Feed aggregator

Vuln: Google Android NFC CVE-2017-0481 Privilege Escalation Vulnerability

Security Focus Latest Security Advisories - March 19, 2017 - 11:00pm
Google Android NFC CVE-2017-0481 Privilege Escalation Vulnerability
Categories:

4.11-rc3: mainline

Linux Kernel Updates - March 19, 2017 - 9:09pm
Version:4.11-rc3 (mainline) Released:2017-03-20 Source:linux-4.11-rc3.tar.xz PGP Signature:linux-4.11-rc3.tar.sign Patch:patch-4.11-rc3.xz

4.10.4: stable

Linux Kernel Updates - March 18, 2017 - 6:19am
Version:4.10.4 (stable) Released:2017-03-18 Source:linux-4.10.4.tar.xz PGP Signature:linux-4.10.4.tar.sign Patch:patch-4.10.4.xz (Incremental) ChangeLog:ChangeLog-4.10.4

4.9.16: longterm

Linux Kernel Updates - March 18, 2017 - 6:15am
Version:4.9.16 (longterm) Released:2017-03-18 Source:linux-4.9.16.tar.xz PGP Signature:linux-4.9.16.tar.sign Patch:patch-4.9.16.xz (Incremental) ChangeLog:ChangeLog-4.9.16

4.4.55: longterm

Linux Kernel Updates - March 18, 2017 - 6:10am
Version:4.4.55 (longterm) Released:2017-03-18 Source:linux-4.4.55.tar.xz PGP Signature:linux-4.4.55.tar.sign Patch:patch-4.4.55.xz (Incremental) ChangeLog:ChangeLog-4.4.55

MS Internet Information Services XSS / HTML Injection vulnerability

BugTraq Latest Security Advisories - March 16, 2017 - 2:05pm

Posted by David FM on Mar 16

Cross Site Scripting / HTML injection vulnerability in Microsoft
Internet Information Services web server

==================================

Versions Affected:

MS Internet Information services (All platforms and versions)

==================================

CVE Reference:

CVE-2017-0055

==================================

Vendor Fix:

Microsoft released bulletin MS017-16 and associated patches for each
affected version...
Categories:

CVE-2017-6805 MobaXterm Personal Edition v9.4 Path Traversal Remote File Disclosure

BugTraq Latest Security Advisories - March 16, 2017 - 1:56pm

Posted by hyp3rlinx on Mar 16

+] Credits: John Page AKA hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/MOBAXTERM-TFTP-PATH-TRAVERSAL
-REMOTE-FILE-ACCESS.txt
[+] ISR: ApparitionSec

Vendor:
=====================
mobaxterm.mobatek.net

Product:
===============================
MobaXterm Personal Edition v9.4

Enhanced terminal for Windows with X11 server, tabbed SSH client, network tools and much more.

Vulnerability Type:...
Categories:

SEC Consult SA-20170316-0 :: Authenticated command injection in multiple Ubiquiti Networks products

BugTraq Latest Security Advisories - March 16, 2017 - 1:46pm

Posted by SEC Consult Vulnerability Lab on Mar 16

SEC Consult Vulnerability Lab Security Advisory < 20170316-0 >
=======================================================================
title: Authenticated Command Injection
product: Multiple Ubiquiti Networks products, e.g.
TS-16-CARRIER, TS-5-POE, TS-8-PRO, AG-HP-2G16,
AG-HP-2G20, AG-HP-5G23, AG-HP-5G27, AirGrid M,
AirGrid M2, AirGrid M5, AR, AR-HP,...
Categories: