DSA-3542-1 mercurial - security update

Bulletin has no description...

Important: Red Hat Security Advisory: git security update

Updated git packages that fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available f...

[SECURITY] Fedora 23 Update: git-2.5.5-1.fc23

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages,...

The vulnerability of the Cisco Identity Services Engine, a platform for managing network policies, and the Cisco Secure Access Control System, a software solution for access control, allows attackers to obtain confidential information.

The vulnerability of the Cisco Identity Services Engine, a platform for managing network policies, and the Cisco Secure Access Control System, a access control software, is related to the lack of protection for sensitive data. Exploiting this vulnerability can allow an attacker, operating remotel...

SA117 : OpenSSL Vulnerabilities 1-Mar-2016

SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to decrypt live and recorded SSL sessions, cause denial of service through application crashes, and possibly execute arbitrary code. A...

SA114 : GNU C Library (glibc) Remote Code Execution February 2016

SUMMARY Blue Coat products using an affected version of the GNU C Library glibc are susceptible to a remote execution attack. A remote attacker can send a crafted DNS response to the glibc DNS resolver and cause the resolver to crash or execute arbitrary code. AFFECTED PRODUCTS The following...

SA111 : OpenSSL Vulnerabilities 28-Jan-2016

SUMMARY Blue Coat products using affected versions of OpenSSL 1.0.2, 1.0.1, and 0.9.8 are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to obtain ephemeral Diffie-Hellman DHE private key information and perform man-in-the-middle attacks on SSL/TLS...

Debian Security Advisory DSA 3435-1 (git - security update)

Blake Burkhart discovered that the Git git-remote-ext helper incorrectly handled recursive clones of git repositories. A remote attacker could possibly use this issue to execute arbitrary code by injecting commands via crafted URLs. OpenVAS Vulnerability Test $Id: deb3435.nasl 6608 2017-07-07...

CentOS 7 : git (CESA-2015:2561)

Updated git packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from th...

RedHat Update for git RHSA-2015:2561-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cisco Secure Access Control System Detection

This script performs ssh based detection of Cisco Secure Access Control System SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

The vulnerability of the Cisco Secure Access Control System allows a intruder to inject arbitrary web or HTML code.

The vulnerability of the Cisco Secure Access Control System exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary web or HTML code remotely...

Hackers Can Abuse SAP Apps Connected to SCADA

Much in the same way the Target hackers used a HVAC management system to catapult onto the corporate network, attackers focused on oil and gas and other critical industries may be finding similar openings via enterprise applications such as SAP. Researchers from ERPScan, during last week’s Black...

[SECURITY] Fedora 22 Update: git-2.4.3-7.fc22

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs the core tools with minimal dependencies. To install all git packages, including tools for integrating with...

Hacking Team Offering Encryption Cracking Tools to Law Enforcement Agencies

Hacking Team, the infamous Italy-based spyware company that had more than 400 GB of its confidential information stolen earlier this year, has resumed its operations and started pitching new hacking tools to help US law enforcement gets around their encryption issues. Yes, Hacking Team is back wi...

Eaton Cooper Power Series Form 6 Control and Idea/IdeaPlus Relays with Ethernet Vulnerability

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on January 6, 2015, and is now being released to the NCCIC/ICS-CERT web site. Dr. Raheem Beyah, David Formby, and San Shin Jung of Georgia Tech, via a research project partially sponsored by the Georgia Tech Nationa...

Honeywell Experion PKS Security Vulnerabilities

Update – Unsupported versions of Honeywell distributed control system software are vulnerable to publicly available remote exploits. The Industrial Control System Cyber Emergency Response Team ICS-CERT published on Tuesday an advisory warning organizations to upgrade to supported versions of...

Mitsubishi Melsec FX3G-24M Denial Of Service

OS-S Security Advisory 2015-03 Date: September 29th, 2015 CVE: CVE-2015-3938 CVSS: 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Title: Mitsubishi ICS FX3G-24M Permanent Communication Denial of Service Severity: Critical. The TCP/IP communication of the Mitsubishi Melsec FX3G-24 is permanently disrupted. Ease of...

LOYTEC Router Information Exposure Vulnerability

OVERVIEW Independent researcher Maxim Rupp has identified a password file vulnerability in LOYTEC’s LIP-3ECTB routers. LOYTEC has produced a firmware update to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following LOYTEC routers are affected:...

These Top 7 Brutal Cyber Attacks Prove 'No One is Immune to Hacking' — Part I

If you believe that your organization is not at real risk of cyber attack, then you are absolutely wrong. Incidents of massive data breaches, advanced cyber attacks coming from China, groups like Syrian Electronic Army, Hacking Point of Sale machines at retailers such as Target have splashed acro...