[security bulletin] HPSBMU03022 rev.1 - HP Systems Insight Manager (SIM) Bundled Software running OpenSSL, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04263236 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04263236 Version: 1 HPSBMU03022 rev....

Google Chrome / Chromium multiple security vulnerabilities

Crossite scripting, integer overflows, DoS, memory corruptions, URL spoofing...

[security bulletin] HPSBST02980 rev.1 - HP Array Configuration Utility, HP Array Diagnostics Utility, HP ProLiant Array Diagnostics and SmartSSD Wear Gauge Utility Running on Linux, Local Elevation of Privilege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04187357 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04187357 Version: 1 HPSBST02980 rev....

[security bulletin] HPSBMU02987 rev.1 - HP Universal Configuration Management Database Integration Service, Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04219959 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04219959 Version: 1 HPSBMU02987 rev....

HP Array Configuration Utility / HP Array Diagnostics Utility / HP ProLiant Array Diagnostics / SmartSSD Wear Gauge Utility privilege escalation

RPATH privilege escalation...

HP-UX Whitelisting protection bypass

Integrity check bypass...

[security bulletin] HPSBMU02982 rev.1 - HP Database and Middleware Automation, Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04201408 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04201408 Version: 1 HPSBMU02982 rev....

HP Database and Middleware Automation information leakage

No description provided...

[security bulletin] HPSBMU02996 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access, Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04026039 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04026039 Version: 1 HPSBMU02996 rev....

[security bulletin] HPSBMU02988 rev.1 - HP Universal Configuration Management Database, Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04220407 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04220407 Version: 1 HPSBMU02988 rev....

[SECURITY] [DSA 2905-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2905-1 [email protected] http://www.debian.org/security/ Michael Gilbert April 15, 2014 http://www.debian.org/security/faq -...

HP Network Node Manager multiple security vulnerabilities

Unauthorized access, code execution...

HP Universal Configuration Management multiple security vulnerabilities

Code execution, information leakage...

CVE-2013-6216 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in multiple HP products on Linux

Vulnerability title: SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in HP Array Configuration Utility, HP Array Diagnostics Utility, HP ProLiant Array Diagnostics and SmartSSD Wear Gauge Utility Running on Linux CVE: CVE-2013-6216 Vendor: HP Product: HP Array Configuration...

[security bulletin] HPSBUX03001 SSRT101382 rev.1 - HP-UX Whitelisting (WLI), Local System Integrity Risk

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04227671 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04227671 Version: 1 HPSBUX03001...

[security bulletin] HPSBST03001 rev.1 - HP XP P9500 Disk Array running OpenSSL, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04240206 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04240206 Version: 1 HPSBST03001 rev....

[security bulletin] HPSBGN03010 rev.1 - HP Software Server Automation, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04250814 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04250814 Version: 1 HPSBGN03010 rev....

HP Autonomy WorkSite Server v9.0

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04239374 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04239374 Version: 1 HPSBMU02999 rev....

[security bulletin] HPSBMU02997 rev.1 - HP Smart Update Manager (SUM) running OpenSSL, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04239375 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04239375 Version: 1 HPSBMU02997 rev....

[security bulletin] HPSBMU02995 rev.1 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, Performance Center, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04236102 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04236102 Version: 1 HPSBMU02995 rev....

[security bulletin] HPSBGN03008 rev.1 - HP Software Service Manager, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04248997 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04248997 Version: 1 HPSBGN03008 rev....

FreeBSD Security Advisory FreeBSD-SA-14:06.openssl [REVISED]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:06.openssl Security Advisory The FreeBSD Project Topic: OpenSSL multiple vulnerabilities Category: contrib Module: openssl Announced: 2014-04-08 Affects: All...

[security bulletin] HPSBMU02994 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04236062 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04236062 Version: 1 HPSBMU02994 rev....

[security bulletin] HPSBMU02998 rev.1 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04239372 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04239372 Version: 1 HPSBMU02998 rev....

RUCKUS ADVISORY ID 041414: OpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 RUCKUS ADVISORY ID 041414 Customer release date: April 14, 2014 Public release date: April 14, 2014 TITLE OpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160 SUMMARY OpenSSL library is used in Ruckus products to implement various...

[security bulletin] HPSBMU02999 rev.1 - HP Software Autonomy WorkSite Server (On-Premises Software), Running OpenSSL, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04239374 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04239374 Version: 1 HPSBMU02999 rev....

Apple Mac OS X DoS

DoS via symbolic links...

MacOSX/XNU HFS Multiple Vulnerabilities

MacOSX/XNU HFS Multiple Vulnerabilities Maksymilian Arciemowicz http://cxsecurity.com/ http://cifrex.org/ =================== On November 8th, I've reported vulnerability in hard links for HFS+ CVE-2013-6799 http://cxsecurity.com/issue/WLB-2013110059 The HFS+ file system does not apply strict...

[USN-2164-1] OpenSSH vulnerability

========================================================================== Ubuntu Security Notice USN-2164-1 April 07, 2014 openssh vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

[USN-2165-1] OpenSSL vulnerabilities

========================================================================== Ubuntu Security Notice USN-2165-1 April 07, 2014 openssl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

OpenSSH protection bypass

SSHFP protection bypass for client...

Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability

Document Title: =============== Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1249 Release Date: ============= 2014-04-01 Vulnerability Laboratory ID VL-ID: ===================================...

SEC Consult SA-20140218-0 :: Multiple critical vulnerabilities in Symantec Endpoint Protection

SEC Consult Vulnerability Lab Security Advisory 20140218-0 ======================================================================= title: Multiple critical vulnerabilities product: Symantec Endpoint Protection vulnerable version: 11.0, 12.0, 12.1 fixed version: =11.0.7405.1424 =12.1.4023.4080...

OpenLDAP DoS

Resources exhaustion...

HP Integrated Lights-Out unauthorized access

Information leakage of password...

[security bulletin] HPSBHF02981 rev.1 - HP Integrated Lights-Out 2, 3, and 4 (iLO2, iLO3, iLO4), IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04197764 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04197764 Version: 1 HPSBHF02981 rev....

[USN-2104-1] LXC vulnerability

========================================================================== Ubuntu Security Notice USN-2104-1 February 12, 2014 lxc vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

Microsoft Outlook DoS

Outlook hangs on XML parsing...

[SECURITY] [DSA 2893-1] openswan security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2893-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez March 31, 2014 http://www.debian.org/security/faq -...

lxc protection bypass

Invalid sshd mount permissions template...

Nessus privilege escalation

Weak permissions for plugin library, insecure temporary files creation...

Apple BootCamp privilege escalation

Kernel memory corruption on PE files parsing...

ESA-2014-009: RSA BSAFE® SSL-J Multiple Vulnerabilities

ESA-2014-009.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-009: RSA BSAFE® SSL-J Multiple Vulnerabilities EMC Identifier: ESA-2014-009 CVE Identifier: CVE-2011-1473, CVE-2014-0625, CVE-2014-0626, CVE-2014-0627 Severity Rating: CVSS v2 Base Score: See below for individual scores...

CA20140403-01: Security Notice for CA Erwin Web Portal

-----BEGIN PGP SIGNED MESSAGE----- CA20140403-01: Security Notice for CA Erwin Web Portal Issued: April 03, 2014 CA Technologies Support is alerting customers to multiple vulnerabilities with CA Erwin Web Portal. The vulnerabilities, CVE-2014-2210, occur due to insufficient path verification. A...

0A29-14-1 : NCCGroup EasyDA privilege escalation & credential disclosure vulnerability [0day]

...................................... / / | | / / / / / | |/ / / / / / / ^ / / / // | / / / / || / ...................................... 0A29-14-1 : NCCGroup EasyDA privilege escalation & credential disclosure vulnerability 0day Author: 0a29406d9794e4f9b30b3c5d6702c708 twitter.com/0a29 -...

[softScheck] Denial of Service in Microsoft Office 2007-2013

================================================ Denial of Service in Microsoft Outlook 2007-2013 Vulnerability Type: Denial of Service CVE: - Impact: Low CVSSv2 Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P Status: Unpatched Credits: Lubomir Stroetmann, softScheck GmbH http://www.softscheck.com...

[ MDVSA-2014:026 ] openldap

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:026 http://www.mandriva.com/en/support/security/ Package : openldap Date : February 12, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and...

ESA-2014-020: RSA Adaptive Authentication (On-Premise) Multiple Vulnerabilities

ESA-2014-020.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-020: RSA Adaptive Authentication On-Premise Multiple Vulnerabilities EMC Identifier: ESA-2014-020 CVE Identifier: CVE-2014-0637, CVE-2014-0638 Severity Rating: CVSS v2 Base Score: See below for individual scores Affected...

Rhythm File Manager multiple security vulnerabilities

Information leakage, privilege escalation, code execution...

[MATTA-2013-004] CVE-2014-1409; MobileIron authentication bypass vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Matta Consulting - Matta Advisory https://www.trustmatta.com MobileIron Multiple Products Authentication Bypass Vulnerability Advisory ID: MATTA-2013-004 CVE reference: CVE-2014-1409, CVE-2013-7286 Affected platforms: VSP and Sentry Version: VSP 5.9...