Feed aggregator

[slackware-security] mutt (SSA:2015-111-07)

BugTraq Latest Security Advisories - April 22, 2015 - 1:13pm

Posted by Slackware Security Team on Apr 22

[slackware-security] mutt (SSA:2015-111-07)

New mutt packages are available for Slackware 13.37, 14.0, 14.1, and -current
to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mutt-1.5.23-i486-2_slack14.1.txz: Rebuilt.
Patched a vulnerability where malformed headers can cause mutt to crash.
For more information, see:...
Categories:

[slackware-security] libssh (SSA:2015-111-04)

BugTraq Latest Security Advisories - April 22, 2015 - 1:03pm

Posted by Slackware Security Team on Apr 22

[slackware-security] libssh (SSA:2015-111-04)

New libssh packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/libssh-0.6.4-i486-1_slack14.1.txz: Upgraded.
This update fixes some security issues.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0017...
Categories:

[slackware-security] qt (SSA:2015-111-13)

BugTraq Latest Security Advisories - April 22, 2015 - 12:55pm

Posted by Slackware Security Team on Apr 22

[slackware-security] qt (SSA:2015-111-13)

New qt packages are available for Slackware 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/qt-4.8.6-i486-1_slack14.1.txz: Upgraded.
Fixed issues with BMP, ICO, and GIF handling that could lead to a denial
of service or the execution of arbitrary code when processing malformed
images.
For more...
Categories:

[slackware-security] mozilla-thunderbird (SSA:2015-111-06)

BugTraq Latest Security Advisories - April 22, 2015 - 12:47pm

Posted by Slackware Security Team on Apr 22

[slackware-security] mozilla-thunderbird (SSA:2015-111-06)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mozilla-thunderbird-31.6.0-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...
Categories:

[slackware-security] mozilla-firefox (SSA:2015-111-05)

BugTraq Latest Security Advisories - April 22, 2015 - 12:14pm

Posted by Slackware Security Team on Apr 22

[slackware-security] mozilla-firefox (SSA:2015-111-05)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-31.6.0esr-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...
Categories:

[security bulletin] HPSBGN03308 rev.1 - HP TippingPoint Security Management System (SMS) and TippingPoint Virtual Security Management System (vSMS), Remote Code Execution

BugTraq Latest Security Advisories - April 22, 2015 - 11:48am

Posted by security-alert on Apr 22

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04626974

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04626974
Version: 1

HPSBGN03308 rev.1 - HP TippingPoint Security Management System (SMS) and
TippingPoint Virtual Security Management System (vSMS), Remote Code Execution

NOTICE: The information in this Security Bulletin should be...
Categories:

Bugtraq: iPassword Manager v2.6 iOS - Persistent Vulnerabilities

Security Focus Latest Security Advisories - April 22, 2015 - 11:15am
iPassword Manager v2.6 iOS - Persistent Vulnerabilities
Categories:

Multiple Cross-Site Scripting (XSS) in FreePBX

BugTraq Latest Security Advisories - April 22, 2015 - 9:11am

Posted by High-Tech Bridge Security Research on Apr 22

Advisory ID: HTB23253
Product: FreePBX
Vendor: Sangoma Technologies
Vulnerable Version(s): 12.0.43 and probably prior
Tested Version: 12.0.43
Advisory Publication: March 18, 2015 [without technical details]
Vendor Notification: March 18, 2015
Vendor Patch: March 27, 2015
Public Disclosure: April 22, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2015-2690
Risk Level: Low
CVSSv2 Base Score: 2.6...
Categories:

Netgear WNR2000v4 Multiple Vulnerabilities

BugTraq Latest Security Advisories - April 22, 2015 - 9:00am

Posted by endeavor on Apr 22

I'm releasing a few vulnerabilities for the WNR2000v4 Netgear router.
Netgear is currently working these issues.

Quick Fix
---------

If you own a WNR2000v4, set a strong password and set security questions
to jibberish.

Timeline
--------

FEB2015 - "MW" Volunteers to be victim to router pwning games.
06MAR2015 - WNR2000v4 Arrives
12MAR2015 - Exploit complete
13MAR2015 - Exploit demoed
~01APR2015 - MW switches to DD-WRT...
Categories:

Bugtraq: Apple iOS 8.0 - 8.0.2 - Controls Re Auth Bypass Vulnerability

Security Focus Latest Security Advisories - April 22, 2015 - 8:45am
Apple iOS 8.0 - 8.0.2 - Controls Re Auth Bypass Vulnerability
Categories:

Bugtraq: Reflected XSS Vulnerability In Manage Engine Event Log Analyzer

Security Focus Latest Security Advisories - April 22, 2015 - 8:45am
Reflected XSS Vulnerability In Manage Engine Event Log Analyzer
Categories:

[SECURITY] [DSA 3232-1] curl security update

BugTraq Latest Security Advisories - April 22, 2015 - 7:45am

Posted by Alessandro Ghedini on Apr 22

-------------------------------------------------------------------------
Debian Security Advisory DSA-3232-1 security () debian org
http://www.debian.org/security/ Alessandro Ghedini
April 22, 2015 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : curl
CVE ID : CVE-2015-3143 CVE-2015-3144...
Categories:

iPassword Manager v2.6 iOS - Persistent Vulnerabilities

BugTraq Latest Security Advisories - April 22, 2015 - 7:36am

Posted by Vulnerability Lab on Apr 22

Document Title:
===============
iPassword Manager v2.6 iOS - Persistent Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1453

Release Date:
=============
2015-04-21

Vulnerability Laboratory ID (VL-ID):
====================================
1455

Common Vulnerability Scoring System:
====================================
3.7

Product & Service Introduction:...
Categories:

Bugtraq: Reflected XSS Vulnerability In Manage Engine Firewall Analyzer

Security Focus Latest Security Advisories - April 22, 2015 - 7:30am
Reflected XSS Vulnerability In Manage Engine Firewall Analyzer
Categories:

Bugtraq: Stored Cross Site Scripting Vulnerability in Add Link to Facebook WordPress Plugin

Security Focus Latest Security Advisories - April 22, 2015 - 7:30am
Stored Cross Site Scripting Vulnerability in Add Link to Facebook WordPress Plugin
Categories:

Bugtraq: [SECURITY] [DSA 3231-1] subversion security update

Security Focus Latest Security Advisories - April 22, 2015 - 7:30am
[SECURITY] [DSA 3231-1] subversion security update
Categories:

Apple iOS 8.0 - 8.0.2 - Controls Re Auth Bypass Vulnerability

BugTraq Latest Security Advisories - April 22, 2015 - 7:27am

Posted by Vulnerability Lab on Apr 22

Document Title:
===============
Apple iOS 8.0 - 8.0.2 - Controls Re Auth Bypass Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1322

Video: http://www.vulnerability-lab.com/get_content.php?id=1334

Release Date:
=============
2015-03-02

Vulnerability Laboratory ID (VL-ID):
====================================
1322

Common Vulnerability Scoring System:...
Categories:

next-20150422: linux-next

Linux Kernel Updates - April 21, 2015 - 11:26pm
Version:next-20150422 (linux-next) Released:2015-04-22

Reflected XSS Vulnerability In Manage Engine Event Log Analyzer

BugTraq Latest Security Advisories - April 21, 2015 - 3:17pm

Posted by kkulkarni on Apr 21

========================================================================
=======
Reflected XSS Vulnerability In Manage Engine Event Log Analyzer
========================================================================
=======

. contents:: Table Of Content

Overview
========

* Title : Reflected XSS Vulnerability in XSS In Manage Engine Event Log Analyzer
* Author: Kapil Kulkarni
* Plugin Homepage: https://www.manageengine.com/products/eventlog/...
Categories:

Reflected XSS Vulnerability In Manage Engine Firewall Analyzer

BugTraq Latest Security Advisories - April 21, 2015 - 3:09pm

Posted by kkulkarni on Apr 21

========================================================================
=======Reflected XSS Vulnerability In Manage Engine Firewall Analyzer
========================================================================
=======

. contents:: Table Of Content

Overview
========

* Title : Reflected XSS Vulnerability in XSS In Manage Engine Firewall Analyzer
* Author: Kapil Kulkarni
* Plugin Homepage:...
Categories: