489 matches found
CVE-2015-3316
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers aka SystemEDGE 12....
CVE-2015-3317
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers aka SystemEDGE 12....
CA20150604-01: Security Notice for CA Common Services
-----BEGIN PGP SIGNED MESSAGE----- CA20150604-01: Security Notice for CA Common Services Issued: June 4, 2015 CA Technologies Support is alerting customers to multiple potential risks with products that bundle CA Common Services on Unix/Linux platforms. A local attacker may exploit these...
CVE-2015-1454
Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof ProxySG Client Managers, and consequently modify configurations and execute arbitrary software...
CVE-2015-1454
Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof ProxySG Client Managers, and consequently modify configurations and execute arbitrary software...
New Google Security Dashboard Manages Device Activity
Google this week made available to Google Apps users a dashboard that displays recent account activity for each of a user’s devices, and allows them to take action if anything suspicious is afoot. Eran Feigenbaum, Google for Work director of security, said the new Devices and Activity dashboard...
New Citadel Trojan Targets Your Password Managers
Unless we are a human supercomputer, remembering password is not an easy task and that too, if you have a different password for every different site. But luckily to make the whole process easy, there is a growing market for password managers which provides an extra layer of protection. Wait! Wai...
Citadel Variant Targets Password Managers
The Citadel Trojan has once again branched out beyond its roots as banking malware and is now targeting the master passwords guarding major password management products. Researchers from IBM Trusteer today said they’ve notified makers of the nexus Personal Security Client, Password Safe and KeePa...
CVE-2014-5508
Multiple integer overflows in the HelpServ module mod-helpserv.c in srvx 1.3.1 allow remote authenticated IRCops or HelpServ bot managers to cause a denial of service infinite loop via a large value in the EmptyInterval parameter or certain other interval configurations...
Integer overflow
Multiple integer overflows in the HelpServ module mod-helpserv.c in srvx 1.3.1 allow remote authenticated IRCops or HelpServ bot managers to cause a denial of service infinite loop via a large value in the EmptyInterval parameter or certain other interval configurations...
IBM Fixes Code Execution, Cookie-Stealing Vulnerabilities in Switches
IBM recently patched a handful of vulnerabilities in some of its KVM switches that, if exploited, could have given an attacker free reign over any system attached to it. The problem specifically affects builds of IBM’s Global Console Managers; keyboard, video and mouse KVM switches that let end...
Microsoft Passwords Research on Re-Use
Forget what you’ve been told about password re-use and weak credentials. If we’re to believe collaborating researchers from Microsoft and Carelton University, neither is such a bad idea. Flying in the face of conventional pleading from experts that “password” is a bad password, new research puts...
Solaris 2.6/7.0 DTMail Mail Environment Variable Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3081/info dtmail is an application included with the Common Desktop Environment, one of the X Window Managers included with Solaris. A buffer overflow in dtmail makes it possible for a local user to gain elevated...
BlackArch Linux v2014.04.21 - Lightweight expansion to Arch Linux for pentesters and security researchers
BlackArch Linux is an Arch-based GNU/Linux distribution for pentesters and security researchers. The BlackArch package repository is compatible with existing Arch installs. Changelog v2014.04.21 added new system packages: mplayer, abs, ack, bc, bridge-utils, darkhttpd, flashplugin, inotify-tools,...
Researchers Divulge 30 Oracle Java Cloud Service Bugs
Upset with the vulnerability handling process at Oracle, researchers yesterday disclosed more than two dozen outstanding issues with the company’s Java Cloud Service platform. Researchers at Security Explorations published two reports, complete with proof of concept codes, explaining 30 different...
[Lynis 1.4.2] Security and System Auditing Tool to Harden Linux Systems
Lynis is an auditing tool for Unix/Linux. It performs a security scan and determines the hardening state of the machine. Any detected security issues will be provided in the form of a suggestion or warning. Beside security related information it will also scan for general system information,...
[Lynis 1.4.0] Security and System Auditing Tool to Harden Linux Systems
Lynis is an auditing tool for Unix/Linux. It performs a security scan and determines the hardening state of the machine. Any detected security issues will be provided in the form of a suggestion or warning. Beside security related information it will also scan for general system information,...
Design/Logic Flaw
The Web Administrator Interface on Cisco Wireless LAN Controller WLC devices allows remote authenticated users to cause a denial of service device crash by leveraging membership in the Full Manager managers group, Read Only managers group, or Lobby Ambassador managers group, and sending a request...
CVE-2013-3474
The Web Administrator Interface on Cisco Wireless LAN Controller WLC devices allows remote authenticated users to cause a denial of service device crash by leveraging membership in the Full Manager managers group, Read Only managers group, or Lobby Ambassador managers group, and sending a request...
IBM 1754 GCM16 and GCM32 Global Console Managers Multiple Command Execution Vulnerabilities
IBM 1754 GCM16 and GCM32 Global Console Managers are prone to multiple command-execution vulnerabilities because they fail to sanitize user-supplied input. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...