47153 matches found
xml-security-c security vulnerabilities
Stack overflow, heap buffer overflow...
FreeBSD Security Advisory FreeBSD-SA-13:06.mmap [REVISED]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:06.mmap Security Advisory The FreeBSD Project Topic: Privilege escalation via mmap Category: core Module: kernel Announced: 2013-06-18 Credits: Konstantin...
[SECURITY] [DSA 2710-1] xml-security-c security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2710-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso June 18, 2013 http://www.debian.org/security/faq -...
[ MDVSA-2013:178 ] nfs-utils
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:178 http://www.mandriva.com/en/support/security/ Package : nfs-utils Date : June 25, 2013 Affected: Business Server 1.0 Problem Description: Updated nfs-utils packages fix security vulnerability It was...
nfs-utils rpc.gssd privilege escalation
Unsafe PTR DNS record resoulution is used in a security related operation...
Barracuda CudaTel 2.6.02.04 - Persistent Web Vulnerability
Title: ====== Barracuda CudaTel 2.6.02.04 - Persistent Web Vulnerability Date: ===== 2013-06-21 References: =========== http://vulnerability-lab.com/getcontent.php?id=777 BARRACUDA NETWORK SECURITY ID: BNSEC-834 VL-ID: ===== 777 Common Vulnerability Scoring System:...
CVE-2013-2153: Apache Santuario C++ signature bypass vulnerability
CVE-2013-2153: Apache Santuario XML Security for C++ contains an XML Signature Bypass issue Severity: Critical Vendor: The Apache Software Foundation Versions Affected: Apache Santuario XML Security for C++ library versions prior to V1.7.1 Description: The implementation of XML digital signatures...
Apple and Wifi Hotspot Credentials Management Vulnerability
This vulnerability was published to the OWASP Mobile Security list as a research paper by Andreas Kurtz, Daniel Metz and Felix Freiling. See "Cracking iOS personal hotspots using a Scrabble crossword game word list,"...
Happy Birthday FreeBSD! Now you are 20 years old and your security is the same as 20 years ago... :)
$ uname -a FreeBSD fbsd91x64 9.1-RELEASE FreeBSD 9.1-RELEASE 0 r243825: Tue Dec 4 09:23:10 UTC 2012 [email protected]:/usr/obj/usr/src/sys/GENERIC amd64 $ id uid=1001hunger gid=1002hunger groups=1002hunger $ gcc fbsd9lul.c -o fbsd9lul $ ./fbsd9lul FreeBSD 9.0,1 mmap/ptrace exploit by...
[USN-1889-1] HAProxy vulnerability
========================================================================== Ubuntu Security Notice USN-1889-1 June 20, 2013 haproxy vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
[USN-1887-1] OpenStack Swift vulnerabilities
========================================================================== Ubuntu Security Notice USN-1887-1 June 20, 2013 swift vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
[USN-1884-1] LibRaw vulnerability
========================================================================== Ubuntu Security Notice USN-1884-1 June 18, 2013 libraw vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
CVE-2013-2154: Apache Santuario C++ stack overflow vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2013-2154: Apache Santuario XML Security for C++ contains a stack overflow during XPointer evaluation Severity: Critical Vendor: The Apache Software Foundation Versions Affected: Apache Santuario XML Security for C++ library versions prior to...
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
Multiple memory corruptions, code execution, information leakages, crossite scripting, protection bypass...
telepathy-gabbleprotection bypass
TLS required flag is ignored on jabber network...
[USN-1875-1] OpenStack Keystone vulnerabilities
========================================================================== Ubuntu Security Notice USN-1875-1 June 14, 2013 keystone vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[USN-1830-1] OpenStack Keystone vulnerability
========================================================================== Ubuntu Security Notice USN-1830-1 May 16, 2013 keystone vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
X servers and libraries security vulnerabilities
Multiple integer overflows, buffer overflows, memory corruptions, etc...
[SECURITY] [DSA 2704-1] mesa security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2704-1 [email protected] http://www.debian.org/security/ Raphael Geissert June 09, 2013 http://www.debian.org/security/faq -...
[USN-1831-1] OpenStack Nova vulnerability
========================================================================== Ubuntu Security Notice USN-1831-1 May 16, 2013 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...
APPLE-SA-2013-06-04-2 Safari 6.0.5
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-06-04-2 Safari 6.0.5 Safari 6.0.5 is now available and addresses the following: WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3 Impact: Visiting a maliciously crafted website may lead to an...
RUCKUS ADVISORY ID 031813-2: User authentication bypass vulnerability in ZoneDirector administrative web interface
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 RUCKUS ADVISORY ID 031813-2 Customer release date: March 25, 2013 Public release date: May 27, 2013 TITLE User authentication bypass vulnerability in ZoneDirector administrative web interface SUMMARY An user authentication bypass vulnerability has bee...
Wireshark multiple security vulnerabilities
Vulnerabilities in GTPv2, ASN.1 BER, PPP CCP, DCP ETSI, MPEG DSM-CC, CAPWAP, HTTP, DCP ETSI and Websocket dissectors...
[USN-1874-1] DBus vulnerability
========================================================================== Ubuntu Security Notice USN-1874-1 June 13, 2013 dbus vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...
DBus DoS
Crash on message processing...
HP Integrated Lights-Out unauthorized access
Unauthorized access if SSO is configured...
[security bulletin] HPSBHF02885 rev.1 - HP Integrated Lights-Out iLO3 and iLO4 using Single-Sign-On (SSO), Remote Unauthorized Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03787836 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03787836 Version: 1 HPSBHF02885 rev....
Avira Antivir DoS
Endless loop on PDF processing...
[ MDVSA-2013:172 ] wireshark
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:172 http://www.mandriva.com/en/support/security/ Package : wireshark Date : June 12, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been found and...
RUCKUS ADVISORY ID 031813-1: Unauthenticated TCP tunneling on Ruckus devices via SSH server process
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 RUCKUS ADVISORY ID 031813-1 Customer release date: March 25, 2013 Public release date: May 27, 2013 TITLE Unauthenticated TCP tunneling on Ruckus devices via SSH server process SUMMARY An user authentication bypass vulnerability has been discovered...
WebKit / Apple Safari multiple security vulnerabilities
Multiple memory corruptions and crossite scripting...
[USN-1878-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-1878-1 June 14, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
Chromium / Google Chrome multiple security vulnerabilities
Use-after-free, DoS conditions, race conditions, information leakage, XSS...
LSE Leading Security Experts GmbH - LSE-2013-06-13 - Avira AntiVir Engine
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 === LSE Leading Security Experts GmbH - Security Advisory 2013-06-13 === Avira AntiVir Engine -- Denial of Service / Filtering Evasion - ------------------------------------------------------------- Affected Versions ================= Avira AntiVir...
[SECURITY] [DSA 2706-1] chromium-browser security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2706-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano June 10, 2013 http://www.debian.org/security/faq -...
[slackware-security] php (SSA:2013-161-01)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security php SSA:2013-161-01 New php packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...
Ubiquiti airCam buffer overflow
Buffer overflow in RTSP service...
CORE-2013-0430 - Buffer overflow in Ubiquiti airCam RTSP service
Core Security - Corelabs Advisory http://corelabs.coresecurity.com Buffer overflow in Ubiquiti airCam RTSP service 1. Advisory Information Title: Buffer overflow in Ubiquiti airCam RTSP service Advisory ID: CORE-2013-0430 Advisory URL:...
HP Service Manager / HP ServiceCenter security vulnerabilities
Crossite scripting, information leakage...
Subversion security vulnerabilities
Few DoS conditions...
Ruckus ZoneDirector authentication bypass
Unauthorized access if external authentication protocol is configured...
Mozilla Firefox 14.01 Memory Exhaustion DoS Exploit
--------------------------------------------------- Mozilla Firefox 14.01 Memory Exhaustion DoS Exploit --------------------------------------------------- Credit: Jean Pascal Pereira [email protected] Description: Mozilla Firefox is prone to a memory exhaustion vulnerability. The issue has been...
[SECURITY] [DSA 2702-1] telepathy-gabble security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2702-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso June 03, 2013 http://www.debian.org/security/faq -...
[security bulletin] HPSBMU02884 rev.1 - HP Service Manager and HP ServiceCenter, Cross Site Scripting (XSS) and Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03784101 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03784101 Version: 1 HPSBMU02884 rev....
PHP buffer overflow
Buffer overflow in quotedprintableencode function...
Mozilla Firefox / Microsoft Internet Explorer DoS
Crash or hang via resources exhaustion...
DoS vulnerability in Mozilla Firefox and Microsoft Internet Explorer
Hello 3APA3A! I want to warn you about Denial of Service vulnerability in Mozilla Firefox and Microsoft Internet Explorer. Earlier Jean Pascal Pereira has found DoS vulnerability in browser Firefox 14.0.1 http://1337day.com/exploit/description/19201. And at 07.04.2013 I've checked this...
[SECURITY] [DSA 2703-1] subversion security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2703-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso June 09, 2013 http://www.debian.org/security/faq -...
pymongo DoS
NULL pointer dereference...
[SECURITY] [DSA 2705-1] pymongo security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2705-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano June 10, 2013 http://www.debian.org/security/faq -...