Debian DSA-3183-1 : movabletype-opensource - security update

Multiple vulnerabilities have been discovered in Movable Type, a blogging system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-2184 Unsafe use of Storable::thaw in the handling of comments to blog posts could allow remote attackers to include and...

Debian Security Advisory DSA 3183-1 (movabletype-opensource - security update)

Multiple vulnerabilities have been discovered in Movable Type, a blogging system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-2184 Unsafe use of Storable::thaw in the handling of comments to blog posts could allow remote attackers to include and...

Check Point Response to CVE-2015-0204 - TLS FREAK Attack

Symptoms - On Tuesday, March 3, 2015, researchers disclosed a new SSL/TLS vulnerability - the FREAK attack. The vulnerability allows attackers to intercept HTTPS connections between vulnerable clients and vulnerable servers and force them to use the "export-grade" cryptography, which can then be...

Henry Spencer regular expressions (regex) library contains a heap overflow vulnerability

Overview A regular expressions C library originally written by Henry Spencer is vulnerable to a heap overflow in some circumstances. Description CWE-122: Heap-based Buffer Overflow From the researcher, the variable len that holds the length of a regular expression string is "enlarged to such an...

Check Point Response to CVE-2015-0235 (glibc - GHOST)

...

Check Point response to NTP vulnerabilities (CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296)

...

Multiple broadband routers use vulnerable versions of Allegro RomPager

Overview Multiple broadband routers use vulnerable versions of Allegro RomPager in current firmware releases. Description Many home and office/home office SOHO routers have been found to be using vulnerable versions of the Allegro RomPager embedded web server. Allegro RomPager versions prior to...

Misfortune Cookie Home Router Vulnerability Discovered

More than 12 million devices running an embedded webserver called RomPager are vulnerable to a simple attack that could give a hacker man-in-the-middle position on traffic going to and from home routers from just about every leading manufacturer. Mostly ISP-owned residential gateways manufactured...

Cisco Prime Security Manager Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Prime Security Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface on the affected system. The vulnerability is due to insufficient input validation of several...

Check Point response to TLS 1.x padding vulnerability

...

CVE-2014-8952

Multiple unspecified vulnerabilities in Check Point Security Gateway R75.40VS, R75.45, R75.46, R75.47, R76, R77, and R77.10, when the 1 IPS blade, 2 IPsec Remote Access, 3 Mobile Access / SSL VPN blade, 4 SSL Network Extender, 5 Identify Awareness blade, 6 HTTPS Inspection, 7 UserCheck, or 8 Data...

CVE-2014-8951

Unspecified vulnerability in Check Point Security Gateway R75, R76, R77, and R77.10, when UserCheck is enabled and the 1 Application Control, 2 URL Filtering, 3 DLP, 4 Threat Emulation, 5 Anti-Bot, or 6 Anti-Virus blade is used, allows remote attackers to cause a denial of service fwk0 process...

CVE-2014-8950

Unspecified vulnerability in Check Point Security Gateway R77 and R77.10, when the 1 URL Filtering or 2 Identity Awareness blade is used, allows remote attackers to cause a denial of service crash via vectors involving an HTTPS request...

Race condition

Multiple unspecified vulnerabilities in Check Point Security Gateway R75.40VS, R75.45, R75.46, R75.47, R76, R77, and R77.10, when the 1 IPS blade, 2 IPsec Remote Access, 3 Mobile Access / SSL VPN blade, 4 SSL Network Extender, 5 Identify Awareness blade, 6 HTTPS Inspection, 7 UserCheck, or 8 Data...

Cross site request forgery (csrf)

Unspecified vulnerability in Check Point Security Gateway R77 and R77.10, when the 1 URL Filtering or 2 Identity Awareness blade is used, allows remote attackers to cause a denial of service crash via vectors involving an HTTPS request...

Design/Logic Flaw

Unspecified vulnerability in Check Point Security Gateway R75, R76, R77, and R77.10, when UserCheck is enabled and the 1 Application Control, 2 URL Filtering, 3 DLP, 4 Threat Emulation, 5 Anti-Bot, or 6 Anti-Virus blade is used, allows remote attackers to cause a denial of service fwk0 process...

CVE-2014-8952

CVE-2014-8952 affects Check Point Security Gateway versions R75.40VS, R75.45, R75.46, R75.47, R76, R77, and R77.10. Connected documents identify a root cause described as a race condition in the modules (IPS blade, IPsec Remote Access, Mobile Access/SSL VPN blade, SSL Network Extender, Identify A...

CVE-2014-8952

Multiple unspecified vulnerabilities in Check Point Security Gateway R75.40VS, R75.45, R75.46, R75.47, R76, R77, and R77.10, when the 1 IPS blade, 2 IPsec Remote Access, 3 Mobile Access / SSL VPN blade, 4 SSL Network Extender, 5 Identify Awareness blade, 6 HTTPS Inspection, 7 UserCheck, or 8 Data...

CVE-2014-8950

Unspecified vulnerability in Check Point Security Gateway R77 and R77.10, when the 1 URL Filtering or 2 Identity Awareness blade is used, allows remote attackers to cause a denial of service crash via vectors involving an HTTPS request...

CVE-2014-8950

The CVE-2014-8950 entry concerns Check Point Security Gateway versions R77 and R77.10. The vulnerability affects the URL Filtering and Identity Awareness blades, where an HTTPS request can trigger a denial-of-service (crash). The available documents confirm the affected product and blades, and th...