Feed aggregator

Vuln: IBM Eclipse Help System CVE-2013-0467 Information Disclosure Vulnerability

Security Focus Latest Security Advisories - August 27, 2014 - 11:00pm
IBM Eclipse Help System CVE-2013-0467 Information Disclosure Vulnerability
Categories:

Last CFP: ICETC2014 - IEEE - Poland (Deadline: Aug. 30)

BugTraq Latest Security Advisories - August 27, 2014 - 5:44am

Posted by jackie on Aug 27

ICETC2014: International Conference on Education Technologies and
Computers

Technically co-sponsored by IEEE Poland Section
Lodz University of Technology, Lodz, Poland
September 22-24, 2014
http://goo.gl/axpR5f

The International Conference on Education Technologies and Computers
(ICETC2014) will be held at Lodz University of Technology, Lodz, Poland
on September 22-24, 2014. The event will be held over three days, with
presentations...
Categories:

[SECURITY] [DSA 3012-1] eglibc security update

BugTraq Latest Security Advisories - August 27, 2014 - 5:34am

Posted by Florian Weimer on Aug 27

-------------------------------------------------------------------------
Debian Security Advisory DSA-3012-1 security () debian org
http://www.debian.org/security/ Florian Weimer
August 27, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : eglibc
CVE ID : CVE-2014-5119

Tavis Ormandy...
Categories:

SaaS Marketing platform Hubspot export vulnerability

BugTraq Latest Security Advisories - August 27, 2014 - 5:19am

Posted by ehoward on Aug 27

Hubspot is a widely used SaaS marketing platform to email all your customers, collect data about them and attract new
customers. It's is common practice to keep customer lists in Hubspot to send newsletters or other email communication.
Hubspot has hardcoded roles that grant users access to various areas of the application.

Most user activity is tracked and can be audited, EXCEPT exporting.

A marketing level user can easily export a...
Categories:

Fwd: RFC 7359 on Layer 3 Virtual Private Network (VPN) Tunnel Traffic Leakages in Dual-Stack Hosts/Networks

BugTraq Latest Security Advisories - August 27, 2014 - 5:08am

Posted by Fernando Gont on Aug 27

Folks,

FYI: <https://www.rfc-editor.org/rfc/rfc7359.txt>

Best regards,
Fernando Gont

-------- Forwarded Message --------
Subject: RFC 7359 on Layer 3 Virtual Private Network (VPN) Tunnel
Traffic Leakages in Dual-Stack Hosts/Networks
Date: Tue, 26 Aug 2014 18:23:00 -0700 (PDT)
From: rfc-editor () rfc-editor org
Reply-To: ietf () ietf org
To: ietf-announce () ietf org, rfc-dist () rfc-editor org
CC: drafts-update-ref () iana org,...
Categories:

Bugtraq: ESA-2014-081 RSA® Identity Management and Governance Authentication Bypass Vulnerability

Security Focus Latest Security Advisories - August 27, 2014 - 5:00am
ESA-2014-081 RSA® Identity Management and Governance Authentication Bypass Vulnerability
Categories:

Bugtraq: LSE Leading Security Experts GmbH - LSE-2014-07-13 - Granding Grand MA 300 - Weak Pin Verification

Security Focus Latest Security Advisories - August 27, 2014 - 5:00am
LSE Leading Security Experts GmbH - LSE-2014-07-13 - Granding Grand MA 300 - Weak Pin Verification
Categories:

Bugtraq: ntopng 1.2.0 XSS injection using monitored network traffic

Security Focus Latest Security Advisories - August 27, 2014 - 5:00am
ntopng 1.2.0 XSS injection using monitored network traffic
Categories:

Bugtraq: [security bulletin] HPSBMU03076 rev.2 - HP Systems Insight Manager (SIM) on Linux and Windows running OpenSSL, Multiple Vulnerabilities

Security Focus Latest Security Advisories - August 27, 2014 - 5:00am
[security bulletin] HPSBMU03076 rev.2 - HP Systems Insight Manager (SIM) on Linux and Windows running OpenSSL, Multiple Vulnerabilities
Categories:

Mathematica10.0.0 on Linux /tmp/MathLink vulnerability

BugTraq Latest Security Advisories - August 27, 2014 - 4:56am

Posted by paul . szabo on Aug 27

The problem reported for Mathematica is present still at version 10.0.0
for the GUI interface (the command-line interface may be "safe").

Cheers,

Paul Szabo psz () maths usyd edu au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia

---

http://seclists.org/fulldisclosure/2010/May/176
http://seclists.org/fulldisclosure/2012/Apr/157...
Categories:

Encore Discovery Solution Multiple Vulnerability Disclosure

BugTraq Latest Security Advisories - August 27, 2014 - 4:45am

Posted by Romano, Christian on Aug 27

Product: Encore Discovery Solution
Vendor: Innovative Interfaces Inc
Vulnerable Version: 4.3
Tested Version: 4.3
Vendor Notification: June 19, 2014
Public Disclosure: August 26, 2014
Vulnerability Type: Open Redirect [CWE-601]
CVE Reference: CVE-2014-5127
Risk Level: Medium
CVSSv2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Discovered and Provided: CAaNES (Computational Analysis and Network
Enterprise Solutions)

Advisory Details:

Open Redirect...
Categories:

next-20140827: linux-next

Linux Kernel Updates - August 27, 2014 - 1:07am
Version:next-20140827 (linux-next) Released:2014-08-27