Feed aggregator

[slackware-security] libsndfile (SSA:2016-039-02)

BugTraq Latest Security Advisories - February 9, 2016 - 7:47am

Posted by Slackware Security Team on Feb 09

[slackware-security] libsndfile (SSA:2016-039-02)

New libsndfile packages are available for Slackware 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/flac-1.3.1-i486-1_slack14.1.txz: Upgraded.
This update is needed by the latest version of libsndfile.
patches/packages/libsndfile-1.0.26-i486-1_slack14.1.txz: Upgraded.
This release...
Categories:

[SECURITY] [DSA 3472-1] wordpress security update

BugTraq Latest Security Advisories - February 9, 2016 - 7:39am

Posted by Salvatore Bonaccorso on Feb 09

-------------------------------------------------------------------------
Debian Security Advisory DSA-3472-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 08, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : wordpress
CVE ID : CVE-2016-2221 CVE-2016-2222...
Categories:

[SECURITY] [DSA 3470-1] qemu-kvm security update

BugTraq Latest Security Advisories - February 9, 2016 - 7:33am

Posted by Sebastien Delafond on Feb 09

-------------------------------------------------------------------------
Debian Security Advisory DSA-3470-1 security () debian org
https://www.debian.org/security/ Sebastien Delafond
February 08, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : qemu-kvm
CVE ID : CVE-2015-7295 CVE-2015-7504...
Categories:

[SECURITY] [DSA 3469-1] qemu security update

BugTraq Latest Security Advisories - February 9, 2016 - 7:25am

Posted by Sebastien Delafond on Feb 09

-------------------------------------------------------------------------
Debian Security Advisory DSA-3469-1 security () debian org
https://www.debian.org/security/ Sebastien Delafond
February 08, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : qemu
CVE ID : CVE-2015-7295 CVE-2015-7504...
Categories:

[SECURITY] [DSA 3471-1] qemu security update

BugTraq Latest Security Advisories - February 9, 2016 - 7:17am

Posted by Sebastien Delafond on Feb 09

-------------------------------------------------------------------------
Debian Security Advisory DSA-3471-1 security () debian org
https://www.debian.org/security/ Sebastien Delafond
February 08, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : qemu
CVE ID : CVE-2015-7295 CVE-2015-7504...
Categories:

Bugtraq: WordPress WP User Frontend Plugin [Unrestricted File Upload]

Security Focus Latest Security Advisories - February 9, 2016 - 6:00am
WordPress WP User Frontend Plugin [Unrestricted File Upload]
Categories:

Bugtraq: WordPress WooCommerce - Store Toolkit Plugin [Privilege Escalation]

Security Focus Latest Security Advisories - February 9, 2016 - 6:00am
WordPress WooCommerce - Store Toolkit Plugin [Privilege Escalation]
Categories:

Bugtraq: PressePortal NewsAktuell (DPA) - Multiple Vulnerabilities

Security Focus Latest Security Advisories - February 9, 2016 - 6:00am
PressePortal NewsAktuell (DPA) - Multiple Vulnerabilities
Categories:

Bugtraq: Ebay Inc (Pages) - Client Side Cross Site Scripting Vulnerabilities

Security Focus Latest Security Advisories - February 9, 2016 - 6:00am
Ebay Inc (Pages) - Client Side Cross Site Scripting Vulnerabilities
Categories:

next-20160209: linux-next

Linux Kernel Updates - February 9, 2016 - 12:20am
Version:next-20160209 (linux-next) Released:2016-02-09

WordPress WP User Frontend Plugin [Unrestricted File Upload]

BugTraq Latest Security Advisories - February 8, 2016 - 9:29am

Posted by Panagiotis Vagenas on Feb 08

* Exploit Title: WordPress WP User Frontend Plugin [Unrestricted File
Upload]
* Discovery Date: 2016-02-04
* Public Disclosure: 2016-02-08
* Exploit Author: Panagiotis Vagenas
* Contact: https://twitter.com/panVagenas
* Vendor Homepage: https://wedevs.com
* Software Link: https://wordpress.org/plugins/wp-user-frontend
* Version: 3.4.6
* Tested on: WordPress 4.4.2
* Category: WebApps, WordPress

Description
-----------

WordPress plugin _WP User...
Categories:

Bugtraq: Alsovalue CMS 2016Q1 - SQL Injection Web Vulnerability

Security Focus Latest Security Advisories - February 8, 2016 - 9:00am
Alsovalue CMS 2016Q1 - SQL Injection Web Vulnerability
Categories:

WordPress WooCommerce - Store Toolkit Plugin [Privilege Escalation]

BugTraq Latest Security Advisories - February 8, 2016 - 7:58am

Posted by Panagiotis Vagenas on Feb 08

* Exploit Title: WordPress WooCommerce - Store Toolkit Plugin [Privilege
Escalation]
* Discovery Date: 2016-02-06
* Public Disclosure Date: 2016-02-08
* Exploit Author: Panagiotis Vagenas
* Contact: https://twitter.com/panVagenas
* Vendor Homepage: http://www.visser.com.au/
* Software Link: https://wordpress.org/plugins/woocommerce-store-toolkit/
* Version: 1.5.5
* Tested on: WordPress 4.4.2
* Category: webapps

Description
-----------

The...
Categories:

PressePortal NewsAktuell (DPA) - Multiple Vulnerabilities

BugTraq Latest Security Advisories - February 8, 2016 - 7:48am

Posted by Vulnerability Lab on Feb 08

Document Title:
===============
PressePortal NewsAktuell (DPA) - Multiple Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1676

Vulnerability Magazine:
http://magazine.vulnerability-db.com/?q=articles/2016/02/08/researcher-uncovers-multiple-sql-injection-vulnerabilities-dpa-presseportal

Release Date:
=============
2016-02-08

Vulnerability Laboratory ID (VL-ID):...
Categories:

Ebay Inc (Pages) - Client Side Cross Site Scripting Vulnerabilities

BugTraq Latest Security Advisories - February 8, 2016 - 7:38am

Posted by Vulnerability Lab on Feb 08

Document Title:
===============
Ebay Inc (Pages) - Client Side Cross Site Scripting Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1626

Release Date:
=============
2016-02-07

Vulnerability Laboratory ID (VL-ID):
====================================
1626

Common Vulnerability Scoring System:
====================================
3.4

Product & Service Introduction:...
Categories:

Alsovalue CMS 2016Q1 - SQL Injection Web Vulnerability

BugTraq Latest Security Advisories - February 8, 2016 - 7:27am

Posted by Vulnerability Lab on Feb 08

Document Title:
===============
Alsovalue CMS 2016Q1 - SQL Injection Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1714

Release Date:
=============
2016-02-08

Vulnerability Laboratory ID (VL-ID):
====================================
1714

Common Vulnerability Scoring System:
====================================
7.7

Abstract Advisory Information:
==============================...
Categories:

Getdpd BB #4 - (name) Persistent Validation Vulnerability

BugTraq Latest Security Advisories - February 8, 2016 - 7:17am

Posted by Vulnerability Lab on Feb 08

Document Title:
===============
Getdpd BB #4 - (name) Persistent Validation Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1568

ID: #14772

Release Date:
=============
2016-02-08

Vulnerability Laboratory ID (VL-ID):
====================================
1568

Common Vulnerability Scoring System:
====================================
3.8

Product & Service Introduction:...
Categories:

Getdpd BB #5 - Persistent Filename Vulnerability

BugTraq Latest Security Advisories - February 8, 2016 - 7:08am

Posted by Vulnerability Lab on Feb 08

Document Title:
===============
Getdpd BB #5 - Persistent Filename Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1569

ID: #14773

Release Date:
=============
2016-02-05

Vulnerability Laboratory ID (VL-ID):
====================================
1569

Common Vulnerability Scoring System:
====================================
4.2

Product & Service Introduction:...
Categories:

Bugtraq: Symphony CMS multiple vulnerabilities

Security Focus Latest Security Advisories - February 8, 2016 - 7:00am
Symphony CMS multiple vulnerabilities
Categories:

Bugtraq: WordPress User Meta Manager Plugin [Information Disclosure]

Security Focus Latest Security Advisories - February 8, 2016 - 7:00am
WordPress User Meta Manager Plugin [Information Disclosure]
Categories: