47153 matches found
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "Scroll" Use-after-free (MS13-028)
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "Scroll" Use-after-free MS13-028 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as part of the...
CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ D-Link IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: D-Link IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0303 Advisory URL:...
Re: Nginx ngx_http_close_connection function integer overflow
Hello, On Thu, 25 Apr 2013, 06:52-0000, [email protected] wrote: ... II. DESCRIPTION --------------------- Qihoo 360 Web Security Research Team discovered a critical vulnerability in nginx. The vulnerability is caused by a int overflow error within the Nginx ngxhttpcloseconnection function when...
ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability
ESA-2013-028.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability EMC Identifier: ESA-2013-028 EMC Identifier: NW147983 CVE Identifier: CVE-2013- 0940 Severity Rating: CVSS v2 Base Score: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C Affected product...
ESA-2013-035: EMC Avamar Client Improper Certificate Validation Vulnerability
ESA-2013-035.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-035: EMC Avamar Client Improper Certificate Validation Vulnerability EMC Identifier: ESA-2013-035 CVE Identifier: CVE-2013-0945 Severity Rating: CVSS v2 Base Score: 7.6 AV:N/AC:H/Au:N/C:C/I:C/A:C Affected products: EMC Avamar...
WowzaMediaServer StorageDir escape (regression)
Product: Wowza Media Server URL: http://www.wowza.com/ Description: WMS is a quite popular RTMP/HLS/HDS/RTSP streaming server Issue: In early 2009 I reported problem with processing of requests with relative paths. The issue surfaced again. In a nutshell, you can escape Applications StorageDir...
[ MDVSA-2013:154 ] util-linux
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:154 http://www.mandriva.com/en/support/security/ Package : util-linux Date : April 29, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been found and...
WowzaMediaServer SecureToken bypass (and worse)
Product: Wowza Media Server URL: http://www.wowza.com/ Description: WMS is a quite popular RTMP/HLS/HDS/RTSP streaming server Issue: By default all installations of WMS use four modules in their application's config file: base, properties, logging, flvplayback. I've found out that the properties...
Unchecked Buffer in Microchip TCP/IP Stack Could Allow Remote Code Execution
Unchecked Buffer in Microchip TCP/IP Stack Could Allow Remote Code Execution ============================= ==== General Information ==== ============================= == Executive Summary == The function TCPIPIPV6ProcessFragmentationHeader does not correctly validate the "fragment offset" field i...
[SECURITY] [DSA 2663-1] tinc security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2663-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez April 22, 2013 http://www.debian.org/security/faq -...
HP ElitePad 900 Protection bypass
It's possible to bypass secure boot protection...
tinc buffer overflow
Buffer overflow with oversized TCP packet...
[security bulletin] HPSBHF02865 SSRT101158 rev.1 - HP ElitePad 900, Secure Boot Configuration Inconsistency
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03727435 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03727435 Version: 1 HPSBHF02865...
Multiple Vulnerabilities in D'Link DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A
Device Name: DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A Vendor: D-Link ============ Device Description: ============ DIR-300: http://www.dlink.com/de/de/home-solutions/connect/routers/dir-300-wirele... DIR-615:...
[security bulletin] HPSBMU02830 SSRT100889 rev.2 - HP Data Protector, Local Increase of Privilege
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03570121 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03570121 Version: 2 HPSBMU02830...
Nginx ngx_http_close_connection function integer overflow
Website: http://safe3.com.cn I. BACKGROUND --------------------- Nginx is an HTTP and reverse proxy server, as well as a mail proxy server, written by Igor Sysoev. For a long time, it has been running on many heavily loaded Russian sites including Yandex, Mail.Ru, VKontakte, and Rambler. Accordin...
HP Data Protector privilege escalation
No description provided...
Multiple Vulnerabilities in D'Link DIR-635
Device Name: DIR-635 Vendor: D-Link ============ Vulnerable Firmware Releases: ============ Firmwareversion: 2.34EU Hardware-Version: B1 Produktseite: DIR-635 ============ Vulnerability Overview: ============ Stored XSS - Status - WLAN - SSID Injecting scripts into the parameter...
IBM Lotus Domino information leakage
Unprivileged user can access system information...
D-Link DIR-635 router multiple security vulnerabilities
XSS, CSRF...
Borland Silk Central 12.1 TeeChart Pro Activex control AddSeries Remote Code Execution
Borland Silk Central 12.1 TeeChart Pro Activex control AddSeries Remote Code Execution ActiveX Settings: Binary path: C:Program FilesSilkShared Filesteechart.ocx CLSID: 008BBE7E-C096-11D0-B4E3-00A0C901D681 ProgID: TeeChart.TChart Version: 4.0.0.7 Safe for Scripting IObjectSafety: True Safe for...
D-Link DIR-615 / DIR-600 / DIR-300 multiple security vulnerabilities
Code execution, information leakage, XSS, etc...
Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows
Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows ActiveX settings: Binary path: C:Program Files x86BorlandCaliberRMemsmtp.dll Version: 5.0.0.11 ProgID: EasyMail.SMTP.5 CLSID: 4610E7BF-710F-11D3-813D-00C04F6B92D0 Safe for Scripting: True Safe for Initialization: True...
BF and IA vulnerabilities in IBM Lotus Domino
Hello 3APA3A! I want to warn you about Brute Force and Insufficient Authentication vulnerabilities in IBM Lotus Domino. These are vulnerabilities in Domino, which I've found at 03.05.2012 together with other holes. Last year I've announced multiple vulnerabilities in IBM software and after IBM...
Borland ActiveX security vulnerabilities
Buffer overflows, unsafe method...
Sitecom WLM-3500 backdoor accounts
Sitecom WLM-3500 backdoor accounts ================================== ADVISORY INFORMATION Title: Sitecom WLM-3500 backdoor accounts Discovery date: 24/03/2013 Release date: 16/04/2013 Credits: Roberto Paleari [email protected], @rpaleari Advisory URL:...
[USN-1801-1] curl vulnerability
========================================================================== Ubuntu Security Notice USN-1801-1 April 16, 2013 curl vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...
SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption
SEC Consult Vulnerability Lab Security Advisory 20130417-1 ======================================================================= title: Java ActiveX Control Memory Corruption product: JavaTM Web Start Launcher vulnerable version: Sun Java Version 7 Update 17 and before Sun Java Version 6 Update...
[ESNC-2013-002] Privilege Escalation in SAP Production Planning and Control
ESNC-2013-002 Privilege Escalation in SAP Production Planning and Control Please refer to www.esnc.de for the original security advisory, updates and additional information. ------------------------------------------------------------------------ 1. Business Impact...
[SE-2012-01] Details of issues fixed by Java SE 7 Update 21
Hello All, Today, Oracle released Java SE 7 Update 21, which among other things addresses six security vulnerabilities that were reported to the company earlier this year Issues 51, 55 and 57-60. Our original vulnerability reports and Proof of Concept codes for these and some previously disclosed...
[ESNC-2013-001] Privilege Escalation in SAP Healthcare Industry Solution
ESNC-2013-001 Privilege Escalation in SAP Healthcare Industry Solution Please refer to www.esnc.de for the original security advisory, updates and additional information. ------------------------------------------------------------------------ 1. Business Impact...
cURL / libcurl information leak
Crossdomain cooke access...
Adobe ColdFusion security vulnerabilities
Information leakage, unauthorized access...
APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15 Java for OS X 2013-003 and Mac OS X v10.6 Update 15 are now available and address the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 o...
TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation
Trustwave SpiderLabs Security Advisory TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation https://www.trustwave.com/spiderlabs/advisories/TWSL2013-004.txt Published: 04/18/13 Version: 1.0 Vendor: Cisco www.cisco.com Product: ASA Adaptive Security Appliance Versions...
IcedTea-Web security vulnerabilities
Crossdomain access, code execution...
Sitecom routers backdoor account
2 undocumented backdoor accounts...
Cisco Network Admission Control Manager SQL injection
No description provided...
X.Org X server information leakage
It's possible to retrieve keystrokes...
SAP applications multiple security vulnerabilities
Privilege escalation, code execution...
Samba limitations bypass
It's possible o bypass share attributes limitations...
Cisco TelePresence DoS
DoS via malformed RTP packets...
[USN-1804-1] IcedTea-Web vulnerabilities
========================================================================== Ubuntu Security Notice USN-1804-1 April 18, 2013 icedtea-web vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...
Adobe Shockwave Player Multiple security vulnerabilities
Buffer overflow, memory corruption, information leakage...
Xen security vulnerabilities
Few DoS conditions...
APPLE-SA-2013-04-16-1 Safari 6.0.4
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-04-16-1 Safari 6.0.4 Safari 6.0.4 is now available and addresses the following: WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3 Impact: Visiting a maliciously crafted website may lead to an...
[USN-1802-1] Samba vulnerability
========================================================================== Ubuntu Security Notice USN-1802-1 April 16, 2013 samba vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
Cisco ASA / FWSM multiple security vulnerabilities
Multiple DoS conditions...
[USN-1803-1] X.Org X server vulnerability
========================================================================== Ubuntu Security Notice USN-1803-1 April 17, 2013 xorg-server, xorg-server-lts-quantal vulnerability ========================================================================== A security issue affects these releases of Ubun...
Apple Safari / WebKit memory corruption
Memory corruption via SVG...