BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 23 min 24 sec ago

CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used

6 hours 18 min ago

Posted by Eissing Stefan on Dec 05

Security Advisory - Apache Software Foundation
Apache HTTPD WebServer / httpd.apache.org

Server memory can be exhausted and service denied when HTTP/2 is used

CVE-2016-8740

The Apache HTTPD web server (from 2.4.17-2.4.23) did not apply limitations
on request headers correctly when experimental module for the HTTP/2
protocol is used to access a resource.

The net result is that a the server...
Categories:

Microsoft MSINFO32.EXE ".NFO" Files XML External Entity

8 hours 49 min ago

Posted by apparitionsec on Dec 05

[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-MSINFO32-XXE-FILE-EXFILTRATION.txt

[+] ISR: ApparitionSec

Vendor:
=================
www.microsoft.com

Product:
==========================
Windows System Information
MSINFO32.exe v6.1.7601

Windows MSINFO32.EXE Displays a comprehensive view of your hardware, system components, and software...
Categories:

Microsoft Windows Media Center "ehshell.exe" XML External Entity

9 hours 8 min ago

Posted by apparitionsec on Dec 05

[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-MEDIA-CENTER-XXE-FILE-DISCLOSURE.txt

[+] ISR: ApparitionSec

Vendor:
==================
www.microsoft.com

Product:
==================================
Windows Media Center "ehshell.exe"
version 6.1.7600

Vulnerability Type:
====================
XML External Entity

CVE Reference:...
Categories:

[slackware-security] mozilla-firefox (SSA:2016-336-01)

December 1, 2016 - 7:34am

Posted by Slackware Security Team on Dec 01

[slackware-security] mozilla-firefox (SSA:2016-336-01)

New mozilla-firefox packages are available for Slackware 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-45.5.1esr-i586-1_slack14.2.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...
Categories:

[security bulletin] HPSBUX03665 rev.3 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS), URL Redirection

December 1, 2016 - 1:30am

Posted by security-alert on Nov 30

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05324759

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05324759
Version: 3

HPSBUX03665 rev.3 - HP-UX Tomcat-based Servlet Engine, Remote Denial of
Service (DoS), URL Redirection

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2016-12-01...
Categories:

[security bulletin] HPSBGN03680 rev.1 - HPE Propel, Local Denial of Service (DoS), Escalation of Privilege

December 1, 2016 - 1:15am

Posted by security-alert on Nov 30

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05347541

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05347541
Version: 1

HPSBGN03680 rev.1 - HPE Propel, Local Denial of Service (DoS), Escalation of
Privilege

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2016-11-30
Last Updated:...
Categories:

[security bulletin] HPSBGN03677 rev.1 - HPE Network Automation using RPCServlet and Java Deserialization, Remote Code Execution

November 30, 2016 - 2:09pm

Posted by security-alert on Nov 30

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05344849

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05344849
Version: 1

HPSBGN03677 rev.1 - HPE Network Automation using RPCServlet and Java
Deserialization, Remote Code Execution

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date:...
Categories:

[FOXMOLE SA 2016-05-02] e107 Content Management System (CMS) - Multiple Issues

November 30, 2016 - 12:59pm

Posted by FOXMOLE Advisories on Nov 30

=== FOXMOLE - Security Advisory 2016-05-02 ===

e107 Content Management System (CMS) - Multiple Issues
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Affected Versions
=================
e107 2.1.2 Bootstrap CMS

Issue Overview
==============
Vulnerability Type: Multiple Vulnerabilities
Technical Risk: medium
Likelihood of Exploitation: medium
Vendor: e107
Vendor URL: http://www.e107.org
Credits: FOXMOLE employee Tim Herres
Advisory URL:...
Categories:

[security bulletin] HPSBHF03682 rev.1 - HPE Comware 7 Network Products using SSL/TLS, Local Gain Privileged Access

November 30, 2016 - 12:48pm

Posted by security-alert on Nov 30

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05341463

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05341463
Version: 1

HPSBHF03682 rev.1 - HPE Comware 7 Network Products using SSL/TLS, Local Gain
Privileged Access

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2016-11-23
Last...
Categories:

[RT-SA-2016-003] Less.js: Compilation of Untrusted LESS Files May Lead to Code Execution through the JavaScript Less Compiler

November 30, 2016 - 7:05am

Posted by RedTeam Pentesting GmbH on Nov 30

Advisory: Less.js: Compilation of Untrusted LESS Files May Lead to Code
Execution through the JavaScript Less Compiler

RedTeam Pentesting discovered behaviour in the Less.js compiler,
which allows execution of arbitrary code if an untrusted LESS file is
compiled.

Details
=======

Product: Less Compiler
Affected Versions: probably all versions
Fixed Versions: none
Vulnerability Type: Code Execution
Security Risk: low
Vendor URL:...
Categories:

XSS in tooltip plugin of Zurb Foundation 5

November 29, 2016 - 6:44am

Posted by Winni Neessen on Nov 29

XSS vulnerabilty in the tooltip plugin of Zurb Foundation 5.x
=============================================================

URL to this advisory: https://nop.li/foundation5tooltipxss

Vendor
======
http://zurb.com/

Product
=======
(Taken from http://foundation.zurb.com/sites/docs/v/5.5.3/)
Foundation is the most advanced, responsive front-end framework in the
world. The framework is mobile
friendly and ready for you to customize it any way you...
Categories:

Google Chrome Accessibility blink::Node corruption details

November 29, 2016 - 6:28am

Posted by Berend-Jan Wever on Nov 29

Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the
twenty-first entry in that series. Unfortunately I won't be able to
publish everything within one month at the current rate, so I may
continue to publish these through December and January.

The below information is available in more detail on my blog at
http://blog.skylined.nl/20161129001.html. There you...
Categories: