|
|
Colapse all |
Post message
[CISTI'2014]: Iberian Conference on IST; Barcelona; Deadline: February 28 2014-02-23 ML (marialemos72 gmail com) [SECURITY] [DSA 2866-1] gnutls26 security update 2014-02-22 Salvatore Bonaccorso (carnil debian org) DC4420 - London DEFCON - meeting Tuesday, 25th February 2014 2014-02-21 Major Malfunction (majormal pirate-radio org) Hi all! We have a busy evening lined up, with two great speakers for you. We will also talk a little about Def Con's Badge Hacking Challenge, and Tony will have some badges with the IO connectors installed. As usual we will be in the downstairs bar at The Phoenix, Cavendish Square, W1G 0PP... T [ more ] [ reply ] APPLE-SA-2014-02-21-3 Apple TV 6.0.2 2014-02-21 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-21-3 Apple TV 6.0.2 Apple TV 6.0.2 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: An attacker with a privileged network position may capture or modify data in sessions [ more ] [ reply ] APPLE-SA-2014-02-21-1 iOS 6.1.6 2014-02-21 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-21-1 iOS 6.1.6 iOS 6.1.6 is now available and addresses the following: Data Security Available for: iPhone 3GS, iPod touch (4th generation) Impact: An attacker with a privileged network position may capture or modify data in session [ more ] [ reply ] APPLE-SA-2014-02-21-2 iOS 7.0.6 2014-02-21 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-21-2 iOS 7.0.6 iOS 7.0.6 is now available and addresses the following: Data Security Available for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and later Impact: An attacker with a privileged network position may capture [ more ] [ reply ] APPLE-SA-2014-02-21-3 Apple TV 6.0.2 2014-02-21 Mihaela Popescu-Stanesti (maru apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-21-3 Apple TV 6.0.2 Apple TV 6.0.2 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: An attacker with a privileged network position may capture or modify data in sessions [ more ] [ reply ] APPLE-SA-2014-02-21-2 iOS 7.0.6 2014-02-21 Mihaela Popescu-Stanesti (maru apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-21-2 iOS 7.0.6 iOS 7.0.6 is now available and addresses the following: Data Security Available for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and later Impact: An attacker with a privileged network position may capture [ more ] [ reply ] APPLE-SA-2014-02-21-1 iOS 6.1.6 2014-02-21 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-21-1 iOS 6.1.6 iOS 6.1.6 is now available and addresses the following: Data Security Available for: iPhone 3GS, iPod touch (4th generation) Impact: An attacker with a privileged network position may capture or modify data in session [ more ] [ reply ] 44CON 2014 September 11th - 12th CFP Open 2014-02-21 Steve (steve 44con com) 44CON is the UK's largest combined annual Security Conference and Training event. Taking place on the 11th and 12th of September at the ILEC Conference Centre near Earls Court, London, we will have a fully dedicated conference facility, including catering, private bar and daily Gin O?Clock break [ more ] [ reply ] CNNVD Gov CN #1 - Filter Bypass & Persistent Web Vulnerability 2014-02-21 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== CNNVD Gov CN #1 - Filter Bypass & Persistent Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1209 Release Date: ============= 2014-02-21 Vulnerability Laboratory ID (VL-ID): ============================ [ more ] [ reply ] Barracuda Bug Bounty #36 Firewall - Client Side Exception Handling Web Vulnerability 2014-02-21 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Barracuda Bug Bounty #36 Firewall - Client Side Exception Handling Web Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1102 Barracuda Networks Security ID (BNSEC): BNSEC-2398 http://www.vulnerability-lab [ more ] [ reply ] ASUS router drive-by code execution via XSS and authentication bypass 2014-02-21 buqtraq kyber fi ASUS router drive-by code execution via XSS and authentication bypass ===================================================================== The latest version of this advisory is available at: https://sintonen.fi/advisories/asus-router-auth-bypass.txt Overview -------- Various ASUS routers contai [ more ] [ reply ] [SECURITY] [DSA 2865-1] postgresql-9.1 security update 2014-02-20 Moritz Muehlenhoff (jmm debian org) [slackware-security] gnutls (SSA:2014-050-01) 2014-02-20 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] gnutls (SSA:2014-050-01) New gnutls packages are available for Slackware 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/gn [ more ] [ reply ] [CVE-2014-2035] XSS in InterWorx Web Control Panel <= 5.0.12 2014-02-20 Eric Flokstra (erp flokstra gmail com) ============================================== Product: InterWorx Web Control Panel Vendor: InterWorx LLC Tested Version: 5.0.12 build 569 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-2035 Risk Level: Medium CVSSv2 Base Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N) Solution St [ more ] [ reply ] [SECURITY] [DSA 2864-1] postgresql-8.4 security update 2014-02-20 Moritz Muehlenhoff (jmm debian org) Android & iOS Hands-on Exploitation at SyScan 2014 2014-02-20 xys3c team (security xysec com) XYSec Labs will be running a 3-day training class at SyScan 2014, Singapore from 31st March till 2nd April on "Android and iOS Hands-on Exploitation", which had a great feedback at SyScan 2013, ToorCon 2013, OWASP Appsec APAC (2013) and BlackHat US 2013 (under Mobile Hacking by Hotwan). If you are [ more ] [ reply ] SQL Injection in AdRotate 2014-02-20 High-Tech Bridge Security Research (advisory htbridge com) Advisory ID: HTB23201 Product: AdRotate Vendor: AJdG Solutions Vulnerable Version(s): 3.9.4 and probably prior Tested Version: 3.9.4 Advisory Publication: January 30, 2014 [without technical details] Vendor Notification: January 30, 2014 Vendor Patch: January 31, 2014 Public Disclosure: February [ more ] [ reply ] [slackware-security] mariadb, mysql (SSA:2014-050-02) 2014-02-20 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mariadb, mysql (SSA:2014-050-02) New mariadb and mysql packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: +--------- [ more ] [ reply ] [slackware-security] kernel (SSA:2014-050-03) 2014-02-20 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] kernel (SSA:2014-050-03) New kernel packages are available for Slackware 14.1 (64-bit) to fix a security issue. Here are the details from the Slackware64 14.1 ChangeLog: +--------------------------+ patches/packages/linux-3.10 [ more ] [ reply ] [HITB-Announce] Haxpo CFP 2014-02-20 Hafez Kamal (aphesz hackinthebox org) As part of our all new HITB Haxpo or 'hacker expo', we are calling on the community of hackers, makers, builders and breakers to send us their 30 minute talk abstracts for consideration to be included in the 3-day single-track agenda. Taking place at De Beurs van Berlage on the 28th, 29th and 30th [ more ] [ reply ] VideoCharge Studio v2.12.3.685 cc.dll CHTTPResponse::GetHttpResponse() Buffer Overflow Remote Code Execution 2014-02-19 Julien Ahrens (info rcesecurity com) Post Exploitation - Getting username and password in the Lotus Sametime 8.5.1 2014-02-19 adrianomarciomonteiro gmail com # Exploit Title: Post Exploitation - Getting username and password in the Lotus Sametime 8.5.1 # Google Dork: n/a # Date: 18/02/2014 # Exploit Author: Adriano Marcio Monteiro <adrianomarciomonteiro (at) gmail (dot) com [email concealed]> # Vendor Homepage: http://www.ibm.com/us/en/ # Software Link: http://www-01.ibm.com/s [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA512
- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2867-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
February 23, 2014
[ more ] [ reply ]