BugTraq Mode:
(Page 193 of 1746)  < Prev  188 189 190 191 192 193 194 195 196 197 198  Next >
[SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat 2014-09-10
Mark Thomas (markt apache org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2013-4444 Remote Code Execution

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
- - Apache Tomcat 7.0.0 to 7.0.39

Description:
In very limited circumstances, it was possible for an attacker to upload
a malicious JSP

[ more ]  [ reply ]
[slackware-security] seamonkey (SSA:2014-252-01) 2014-09-09
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] seamonkey (SSA:2014-252-01)

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packag

[ more ]  [ reply ]
[security bulletin] HPSBMU03075 rev.1 - HP Network Node Manager I (NNMi) for Windows and Linux, Remote Execution of Arbitrary Code 2014-09-09
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04378450

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04378450
Version: 1

HPSBMU03075 re

[ more ]  [ reply ]
NEW VMSA-2014-0008 VMware vSphere product updates to third party libraries 2014-09-09
VMware Security Response Center (security vmware com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

VMware Security Advisory

Advisory ID: VMSA-2014-0008
Synopsis: VMware vSphere product updates to third party libraries
Issue date: 2014-09-09
Updated on:

[ more ]  [ reply ]
Re: Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities 2014-09-09
sales prochatrooms com
Date: 12 Aug 2014

A software update for the Text Chat Room & Audio/Video Chat Room (v8.2.0) is now available to download in the Pro Chat
Rooms customer area that addresses this security issue.

We would like to express our thanks to Mike Manzotti @ Dionach Ltd who assisted us with this update.

[ more ]  [ reply ]
[SECURITY] [DSA 3021-1] file security update 2014-09-09
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3021-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Luciano Bello
September 09, 2014

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-14:18.openssl 2014-09-09
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-14:18.openssl Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability 2014-09-08
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability

Advisory ID: cisco-sa-20140908-ucse

Revision 1.0

For Public Release 2014 September 8 16:00 UTC (GMT)
+------------------

[ more ]  [ reply ]
IBM WebSphere Application Server (WAS) Integrated Solutions Console Login Page username Parameter Reflected XSS Security Vulnerability 2014-09-08
main gsmcnamara com
INFO:
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Aug 27 2014 12:00AM
Updated: Aug 27 2014 12:00AM
Credit: G. S. McNamara, CGI Federal Emerging Technologies Security Practice (ETSP)
Vulnerable: IBM WebSphere Application Server (WAS) Integrated Solutions Console 7.0.0.19

DIS

[ more ]  [ reply ]
[security bulletin] HPSBST03106 rev.1 - HP P2000 G3 MSA Array System running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-09-08
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04438404

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04438404
Version: 1

HPSBST03106 r

[ more ]  [ reply ]
CVE-2014-5392 XML eXternal Entity (XXE) in "JobScheduler" 2014-09-07
Christian Schneider (mail Christian-Schneider net)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2014-5392
===================
"XML eXternal Entity (XXE)" (CWE-611) vulnerability in "JobScheduler" product

Vendor
===================
Software- & Organisations-Service GmbH

Product
===================
"JobScheduler is a workload automation too

[ more ]  [ reply ]
CVE-2014-5393 Path Traversal to Sensitive Files in Webroot in "JobScheduler" 2014-09-07
Christian Schneider (mail Christian-Schneider net)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2014-5393
===================
"Path Traversal to Sensitive Files in Webroot" (CWE-219) vulnerability in "JobScheduler" product

Vendor
===================
Software- & Organisations-Service GmbH

Product
===================
"JobScheduler is a work

[ more ]  [ reply ]
CVE-2014-5391 DOM-based Cross-Site Scripting (XSS) in "JobScheduler" 2014-09-07
Christian Schneider (mail Christian-Schneider net)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2014-5391
===================
"DOM-based Cross-Site Scripting (XSS)" (CWE-79) vulnerability in "JobScheduler" product

Vendor
===================
Software- & Organisations-Service GmbH

Product
===================
"JobScheduler is a workload auto

[ more ]  [ reply ]
Defense in depth -- the Microsoft way (part 19): still no "perfect forward secrecy" per default in Windows 8/7/Vista/Server 2012/Server 2008 [R2] 2014-09-06
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

on April 8, 2014 Microsoft published an update for Windows 8.1 and
Windows Server 2012 R2 (see <http://support.microsoft.com/kb/2929781>)
which enables "perfect forward secrecy" per default by reordering of
the TLS cipher suites.

Unfortunately Microsoft has not published corresponding upd

[ more ]  [ reply ]
[security bulletin] HPSBUX03102 SSRT101681 rev.1 - HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Execution of Arbitrary Code and Denial of Service (DoS) and Other Vulnerabilities 2014-09-05
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04223376

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04223376
Version: 1

HPSBUX03102 SS

[ more ]  [ reply ]
[slackware-security] php (SSA:2014-247-01) 2014-09-04
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2014-247-01)

New php packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2014-247-03) 2014-09-04
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2014-247-03)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2014-247-02) 2014-09-04
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2014-247-02)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
[ MDVSA-2014:179 ] python-django 2014-09-05
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:179
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:178 ] ppp 2014-09-05
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:178
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:177 ] squid 2014-09-05
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:177
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:176 ] libgcrypt 2014-09-05
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:176
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
t2â??14 Challenge to be released 2014-09-13 10:00 EEST 2014-09-07
Tomi Tuominen (tomi tuominen t2 fi)
Running assets is always difficult, however this year has been excruciating for t2 infosec. We lost one of our most prized and well placed deep cover operatives in a foreign three letter agency. Shortly after the CFP, communications stopped and we have to assume her new assignment is a permanent pla

[ more ]  [ reply ]
apache tomcat cookie handling problem - characters out of 0x80 - 0xff causing internal server error 2014-09-05
Elar Lang (elarlang gmail com)
#####
* Title: Client-based DoS for Apache Tomcat on sending cookie with
value out of 0x80 - 0xff scope.
* Author: Elar Lang
@elarlang
https://www.linkedin.com/in/elarlang
* Date: 02. January 2014 / 05. September 2014

#####
* Vendor: Apache
* Product: Tomcat
* Affected versions (at least):

[ more ]  [ reply ]
[WorldCIST'15]: Call for Workshops Proposals; Best papers published in ISI Journals 2014-09-05
ML (marialemos72 gmail com)
------
WorldCIST'15 - 3rd World Conference on Information Systems and Technologies
Ponta Delgada, Azores *, Portugal
1 - 3 April 2015
http://www.aisti.eu/worldcist15/
------
* Azores is ranked as the second most beautiful archipelago in the world by National Geographic.
------------

WORKSHOP FORMA

[ more ]  [ reply ]
[ MDVSA-2014:175 ] glibc 2014-09-05
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:175
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 3019-1] procmail security update 2014-09-04
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3019-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
September 04, 2014

[ more ]  [ reply ]
Uninit memory disclosure via truncated images in Firefox 2014-09-04
Michal Zalewski (lcamtuf coredump cx)
Yello,

The recent release of Firefox 32 fixes another interesting image
parsing issue found by afl [1]: following a refactoring of memory
management code, the past few versions of the browser ended up using
uninitialized memory for certain types of truncated images, which is
easily measurable with

[ more ]  [ reply ]
[ MDVSA-2014:174 ] apache 2014-09-04
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:174
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Avolve Software ProjectDox Multiple Vulnerability Disclosure 2014-09-03
Romano, Christian (cromano caanes com)
---------------------------------------------------------------------

Product: ProjectDox
Vendor: Avolve Software
Vulnerable Version: 8.1
Tested Version: 8.1
Vendor Notification: May 30, 2014
Public Disclosure: September 3, 2014
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2

[ more ]  [ reply ]
(Page 193 of 1746)  < Prev  188 189 190 191 192 193 194 195 196 197 198  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus