BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 44 min 22 sec ago

ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities

August 19, 2014 - 5:14am

Posted by Security Alert on Aug 19

ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities

EMC Identifier: ESA-2014-059

CVE Identifier: CVE-2014-2511

Severity Rating: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Affected products:
• EMC WebTop 6.7 SP1, 6.7 SP2
• EMC Documentum Administrator 6.7 SP1, 6.7 SP2, 7.0, 7.1.
• EMC Records Client 6.7 SP1, 6.7 SP2
• EMC Digital Assets Manager 6.5SP5, 6.5SP6
• EMC Web...
Categories:

ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities

August 19, 2014 - 5:04am

Posted by Security Alert on Aug 19

ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities

EMC Identifier: ESA-2014-073

CVE Identifier: CVE-2014-2518

Severity Rating: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Affected products:
• EMC Documentum Webtop Versions prior 6.7SP1 P28
• EMC Documentum Webtop Versions prior 6.7SP2 P15
• EMC Documentum Administrator Versions prior 6.7 SP1 P28
• EMC Documentum...
Categories:

[SECURITY] [DSA 3006-1] xen security update

August 18, 2014 - 12:46pm

Posted by Moritz Muehlenhoff on Aug 18

-------------------------------------------------------------------------
Debian Security Advisory DSA-3006-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
August 18, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : xen
CVE ID : CVE-2013-1432 CVE-2013-1442...
Categories:

CVE-2014-3577: Apache HttpComponents client: Hostname verification susceptible to MITM attack

August 18, 2014 - 7:38am

Posted by Dirk-Willem van Gulik on Aug 18

Security Advisory - Apache Software Foundation
Apache HttpComponents / hc.apache.org

Hostname verification susceptible to MITM attack

CVE-2014-3577 / CVSS 1.4

Apache HttpComponents (prior to revision 4.3.5/4.0.2) may be susceptible
to a 'Man in the Middle Attack' due to a flaw in the default hostname
verification during SSL/TLS when a specially crafted server side...
Categories:

Outlook.com for Android fails to validate server certificates

August 18, 2014 - 7:28am

Posted by Securify B.V. on Aug 18

------------------------------------------------------------------------
Outlook.com for Android fails to validate server certificates
------------------------------------------------------------------------
Yorick Koster, April 2014

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
Outlook.com for Android's WebView contains an insecure...
Categories:

CVE-2014-5289 - Kolibri WebServer 2.0 Vulnerable to RCE via Overly Long POST Request

August 18, 2014 - 7:17am

Posted by tekwizz123 on Aug 18

Exploit Details
------------------
Senkas Kolibri WebServer 2.0 (available at http://www.senkas.com/kolibri/download.php) is vulnerable to RCE via an
overly long POST request.

Sending the exploit will result in a SEH overwrite, which can then be use to redirect execution to a POP POP RET within
the application's binary itself, which once executed, will allow the attacker to execute his/her payload located in the
HOST field.

PoC...
Categories:

Beginners error: Apple's iCloudServices for Windows run rogue program C:\Program.exe (and some more)

August 18, 2014 - 6:38am

Posted by Stefan Kanthak on Aug 18

Hi @ll,

"C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe",
part of Apple's iCloudServices (see <https://www.apple.com/icloud/>), is
configured to be started as (COM) server via SvcHost.Exe.

Unfortunately the developers of this (COM) server (and of course their QA
too) did a lousy job and let their installer create the following erroneous
registry entries with a command line that contains an unquoted...
Categories:

Beginners error: Windows Live Mail 2011 runs rogue C:\Program.exe when opening associated URLs

August 18, 2014 - 6:28am

Posted by Stefan Kanthak on Aug 18

Hi @ll,

the following command lines associated with the URL protocols of
Windows Live Mail 2011 (15.4.3538.513)

WLMail.Url.Mailto=C:\Program Files (x86)\Windows Live\Mail\wlmail.exe /mailurl:"%1"
WLMail.Url.news=C:\Program Files (x86)\Windows Live\Mail\wlmail.exe /newsurl:"%1"
WLMail.Url.nntp=C:\Program Files (x86)\Windows Live\Mail\wlmail.exe /newsurl:"%1"
WLMail.Url.snews=C:\Program Files (x86)\Windows...
Categories:

Beginners error: Apple's Software Update runs rogue program C:\Program.exe (and some more)

August 18, 2014 - 6:17am

Posted by Stefan Kanthak on Aug 18

Hi @ll,

"C:\Program Files\Apple Software Update\SoftwareUpdate.exe", part
of Apple's Software Update and installed together with iTunes,
QuickTime and other of Apple's crap for Windows, is periodically
called with the argument "-task".

This invokes the COM server {91A9E6A9-3935-4A37-AFBA-F0904B166364}
alias AppleSoftwareUpdate.ASUInstallhost, implemented in the DLL
C:\Program Files\Apple Software...
Categories:

[SECURITY] [DSA 3005-1] gpgme1.0 security update

August 14, 2014 - 12:52pm

Posted by Salvatore Bonaccorso on Aug 14

-------------------------------------------------------------------------
Debian Security Advisory DSA-3005-1 security () debian org
http://www.debian.org/security/ Salvatore Bonaccorso
August 14, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : gpgme1.0
CVE ID : CVE-2014-3564
Debian Bug :...
Categories:

APPLE-SA-2014-08-13-1 Safari 6.1.6 and Safari 7.0.6

August 14, 2014 - 5:24am

Posted by Apple Product Security on Aug 14

APPLE-SA-2014-08-13-1 Safari 6.1.6 and Safari 7.0.6

Safari 6.1.6 and Safari 7.0.6 are now available and address the
following:

WebKit
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.4
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit.
These...
Categories: