Feed aggregator

Slider Revolution/Showbiz Pro shell upload exploit

BugTraq Latest Security Advisories - November 25, 2014 - 2:46pm

Posted by simo on Nov 25

#!/usr/bin/perl
#
# Title: Slider Revolution/Showbiz Pro shell upload exploit
# Author: Simo Ben youssef
# Contact: Simo_at_Morxploit_com
# Discovered: 15 October 2014
# Coded: 15 October 2014
# Updated: 25 November 2014
# Published: 25 November 2014
# MorXploit Research
# http://www.MorXploit.com
# Vendor: ThemePunch
# Vendor url: http://themepunch.com
# Software: Revslider/Showbiz Pro
# Versions: <= 3.0.95 (Revslider) / Version: <= 1.7.1...
Categories:

[security bulletin] HPSBST03148 rev.1 - HP StoreOnce Gen 2 Backup Systems running Bash Shell, Remote Code Execution

BugTraq Latest Security Advisories - November 25, 2014 - 2:35pm

Posted by security-alert on Nov 25

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04479974

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04479974
Version: 1

HPSBST03148 rev.1 - HP StoreOnce Gen 2 Backup Systems running Bash Shell,
Remote Code Execution

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date:...
Categories:

[security bulletin] HPSBMU03214 rev.1 - HP Systinet running SSLv3, Remote Disclosure of Information

BugTraq Latest Security Advisories - November 25, 2014 - 2:27pm

Posted by security-alert on Nov 25

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04510286

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04510286
Version: 1

HPSBMU03214 rev.1 - HP Systinet running SSLv3, Remote Disclosure of
Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-11-25
Last...
Categories:

Bugtraq: [ MDVSA-2014:226 ] imagemagick

Security Focus Latest Security Advisories - November 25, 2014 - 1:30pm
[ MDVSA-2014:226 ] imagemagick
Categories:

Bugtraq: [ MDVSA-2014:225 ] ruby

Security Focus Latest Security Advisories - November 25, 2014 - 1:30pm
[ MDVSA-2014:225 ] ruby
Categories:

Bugtraq: [oCERT 2014-008] libFLAC multiple issues

Security Focus Latest Security Advisories - November 25, 2014 - 1:30pm
[oCERT 2014-008] libFLAC multiple issues
Categories:

Bugtraq: Docker 1.3.2 - Security Advisory [24 Nov 2014]

Security Focus Latest Security Advisories - November 25, 2014 - 9:45am
Docker 1.3.2 - Security Advisory [24 Nov 2014]
Categories:

[ MDVSA-2014:227 ] ffmpeg

BugTraq Latest Security Advisories - November 25, 2014 - 9:35am

Posted by security on Nov 25

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:227
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : ffmpeg
Date : November 25, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:...
Categories:

[ MDVSA-2014:226 ] imagemagick

BugTraq Latest Security Advisories - November 25, 2014 - 7:10am

Posted by security on Nov 25

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:226
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : imagemagick
Date : November 25, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:...
Categories:

[ MDVSA-2014:225 ] ruby

BugTraq Latest Security Advisories - November 25, 2014 - 7:00am

Posted by security on Nov 25

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:225
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : ruby
Date : November 25, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

next-20141125: linux-next

Linux Kernel Updates - November 25, 2014 - 6:48am
Version:next-20141125 (linux-next) Released:2014-11-25

Bugtraq: CVE-2014-8419 - CodeMeter Weak Service Permissions

Security Focus Latest Security Advisories - November 25, 2014 - 6:00am
CVE-2014-8419 - CodeMeter Weak Service Permissions
Categories:

Bugtraq: Exploit for stealing backups on WP sites with WP-DB-Backup v2.2.4 plugin

Security Focus Latest Security Advisories - November 25, 2014 - 6:00am
Exploit for stealing backups on WP sites with WP-DB-Backup v2.2.4 plugin
Categories:

[oCERT 2014-008] libFLAC multiple issues

BugTraq Latest Security Advisories - November 25, 2014 - 4:27am

Posted by Daniele Bianco on Nov 25

Description:

FLAC is an open source lossless audio codec supported by several software
and music players.

The libFLAC project, an open source library implementing reference
encoders and decoders for native FLAC and Ogg FLAC audio content,
suffers from multiple implementation issues.

In particular, a stack overflow and a heap overflow condition, which may
result in arbitrary code execution, can be triggered by passing a maliciously
crafted...
Categories:

Bugtraq: [security bulletin] HPSBUX03087 SSRT101413 rev.2 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access

Security Focus Latest Security Advisories - November 25, 2014 - 3:30am
[security bulletin] HPSBUX03087 SSRT101413 rev.2 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access
Categories:

Vuln: Multiple Asterisk Products 'funcs/func_db.c' Remote Privilege Escalation Vulnerability

Security Focus Latest Security Advisories - November 25, 2014 - 12:00am
Multiple Asterisk Products 'funcs/func_db.c' Remote Privilege Escalation Vulnerability
Categories:

Vuln: Multiple Asterisk Products Access Control List Security Bypass Vulnerability

Security Focus Latest Security Advisories - November 25, 2014 - 12:00am
Multiple Asterisk Products Access Control List Security Bypass Vulnerability
Categories:

Vuln: Asterisk Open Source 'res_pjsip_acl' Module Security Bypass Vulnerability

Security Focus Latest Security Advisories - November 25, 2014 - 12:00am
Asterisk Open Source 'res_pjsip_acl' Module Security Bypass Vulnerability
Categories:

Vuln: Asterisk Open Source PJSIP Channel Driver Denial of Service Vulnerability

Security Focus Latest Security Advisories - November 25, 2014 - 12:00am
Asterisk Open Source PJSIP Channel Driver Denial of Service Vulnerability
Categories:

Vuln: Multiple Asterisk Products ConfBridge Denial of Service Vulnerability

Security Focus Latest Security Advisories - November 25, 2014 - 12:00am
Multiple Asterisk Products ConfBridge Denial of Service Vulnerability
Categories: