BugTraq Mode:
(Page 178 of 1748)  < Prev  173 174 175 176 177 178 179 180 181 182 183  Next >
[RT-SA-2014-009] Information Disclosure in TYPO3 Extension ke_questionnaire 2014-12-01
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: Information Disclosure in TYPO3 Extension ke_questionnaire

The TYPO3 extension ke_questionnaire stores answered questionnaires in a
publicly reachable directory on the webserver with filenames that are
easily guessable.

Details
=======

Product: ke_questionnaire
Affected Versions: 2.5.

[ more ]  [ reply ]
CVE-2014-3809: Reflected XSS in Alcatel Lucent 1830 PSS-32/16/4 2014-12-01
Stephan Rickauer swisscom com
#############################################################
#
# SWISSCOM CSIRT ADVISORY - http://www.swisscom.com/security
#
#############################################################
#
# CVE ID: CVE-2014-3809
# Product: 1830 Photonic Service Switch PSS-32/16/4
# Vendor: Alcatel-Lucent
# S

[ more ]  [ reply ]
[SECURITY] [DSA 3081-1] libvncserver security update 2014-11-29
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3081-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Luciano Bello
November 29, 2014

[ more ]  [ reply ]
[The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360 2014-11-30
Pedro Ribeiro (pedrib gmail com)
Hi,

This is part 9 of the ManageOwnage series. For previous parts see [1].

Today we have yet another 0 day - an arbitrary file download
vulnerability that be exploited unauthenticated in NetFlow Analyzer
and authenticated in IT360.
I'm releasing this as a 0 day because ManageEngine have been makin

[ more ]  [ reply ]
[SECURITY] [DSA 3082-1] flac security update 2014-11-30
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3082-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Sebastien Delafond
November 30, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 3083-1] mutt security update 2014-11-30
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3083-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
November 30, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 3080-1] openjdk-7 security update 2014-11-29
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3080-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
November 29, 2014

[ more ]  [ reply ]
[SECURITY] [DSA 3079-1] ppp security update 2014-11-29
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3079-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Sebastien Delafond
November 28, 2014

[ more ]  [ reply ]
WordPress <=4.0 Denial of Service Exploit (CVE-2014-9034) 2014-11-29
john secureli com
author details: John M. (john (at) secureli (dot) com [email concealed])
homepage details: SECURELI.com

Description:

CVE-2014-9034 was published recently, highlighting an issue that ?allows remote attackers to cause a denial of service (CPU consumption) via a long password that is improperly handled during hashing? due to php

[ more ]  [ reply ]
[ MDVSA-2014:237 ] perl-Mojolicious 2014-11-28
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:237
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:236 ] file 2014-11-28
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:236
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:235 ] perl-Plack 2014-11-28
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:235
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:234 ] libksba 2014-11-28
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:234
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Defense in depth -- the Microsoft way (part 22): no DEP in Windows' filesystem (and ASLR barely used) 2014-11-27
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

more than 20 years ago Microsoft introduced the NTFS filesystem
(supporting ACLs) and "user profiles" to separate user data
(with emphasis on "data") from the OS and each other.

More than 13 years ago Microsoft introduced "software restriction
policies" alias SAFER (<https://support.micro

[ more ]  [ reply ]
[security bulletin] HPSBGN03209 rev.1 - HP Application Lifecycle Management running SSLv3, Remote Disclosure of Information 2014-11-27
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04509419

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04509419
Version: 1

HPSBGN03209 re

[ more ]  [ reply ]
[ MDVSA-2014:233 ] wordpress 2014-11-27
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:233
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 3078-1] libksba security update 2014-11-27
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3078-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
November 27, 2014

[ more ]  [ reply ]
[KIS-2014-13] Tuleap <= 7.6-4 (register.php) PHP Object Injection Vulnerability 2014-11-27
Egidio Romano (research karmainsecurity com)

-----------------------------------------------------------------
Tuleap <= 7.6-4 (register.php) PHP Object Injection Vulnerability
-----------------------------------------------------------------

[-] Software Links:

https://www.tuleap.org/
https://www.enalean.com/

[-] Affected Versions:

Ver

[ more ]  [ reply ]
[ MDVSA-2014:232 ] glibc 2014-11-27
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:232
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:231 ] icecast 2014-11-27
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:231
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:230 ] kernel 2014-11-27
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:230
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[security bulletin] HPSBGN03202 rev.1 - HP CMS: Configuration Manager running OpenSSL, Remote Disclosure of Information 2014-11-26
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04507568

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04507568
Version: 1

HPSBGN03202 re

[ more ]  [ reply ]
[SECURITY] [DSA 3077-1] openjdk-6 security update 2014-11-26
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3077-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
November 26, 2014

[ more ]  [ reply ]
[ MDVSA-2014:229 ] libvncserver 2014-11-26
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:229
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
CVE-2014-5439 - Root shell on Sniffit [with exploit] 2014-11-26
Hector Marco (hecmargi upv es)
CVE-2014-5439 - Root shell on Sniffit

Sniffit is a packet sniffer and monitoring tool.

The attacker can create a specially-crafted sniffit configuration file,
which is able
to bypass all three protection mechanisms:

- Non-eXecutable bit NX
- Stack Smashing Protector SSP
- Address Spa

[ more ]  [ reply ]
Сross-Site Request Forgery (CSRF) in xEpan 2014-11-26
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23240
Product: xEpan
Vendor: Xavoc Technocrats Pvt. Ltd.
Vulnerable Version(s): 1.0.1 and probably prior
Tested Version: 1.0.1
Advisory Publication: October 22, 2014 [without technical details]
Vendor Notification: October 22, 2014
Public Disclosure: November 26, 2014
Vulnerabili

[ more ]  [ reply ]
[ MDVSA-2014:228 ] phpmyadmin 2014-11-26
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:228
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 3076-1] wireshark security update 2014-11-25
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3076-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
November 25, 2014

[ more ]  [ reply ]
[security bulletin] HPSBUX03166 SSRT101489 rev.1 - HP-UX running PAM libpam_updbe, Remote Authentication Bypass 2014-11-25
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04511778

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04511778
Version: 1

HPSBUX03166 SS

[ more ]  [ reply ]
[security bulletin] HPSBGN03203 rev.1 - HP CMS: UCMDB Browser running OpenSSL, Remote Disclosure of Information 2014-11-25
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04507636

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04507636
Version: 1

HPSBGN03203 re

[ more ]  [ reply ]
(Page 178 of 1748)  < Prev  173 174 175 176 177 178 179 180 181 182 183  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus