BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 1 hour 2 min ago

Vulnerabilities in Ekahau Real-Time Location Tracking System [MZ-14-01]

December 15, 2014 - 6:13am

Posted by modzero on Dec 15

Merry Christmas.

---------------------------------------------------------------------

http://www.modzero.ch/advisories/MZ-14-01-Ekahau-RTLS.txt

---------------------------------------------------------------------

modzero Security Advisory: Vulnerabilities in Ekahau
Real-Time Location System [MZ-14-01] - CVE-ID: CVE-2014-2716

-----------------------------------------------------------------v1.3

Table of Contents

1. Timeline
2. Summary...
Categories:

[ MDVSA-2014:242 ] yaml

December 15, 2014 - 2:07am

Posted by security on Dec 15

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:242
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : yaml
Date : December 14, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

[SECURITY] [DSA 3103-1] libyaml-libyaml-perl security update

December 15, 2014 - 1:58am

Posted by Salvatore Bonaccorso on Dec 15

-------------------------------------------------------------------------
Debian Security Advisory DSA-3103-1 security () debian org
http://www.debian.org/security/ Salvatore Bonaccorso
December 13, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : libyaml-libyaml-perl
CVE ID : CVE-2014-9130
Debian...
Categories:

[SECURITY] [DSA 3102-1] libyaml security update

December 15, 2014 - 1:50am

Posted by Salvatore Bonaccorso on Dec 15

-------------------------------------------------------------------------
Debian Security Advisory DSA-3102-1 security () debian org
http://www.debian.org/security/ Salvatore Bonaccorso
December 13, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : libyaml
CVE ID : CVE-2014-9130
Debian Bug :...
Categories:

Defense in depth -- the Microsoft way (part 23): two quotes or not to quote...

December 15, 2014 - 1:43am

Posted by Stefan Kanthak on Dec 15

Hi @ll,

some Windows commands/programs fail when (one of) their
command line argument(s) is/are enclosed in quotes; for
example:

%SystemRoot%\System32\FontView.Exe "<pathname>.TTF"
%SystemRoot%\System32\FONTVIEW.Exe /P "<filename>.TTF"
%SystemRoot%\System32\RunDLL32.Exe %SystemRoot%\System32\SetupAPI.Dll,InstallHinfSection <section> <flags>
"<pathname>.INF"

The failure messages shown...
Categories:

[ MDVSA-2014:238 ] bind

December 15, 2014 - 1:34am

Posted by security on Dec 15

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:238
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : bind
Date : December 13, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

[SECURITY] [DSA 3101-1] c-icap security update

December 15, 2014 - 1:27am

Posted by Salvatore Bonaccorso on Dec 15

-------------------------------------------------------------------------
Debian Security Advisory DSA-3101-1 security () debian org
http://www.debian.org/security/ Salvatore Bonaccorso
December 13, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : c-icap
CVE ID : CVE-2013-7401 CVE-2013-7402...
Categories:

[SECURITY] [DSA 3100-1] mediawiki security update

December 15, 2014 - 1:19am

Posted by Sebastien Delafond on Dec 15

-------------------------------------------------------------------------
Debian Security Advisory DSA-3100-1 security () debian org
http://www.debian.org/security/ Sebastien Delafond
December 12, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : mediawiki
CVE ID : CVE-2014-9277
Debian Bug :...
Categories:

[ MDVSA-2014:239 ] flac

December 15, 2014 - 1:10am

Posted by security on Dec 15

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:239
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : flac
Date : December 14, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

[ MDVSA-2014:243 ] phpmyadmin

December 15, 2014 - 1:04am

Posted by security on Dec 15

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:243
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : phpmyadmin
Date : December 14, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:...
Categories:

[ MDVSA-2014:244 ] openafs

December 15, 2014 - 12:58am

Posted by security on Dec 15

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:244
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : openafs
Date : December 14, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:...
Categories:

[ MDVSA-2014:245 ] mutt

December 15, 2014 - 12:51am

Posted by security on Dec 15

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:245
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : mutt
Date : December 14, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

CVE-2014-2026 Reflected Cross-Site Scripting (XSS) in "Intrexx Professional"

December 15, 2014 - 12:43am

Posted by Christian Schneider on Dec 15

CVE-2014-2026
===================
"Reflected Cross-Site Scripting (XSS)" (CWE-79) vulnerability
in "Intrexx Professional" product

Vendor
===================
United Planet GmbH

Product
===================
"Intrexx is an integrated cross-platform development environment for the creation
and operation of web-based applications, enterprise portals and intranet portals."
- source: https://en.wikipedia.org/wiki/Intrexx...
Categories:

CVE-2014-2025 Remote Code Execution (RCE) in "Intrexx Professional"

December 15, 2014 - 12:36am

Posted by Christian Schneider on Dec 15

CVE-2014-2025
===================
"Remote Code Execution (RCE) via Unrestricted File Upload" (CWE-434) vulnerability
in "Intrexx Professional" product

Vendor
===================
United Planet GmbH

Product
===================
"Intrexx is an integrated cross-platform development environment for the creation
and operation of web-based applications, enterprise portals and intranet portals."
- source:...
Categories:

[ MDVSA-2014:251 ] rpm

December 15, 2014 - 12:29am

Posted by security on Dec 15

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:251
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : rpm
Date : December 14, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

[ MDVSA-2014:250 ] cpio

December 15, 2014 - 12:22am

Posted by security on Dec 15

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:250
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : cpio
Date : December 14, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

[ MDVSA-2014:249 ] qemu

December 15, 2014 - 12:13am

Posted by security on Dec 15

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:249
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : qemu
Date : December 14, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

[ MDVSA-2014:248 ] graphviz

December 15, 2014 - 12:05am

Posted by security on Dec 15

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:248
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : graphviz
Date : December 14, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:...
Categories:

[ MDVSA-2014:247 ] jasper

December 14, 2014 - 11:57pm

Posted by security on Dec 15

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:247
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : jasper
Date : December 14, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

[ MDVSA-2014:246 ] openvpn

December 14, 2014 - 11:49pm

Posted by security on Dec 15

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:246
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : openvpn
Date : December 14, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:...
Categories: