Feed aggregator

Vuln: WPA2 Key Reinstallation Multiple Security Weaknesses

Security Focus Latest Security Advisories - October 16, 2017 - 11:00pm
WPA2 Key Reinstallation Multiple Security Weaknesses
Categories:

4.1.45: longterm

Linux Kernel Updates - October 16, 2017 - 5:55pm
Version:4.1.45 (longterm) Released:2017-10-16 Source:linux-4.1.45.tar.xz PGP Signature:linux-4.1.45.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-4.1.45

next-20171016: linux-next

Linux Kernel Updates - October 16, 2017 - 3:01pm
Version:next-20171016 (linux-next) Released:2017-10-16

[SECURITY] [DSA 3999-1] wpa security update

BugTraq Latest Security Advisories - October 16, 2017 - 5:23am

Posted by Yves-Alexis Perez on Oct 16

-------------------------------------------------------------------------
Debian Security Advisory DSA-3999-1 security () debian org
https://www.debian.org/security/ Yves-Alexis Perez
October 16, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : wpa
CVE ID : CVE-2017-13077 CVE-2017-13078...
Categories:

Bugtraq: Advisory X41-2017-008: Multiple Vulnerabilities in Shadowsocks

Security Focus Latest Security Advisories - October 16, 2017 - 4:00am
Advisory X41-2017-008: Multiple Vulnerabilities in Shadowsocks
Categories:

SEC Consult SA-20171016-0 :: Multiple vulnerabilities in Micro Focus VisiBroker C++

BugTraq Latest Security Advisories - October 16, 2017 - 2:50am

Posted by SEC Consult Vulnerability Lab on Oct 16

SEC Consult Vulnerability Lab Security Advisory < 20171016-0 >
=======================================================================
title: Multiple vulnerabilities
product: Micro Focus VisiBroker C++
vulnerable version: 8.5 SP2
fixed version: 8.5 SP4 HF3
CVE number: CVE-2017-9281, CVE-2017-9282, CVE-2017-9283
impact: High
homepage:...
Categories:

Bugtraq: Multiple vulnerabilities in OpenText Documentum Content Server

Security Focus Latest Security Advisories - October 16, 2017 - 2:00am
Multiple vulnerabilities in OpenText Documentum Content Server
Categories:

Bugtraq: [SECURITY] [DSA 3995-1] libxfont security update

Security Focus Latest Security Advisories - October 16, 2017 - 2:00am
[SECURITY] [DSA 3995-1] libxfont security update
Categories:

Bugtraq: [SECURITY] [DSA 3994-1] nautilus security update

Security Focus Latest Security Advisories - October 16, 2017 - 2:00am
[SECURITY] [DSA 3994-1] nautilus security update
Categories:

Bugtraq: [SECURITY] [DSA 3993-1] tor security update

Security Focus Latest Security Advisories - October 16, 2017 - 2:00am
[SECURITY] [DSA 3993-1] tor security update
Categories:

[security bulletin] MFSBGN03786 rev.1 - HPE Connected Backup, Local Escalation of Privilege

BugTraq Latest Security Advisories - October 16, 2017 - 1:51am

Posted by swpmb . cyber-psrt on Oct 15

Note: the current version of the following document is available here:
https://softwaresupport.hpe.com/km/KM02987868

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: KM02987868
Version: 1

MFSBGN03786 rev.1 - HPE Connected Backup, Local Escalation of Privilege

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2017-10-13
Last Updated: 2017-10-13

Potential Security Impact: Local:...
Categories:

Advisory X41-2017-010: Command Execution in Shadowsocks-libev

BugTraq Latest Security Advisories - October 16, 2017 - 1:43am

Posted by X41 D-Sec GmbH Advisories on Oct 15

X41 D-Sec GmbH Security Advisory: X41-2017-010

Command Execution in Shadowsocks-libev
======================================

Overview
--------
Severity Rating: High
Confirmed Affected Versions: 3.1.0
Confirmed Patched Versions: N/A
Vendor: Shadowsocks
Vendor URL: https://github.com/shadowsocks/shadowsocks-libev
Vector: Local
Credit: X41 D-Sec GmbH, Niklas Abel
Status: Public
CVE: not yet assigned
Advisory-URL:...
Categories:

Advisory X41-2017-008: Multiple Vulnerabilities in Shadowsocks

BugTraq Latest Security Advisories - October 16, 2017 - 1:37am

Posted by X41 D-Sec GmbH Advisories on Oct 15

X41 D-Sec GmbH Security Advisory: X41-2017-008

Multiple Vulnerabilities in Shadowsocks
=======================================

Overview
--------
Confirmed Affected Versions: Latest commit 2ab8c6b on Sep 6
Confirmed Patched Versions: N/A
Vendor: Shadowsocks
Vendor URL: https://github.com/shadowsocks/shadowsocks/tree/master
Vector: Network
Credit: X41 D-Sec GmbH, Niklas Abel
Status: Public
Advisory-URL:...
Categories:

[RCESEC-2017-002][CVE-2017-14956] AlienVault USM v5.4.2 "/ossim/report/wizard_email.php" Cross-Site Request Forgery leading to Sensitive Information Disclosure

BugTraq Latest Security Advisories - October 16, 2017 - 1:30am

Posted by Julien Ahrens on Oct 15

RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: AlienVault USM
Vendor URL: https://www.alienvault.com
Type: Cross-Site Request Forgery [CWE-253]
Date found: 2017-09-22
Date published: 2017-10-13
CVSSv3 Score: 6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)
CVE: CVE-2017-14956

2. CREDITS
==========
This vulnerability was discovered and researched...
Categories:

Vuln: Adobe Flash Player CVE-2017-11292 Type Confusion Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - October 15, 2017 - 11:00pm
Adobe Flash Player CVE-2017-11292 Type Confusion Remote Code Execution Vulnerability
Categories:

Vuln: AlienVault USM CVE-2017-14956 Cross Site Request Forgery Vulnerability

Security Focus Latest Security Advisories - October 15, 2017 - 11:00pm
AlienVault USM CVE-2017-14956 Cross Site Request Forgery Vulnerability
Categories:

4.14-rc5: mainline

Linux Kernel Updates - October 15, 2017 - 8:01pm
Version:4.14-rc5 (mainline) Released:2017-10-16 Source:linux-4.14-rc5.tar.gz Patch:full (incremental)

Multiple vulnerabilities in OpenText Documentum Content Server

BugTraq Latest Security Advisories - October 13, 2017 - 9:56am

Posted by Andrey B. Panfilov on Oct 13

CVE Identifier: CVE-2017-15012
Vendor: OpenText
Affected products: OpenText Documentum Content Server (all versions)
Researcher: Andrey B. Panfilov
CVSS v3 Base Score: 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Fix: not available
Description:

Opentext Documentum Content Server (formerly known as EMC Documentum Content Server)
does not properly validate input of PUT_FILE RPC-command which allows any
authenticated user to hijack arbitrary file from...
Categories: