BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 18 min 20 sec ago

[ MDVSA-2015:077 ] python-numpy

March 27, 2015 - 1:41pm

Posted by security on Mar 27

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:077
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : python-numpy
Date : March 27, 2015
Affected: Business Server 2.0
_______________________________________________________________________

Problem Description:...
Categories:

[ MDVSA-2015:076 ] python3

March 27, 2015 - 1:18pm

Posted by security on Mar 27

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:076
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : python3
Date : March 27, 2015
Affected: Business Server 2.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

[ MDVSA-2015:075 ] python

March 27, 2015 - 1:09pm

Posted by security on Mar 27

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:075
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : python
Date : March 27, 2015
Affected: Business Server 2.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

[ MDVSA-2015:074 ] openldap

March 27, 2015 - 12:59pm

Posted by security on Mar 27

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:074
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : openldap
Date : March 27, 2015
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

A...
Categories:

[ MDVSA-2015:071 ] libpng12

March 27, 2015 - 12:52pm

Posted by security on Mar 27

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:071
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : libpng12
Date : March 27, 2015
Affected: Business Server 2.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

[ MDVSA-2015:073 ] openldap

March 27, 2015 - 12:40pm

Posted by security on Mar 27

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:073
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : openldap
Date : March 27, 2015
Affected: Business Server 2.0
_______________________________________________________________________

Problem Description:

Multiple...
Categories:

[ MDVSA-2015:072 ] gnutls

March 27, 2015 - 12:34pm

Posted by security on Mar 27

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:072
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : gnutls
Date : March 27, 2015
Affected: Business Server 2.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

[ MDVSA-2015:070 ] libvirt

March 27, 2015 - 12:17pm

Posted by security on Mar 27

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:070
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : libvirt
Date : March 27, 2015
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

[ MDVSA-2015:068 ] e2fsprogs

March 27, 2015 - 9:58am

Posted by security on Mar 27

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:068
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : e2fsprogs
Date : March 27, 2015
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

[ MDVSA-2015:067 ] e2fsprogs

March 27, 2015 - 9:49am

Posted by security on Mar 27

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:067
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : e2fsprogs
Date : March 27, 2015
Affected: Business Server 2.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

[ MDVSA-2015:066 ] cpio

March 27, 2015 - 9:39am

Posted by security on Mar 27

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:066
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : cpio
Date : March 27, 2015
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated cpio...
Categories:

[ MDVSA-2015:065 ] cpio

March 27, 2015 - 9:31am

Posted by security on Mar 27

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:065
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : cpio
Date : March 27, 2015
Affected: Business Server 2.0
_______________________________________________________________________

Problem Description:

Updated cpio...
Categories:

[ MDVSA-2015:064 ] cabextract

March 27, 2015 - 9:21am

Posted by security on Mar 27

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:064
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : cabextract
Date : March 27, 2015
Affected: Business Server 1.0, Business Server 2.0
_______________________________________________________________________

Problem...
Categories:

[ MDVSA-2015:063 ] openssl

March 27, 2015 - 9:13am

Posted by security on Mar 27

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:063
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : openssl
Date : March 27, 2015
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Multiple...
Categories:

[ MDVSA-2015:062 ] openssl

March 27, 2015 - 7:47am

Posted by security on Mar 27

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:062
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : openssl
Date : March 27, 2015
Affected: Business Server 2.0
_______________________________________________________________________

Problem Description:

Multiple...
Categories:

[SECURITY] [DSA 3205-1] batik security update

March 27, 2015 - 6:36am

Posted by Sebastien Delafond on Mar 27

-------------------------------------------------------------------------
Debian Security Advisory DSA-3205-1 security () debian org
http://www.debian.org/security/ Sebastien Delafond
March 27, 2015 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : batik
CVE ID : CVE-2015-0250
Debian Bug :...
Categories:

Manage Engine Desktop Central 9 - CVE-2015-2560 - Unauthorised administrative password reset

March 27, 2015 - 6:27am

Posted by root on Mar 27

A vulnerability exists in the Manage Engine Desktop Central 9 application that affects version (build 90130). This may
affect earlier releases as well.

The vulnerability allows a remote unauthenticated user to change the password of any Manage Engine Desktop Central user
with the ‘Administrator’ role (DCAdmin).
The following proof of concept URL changes the ‘admin’ user password to ‘admin3’....
Categories:

[security bulletin] HPSBMU03294 rev.1 - HP Process Automation running OpenSSL, Remote Disclosure of Information

March 26, 2015 - 3:26pm

Posted by security-alert on Mar 26

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04597376

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04597376
Version: 1

HPSBMU03294 rev.1 - HP Process Automation running OpenSSL, Remote Disclosure
of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2015-03-26...
Categories:

Insecure file upload in Berta CMS

March 26, 2015 - 2:28pm

Posted by Simon Waters on Mar 26

Berta CMS is a web based content management system using PHP and local file storage.

http://www.berta.me/

Due to use of a 3rd party Berta CMS website to redirect links within a phishing email brought to our attention we
checked the file upload functionality of this software.

We found that the file upload didn't require authentication.

Images with a ".php" extension could be uploaded, and all that was required is that they pass...
Categories:

Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software and IOS XE Software Autonomic Networking Infrastructure

March 25, 2015 - 1:37pm

Posted by Cisco Systems Product Security Incident Response Team on Mar 25

Multiple Vulnerabilities in Cisco IOS Software and IOS XE Software Autonomic Networking Infrastructure

Advisory ID: cisco-sa-20150325-ani

Revision 1.0

For Public Release 2015 March 25 16:00 UTC (GMT)

Summary
=======

The Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software and IOS XE Software has multiple
vulnerabilities which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or...
Categories: