281 matches found
Open-Xchange Security Advisory 2013-09-10
Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 28260 Bug ID Vulnerability type: CWE-16: Configuration, CWE-287: Improper Authentication, CWE-200: Information Exposure Vulnerable version: 7.0.0 to 7.2.2 Vulnerable component: backend default configuration Fixed version...
Hardcoded credentials
The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 does not properly restrict the set of network interfaces that can receive API calls, which makes it easier for remote attackers to obtain access by sending network traffic from an unintended...
CVE-2013-5935
Open-Xchange AppSuite (Hazelcast cluster API) is affected in 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16. The root cause is that the Hazelcast-based cluster API does not properly restrict the network interfaces that can receive API calls, and REST/memcache interfaces do not require auth...
CVE-2013-5935
The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 does not properly restrict the set of network interfaces that can receive API calls, which makes it easier for remote attackers to obtain access by sending network traffic from an unintended...
Open-Xchange AppSuite 7.2.2 Improper Authentication / Information Disclosure
Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 28260 Bug ID Vulnerability type: CWE-16: Configuration, CWE-287: Improper Authentication, CWE-200: Information Exposure Vulnerable version: 7.0.0 to 7.2.2 Vulnerable component: backend default configuration Fixed version...
Important: Red Hat Security Advisory: mongodb and pymongo security and enhancement update
Updated mongodb and pymongo packages that fix two security issues and add one enhancement are now available for Red Hat Enterprise MRG 2.3 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring...
Kaspersky Internet Security 2013 - Denial of Service
Kaspersky Internet Security 2013 - Denial of Service I usually do not write security advisories unless absolutely necessary. This time I should, however I have neither the time, nor the desire to do so. But Kaspersky did not react, so ... quick and dirty: Kaspersky Internet Security 2013 and any...
Medium: dnsmasq
Issue Overview: It was discovered that dnsmasq, when used in combination with certain libvirtd configurations, could incorrectly process network packets from network interfaces that were intended to be prohibited. A remote, unauthenticated attacker could exploit this flaw to cause a denial of...
Scientific Linux Security Update : openldap on SL5.x i386/x86_64
A flaw was found in the way OpenLDAP handled NUL characters in the CommonName field of X.509 certificates. An attacker able to get a carefully-crafted certificate signed by a trusted Certificate Authority could trick applications using OpenLDAP libraries into accepting it by mistake, allowing the...
Security Concern : Internet Enabled TV can be hacked !
Security Concern : Internet Enabled TV can be hacked ! Is your Internet TV vulnerable to hackers? Internet TVs could be the newest avenue for cybercriminals to infiltrate your home or business. Last year, Researchers at Mocana, a security technology company in San Francisco, recently discovered...
Cloudworm - Candidate MS12-020 - POC
Cloudworm - Candidate MS12-020 - POC How secure are cloud servers? In technical circles, people are aware of the cloud variables and that cloud service providers offload the virtual machine security onto the customer as much as possible. Technical people know this. Not all cloud customers fall...
[SECURITY] [DSA 2358-1] openjdk-6 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2358-1 [email protected] http://www.debian.org/security/ December 05, 2011 http://www.debian.org/security/faq - -------------------------------------------------------------------------...
Debian: Security Advisory (DSA-2311-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-2311-1 : openjdk-6 - several vulnerabilities
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Java SE platform. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-0862 Integer overflow errors in the JPEG and font parser allow untrusted code including applets to...
Nmap NSE net: snmp-interfaces
Attempts to enumerate network interfaces through SNMP. This script can also be run during Nmap's pre-scanning phase and can attempt to add the SNMP server's interface addresses to the target list. The script argument 'snmp- interfaces.host' is required to know what host to probe. To specify a por...
USN-1037-1: ifupdown update
Under certain circumstances, the DHCP client could start before its AppArmor profile was loaded and therefore run unconfined. This update ensures the AppArmor profile is loaded before DHCP client starts...
Important: Red Hat Security Advisory: rhev-hypervisor security and bug fix update
An updated rhev-hypervisor package that fixes two security issues and several bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
RHEL 5 : openldap (RHSA-2010:0198)
Updated openldap packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Moderate: Red Hat Security Advisory: openldap security and bug fix update
Updated openldap packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
snmp-interfaces NSE Script
Attempts to enumerate network interfaces through SNMP. This script can also be run during Nmap's pre-scanning phase and can attempt to add the SNMP server's interface addresses to the target list. The script argument snmp-interfaces.host is required to know what host to probe. To specify a port f...