BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 32 min 27 sec ago

ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability

January 10, 2017 - 2:29pm

Posted by EMC Product Security Response Center on Jan 10

ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability

EMC Identifier: ESA-2016-096
CVE Identifier: CVE-2016-0917
Severity Rating: CVSS v3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected products:
EMC Software: EMC VNX2 Operating Environment for File versions prior to 8.1.9.155
EMC Software: EMC VNX1 Operating Environment for File versions prior to 7.1.80.3
EMC Software: EMC VNXe3200...
Categories:

Directadmin ControlPanel 1.50.1 Cross-Site-Scripting Vulnerability

January 10, 2017 - 10:13am

Posted by iedb . team on Jan 10

DirectAdmin Control Panel version 1.50.1 suffers from a cross site scripting vulnerability.

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@
# @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@
# @@@ @@@ @@@ @@ @@@ @@ @@@ @@@...
Categories:

QuickBooks 2017 Admin Credentials Disclosure

January 6, 2017 - 2:40pm

Posted by info on Jan 06

+ Credits: Maxim Tomashevich
+ Website: https://www.thegrideon.com/quickbooks-forensics.html
+ Details: https://www.thegrideon.com/qb-internals-2017.html

Vendor:
---------------------
www.intuit.com
www.intuit.ca

Product:
---------------------
QuickBooks Desktop
versions: 2017

Vulnerability Type:
---------------------
Admin Credentials Disclosure

Vulnerability Details:
---------------------
Unattended access is the major security risk in...
Categories: