cross-site Scripting Severi [ more ] [ reply ] [SECURITY] [DSA 3148-1] chromium-browser end of life 2015-01-31 Michael Gilbert (mgilbert debian org) Major Internet Explorer Vulnerability - NOT Patched 2015-01-31 David Leo (david leo deusen co uk) Deusen just published code and description here: http://www.deusen.co.uk/items/insider3show.3362009741042107/ which demonstrates the serious security issue. Summary An Internet Explorer vulnerability is shown here: Content of dailymail.co.uk can be changed by external domain. How To Use 1. Close t [ more ] [ reply ] Defense in depth -- the Microsoft way (part 27): the command line you get differs from the command line I use to call you 2015-01-31 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, on Windows, the command line an application receives can differ from the command line the calling application supplies to CreateProcess*(). The documentation of GetCommandLine() <https://msdn.microsoft.com/en-us/library/ms683156.aspx> tells: | Note The name of the executable in the comma [ more ] [ reply ] [security bulletin] HPSBOV03226 rev.2 - HP TCP/IP Services for OpenVMS, BIND 9 Server Resolver, Multiple Remote Vulnerabilities 2015-01-30 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04530690 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04530690 Version: 2 HPSBOV03226 re [ more ] [ reply ] ESA-2015-006: EMC Avamar Missing Certificate Validation Vulnerability 2015-01-30 Security Alert (Security_Alert emc com) NEW VMSA-2015-0002 VMware vSphere Data Protection product update addresses a certificate validation vulnerability 2015-01-29 VMware Security Response Center (security vmware com) Symantec Encryption Management Server < 3.2.0MP6 - Remote Command Injection 2015-01-30 Paul Craig (lists vantagepoint sg) Vantage Point Security Advisory 2014-007 ======================================== Title: Symantec Encryption Management Server - Remote Command Injection ID: VP-2014-007 Vendor: Symantec Affected Product: Symantec Encryption Gateway Affected Versions: < 3.2.0 MP6 Product Website: http://www.symante [ more ] [ reply ] Unauthenticated Reflected XSS vulnarbility in Asus RT-N10 Plus router 2015-01-29 kingkaustubh me com ##################################### Title:- Reflected XSS vulnarbility in Asus RT-N10 Plus router Author: Kaustubh G. Padwad Product: ASUS Router RT-N10 Plus Firmware: 2.1.1.1.70 Severity: HIGH Auth: Not requierd # Description: Vulnerable Parameter: flag= # Vulnerability Class: Cross Si [ more ] [ reply ] Reflected XSS vulnarbility in Asus RT-N10 Plus Router 2015-01-29 kingkaustubh me com ##################################### Title:- Reflected XSS vulnarbility in Asus RT-N10 Plus router Author: Kaustubh G. Padwad Product: ASUS Router RT-N10 Plus Firmware: 2.1.1.1.70 Severity: Medium Auth: Requierd # Description: Vulnerable Parameter: flag= # Vulnerability Class: Cross Site [ more ] [ reply ] ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities 2015-01-29 Security Alert (Security_Alert emc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities EMC Identifier: ESA-2015-002 CVE Identifier: CVE-2013-1899, CVE-2013-1900, CVE-2013-1901, CVE-2013-1902, CVE-2012-5885, CVE-2011-3389, CVE-2013-1767, CVE-2012-2137, CV [ more ] [ reply ] Blubrry PowerPress Security Advisory - XSS Vulnerability - CVE-2015-1385 2015-01-29 Onur Yilmaz (onur netsparker com) Information ------------ Advisory by Netsparker Name: XSS Vulnerability in Blubrry PowerPress Affected Software : Blubrry PowerPress Affected Versions: 6.0 and possibly below Vendor Homepage : https://wordpress.org/plugins/powerpress/ Vulnerability Type : Cross-site Scripting Severity : Important CV [ more ] [ reply ] CVE-2014-8779: SSH Host keys on Pexip Infinity 2015-01-29 giles pexip com Summary ======= The operating system used by Pexip Infinity does not create unique SSH host keys on deployment of new Management and Conferencing Nodes, using fixed host keys instead. Host keys are used to verify the identity of the remote host when connecting to it over SSH. These keys are contain [ more ] [ reply ] [The ManageOwnage Series, part XII]: Multiple vulnerabilities in FailOverServlet (OpManager, AppManager, IT360) 2015-01-28 Pedro Ribeiro (pedrib gmail com) Hi, This is part 12 of the ManageOwnage series. For previous parts, see [1]. This time we have an arbitrary file download, directory content disclosure and blind SQL injection vulnerabilities in ManageEngine OpManager, Applications Manager and IT360. I've pushed two new Metasploit modules into th [ more ] [ reply ] Cisco Security Advisory: GNU glibc gethostbyname Function Buffer Overflow Vulnerability 2015-01-28 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: GNU glibc gethostbyname Function Buffer Overflow Vulnerability Advisory ID: cisco-sa-20150128-ghost Revision 1.0 For Public Release 2015 January 28 22:30 UTC (GMT) +--------------------------------------------------------- [ more ] [ reply ] AST-2015-001: File descriptor leak when incompatible codecs are offered 2015-01-28 Asterisk Security Team (security asterisk org) |
|
Privacy Statement |
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04539443
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04539443
Version: 3
HPSBMU03232 re
[ more ] [ reply ]