47153 matches found
[security bulletin] HPSBMU03017 rev.2 - HP Software Connect-IT running OpenSSL, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Document ID: c04260456 Version: 2 HPSBMU03017 rev.2 - HP Software Connect-IT running OpenSSL, Remote Disclosure of Information NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2014-04-21 Last...
CVE-2013-6216 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in multiple HP products on Linux
Vulnerability title: SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in HP Array Configuration Utility, HP Array Diagnostics Utility, HP ProLiant Array Diagnostics and SmartSSD Wear Gauge Utility Running on Linux CVE: CVE-2013-6216 Vendor: HP Product: HP Array Configuration...
[security bulletin] HPSBMU02996 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access, Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04026039 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04026039 Version: 1 HPSBMU02996 rev....
HP-UX Whitelisting protection bypass
Integrity check bypass...
[security bulletin] HPSBUX03001 SSRT101382 rev.1 - HP-UX Whitelisting (WLI), Local System Integrity Risk
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04227671 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04227671 Version: 1 HPSBUX03001...
HP Database and Middleware Automation information leakage
No description provided...
HP Universal Configuration Management multiple security vulnerabilities
Code execution, information leakage...
HP Network Node Manager multiple security vulnerabilities
Unauthorized access, code execution...
[security bulletin] HPSBMU02982 rev.1 - HP Database and Middleware Automation, Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04201408 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04201408 Version: 1 HPSBMU02982 rev....
Google Chrome / Chromium multiple security vulnerabilities
Crossite scripting, integer overflows, DoS, memory corruptions, URL spoofing...
[SECURITY] [DSA 2905-1] chromium-browser security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2905-1 [email protected] http://www.debian.org/security/ Michael Gilbert April 15, 2014 http://www.debian.org/security/faq -...
[security bulletin] HPSBST02980 rev.1 - HP Array Configuration Utility, HP Array Diagnostics Utility, HP ProLiant Array Diagnostics and SmartSSD Wear Gauge Utility Running on Linux, Local Elevation of Privilege
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04187357 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04187357 Version: 1 HPSBST02980 rev....
HP Array Configuration Utility / HP Array Diagnostics Utility / HP ProLiant Array Diagnostics / SmartSSD Wear Gauge Utility privilege escalation
RPATH privilege escalation...
[security bulletin] HPSBMU02987 rev.1 - HP Universal Configuration Management Database Integration Service, Remote Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04219959 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04219959 Version: 1 HPSBMU02987 rev....
[security bulletin] HPSBMU02988 rev.1 - HP Universal Configuration Management Database, Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04220407 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04220407 Version: 1 HPSBMU02988 rev....
[security bulletin] HPSBMU02994 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04236062 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04236062 Version: 1 HPSBMU02994 rev....
RUCKUS ADVISORY ID 041414: OpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 RUCKUS ADVISORY ID 041414 Customer release date: April 14, 2014 Public release date: April 14, 2014 TITLE OpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160 SUMMARY OpenSSL library is used in Ruckus products to implement various...
[security bulletin] HPSBMU02998 rev.1 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04239372 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04239372 Version: 1 HPSBMU02998 rev....
[security bulletin] HPSBGN03008 rev.1 - HP Software Service Manager, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04248997 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04248997 Version: 1 HPSBGN03008 rev....
[security bulletin] HPSBMU02997 rev.1 - HP Smart Update Manager (SUM) running OpenSSL, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04239375 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04239375 Version: 1 HPSBMU02997 rev....
[security bulletin] HPSBMU02995 rev.1 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, Performance Center, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04236102 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04236102 Version: 1 HPSBMU02995 rev....
[security bulletin] HPSBST03001 rev.1 - HP XP P9500 Disk Array running OpenSSL, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04240206 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04240206 Version: 1 HPSBST03001 rev....
FreeBSD Security Advisory FreeBSD-SA-14:06.openssl [REVISED]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:06.openssl Security Advisory The FreeBSD Project Topic: OpenSSL multiple vulnerabilities Category: contrib Module: openssl Announced: 2014-04-08 Affects: All...
HP Autonomy WorkSite Server v9.0
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04239374 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04239374 Version: 1 HPSBMU02999 rev....
[security bulletin] HPSBGN03010 rev.1 - HP Software Server Automation, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04250814 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04250814 Version: 1 HPSBGN03010 rev....
[security bulletin] HPSBMU02999 rev.1 - HP Software Autonomy WorkSite Server (On-Premises Software), Running OpenSSL, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04239374 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04239374 Version: 1 HPSBMU02999 rev....
MacOSX/XNU HFS Multiple Vulnerabilities
MacOSX/XNU HFS Multiple Vulnerabilities Maksymilian Arciemowicz http://cxsecurity.com/ http://cifrex.org/ =================== On November 8th, I've reported vulnerability in hard links for HFS+ CVE-2013-6799 http://cxsecurity.com/issue/WLB-2013110059 The HFS+ file system does not apply strict...
[USN-2165-1] OpenSSL vulnerabilities
========================================================================== Ubuntu Security Notice USN-2165-1 April 07, 2014 openssl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Apple Mac OS X DoS
DoS via symbolic links...
[USN-2164-1] OpenSSH vulnerability
========================================================================== Ubuntu Security Notice USN-2164-1 April 07, 2014 openssh vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
OpenSSH protection bypass
SSHFP protection bypass for client...
APPLE-SA-2014-02-11-1 Boot Camp 5.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-11-1 Boot Camp 5.1 Boot Camp 5.1 is now available and addresses the following: Boot Camp Available for: Macs running Boot Camp 5 Impact: Loading a malformed executable file may cause memory corruption in the kernel Description: A boun...
0A29-14-1 : NCCGroup EasyDA privilege escalation & credential disclosure vulnerability [0day]
...................................... / / | | / / / / / | |/ / / / / / / ^ / / / // | / / / / || / ...................................... 0A29-14-1 : NCCGroup EasyDA privilege escalation & credential disclosure vulnerability 0day Author: 0a29406d9794e4f9b30b3c5d6702c708 twitter.com/0a29 -...
OpenLDAP DoS
Resources exhaustion...
[USN-2104-1] LXC vulnerability
========================================================================== Ubuntu Security Notice USN-2104-1 February 12, 2014 lxc vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
EMC RSA Adaptive Authentication security vulnerabilities
Crossite scripting...
HP Integrated Lights-Out unauthorized access
Information leakage of password...
Rhythm File Manager multiple security vulnerabilities
Information leakage, privilege escalation, code execution...
a2ps code execution
Macro are not filtered in Postscript processin...
[ MDVSA-2014:026 ] openldap
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:026 http://www.mandriva.com/en/support/security/ Package : openldap Date : February 12, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and...
[softScheck] Denial of Service in Microsoft Office 2007-2013
================================================ Denial of Service in Microsoft Outlook 2007-2013 Vulnerability Type: Denial of Service CVE: - Impact: Low CVSSv2 Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P Status: Unpatched Credits: Lubomir Stroetmann, softScheck GmbH http://www.softscheck.com...
ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities
ESA-2013-039.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities EMC Identifier: ESA-2013-039 CVE Identifier: CVE-2011-3389, CVE-2013-0169 Severity Rating: CVSS v2 Base Score: Refer NVD http://nvd.nist.gov/ for individual scores for each CVE...
RSA BSAFE multiple security vulnerabilities
Buffer overflows, SSL attacks, protection bypass...
Apple BootCamp privilege escalation
Kernel memory corruption on PE files parsing...
ASUS router drive-by code execution via XSS and authentication bypass
ASUS router drive-by code execution via XSS and authentication bypass ===================================================================== The latest version of this advisory is available at: https://sintonen.fi/advisories/asus-router-auth-bypass.txt Overview -------- Various ASUS routers contai...
Symantec Endpoint Protection security vulnerabilities
SQL injection, information leakage...
Nessus privilege escalation
Weak permissions for plugin library, insecure temporary files creation...
ASUS RT Series Routers FTP Service - Default anonymous access
Five ASUS RT series routers suffer from a vendor vulnerability that default FTP service to anonymous access, full read/write permissions. The service, which is activated from the administrative console does not give proper instructions nor indications that the end user needs to manually add a use...
Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability
Document Title: =============== Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1249 Release Date: ============= 2014-04-01 Vulnerability Laboratory ID VL-ID: ===================================...
Microsoft Outlook DoS
Outlook hangs on XML parsing...