Feed aggregator

X41 D-Sec GmbH Security Advisory X41-2018-007: Multiple Vulnerabilities in mgetty

BugTraq Latest Security Advisories - September 19, 2018 - 10:34pm

Posted by X41 D-Sec GmbH Advisories on Sep 19

X41 D-Sec GmbH Security Advisory: X41-2018-007

Multiple Vulnerabilities in mgetty
==================================

Overview
--------
Confirmed Affected Versions: 1.2.0
Patched Versions: 1.2.1
Vendor: mgetty
Vendor URL: http://mgetty.greenie.net
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public
Advisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty

Summary and Impact
------------------
Multiple issues have been...
Categories:

X41 D-Sec GmbH Security Advisory X41-2018-008: Multiple Vulnerabilities in HylaFAX

BugTraq Latest Security Advisories - September 19, 2018 - 10:31pm

Posted by X41 D-Sec GmbH Advisories on Sep 19

X41 D-SEC GmbH Security Advisory: X41-2018-008

Multiple Vulnerabilities in HylaFAX
===================================

Overview
--------
Confirmed Affected Versions: HylaFAX 6.0.6, HylaFAX+ 5.6.0
Confirmed Patched Versions: HylaFAX 6.0.7, HylaFAX+ 5.6.1
Vendor: Hylafax, Hylafax+
Vendor URL: https://www.hylafax.org/, http://hylafax.sourceforge.net/
Credit: X41 D-SEC GmbH, Luis Merino, Eric Sesterhenn, Markus Vervier
Status: Public
Advisory-URL:...
Categories:

[HITB-Announce] #HITBSecConf2018PEK Call for CTF

BugTraq Latest Security Advisories - September 19, 2018 - 10:28pm

Posted by Hafez Kamal on Sep 19

JD-HITB2018 Beijing CTF + Finals of the 4th XCTF International League (XCTF Finals 2018) will take place on the 1st and
2nd of November alongside the first-ever HITB Security Conference in Beijing! Participate and stand a chance to win
cash prizes worth up to USD 2000, sponsored by DarkMatter!

The competition is co-organized by XCTF League and HITB and will be a mixed-style CTF competition, that includes both
Jeopardy style challenges and an...
Categories:

4.4.157: longterm

Linux Kernel Updates - September 19, 2018 - 3:49pm
Version:4.4.157 (longterm) Released:2018-09-19 Source:linux-4.4.157.tar.xz PGP Signature:linux-4.4.157.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-4.4.157

4.9.128: longterm

Linux Kernel Updates - September 19, 2018 - 3:47pm
Version:4.9.128 (longterm) Released:2018-09-19 Source:linux-4.9.128.tar.xz PGP Signature:linux-4.9.128.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-4.9.128

4.14.71: longterm

Linux Kernel Updates - September 19, 2018 - 3:43pm
Version:4.14.71 (longterm) Released:2018-09-19 Source:linux-4.14.71.tar.xz PGP Signature:linux-4.14.71.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-4.14.71

4.18.9: stable

Linux Kernel Updates - September 19, 2018 - 3:41pm
Version:4.18.9 (stable) Released:2018-09-19 Source:linux-4.18.9.tar.xz PGP Signature:linux-4.18.9.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-4.18.9

next-20180919: linux-next

Linux Kernel Updates - September 19, 2018 - 1:13am
Version:next-20180919 (linux-next) Released:2018-09-19

[SECURITY] [DSA 4297-1] chromium-browser security update

BugTraq Latest Security Advisories - September 19, 2018 - 12:53am

Posted by Michael Gilbert on Sep 18

-------------------------------------------------------------------------
Debian Security Advisory DSA-4297-1 security () debian org
https://www.debian.org/security/ Michael Gilbert
September 19, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : chromium-browser

Two vulnerabilities have been discovered...
Categories:

Vuln: Adobe Acrobat and Reader CVE-2018-12848 Arbitrary Code Execution Vulnerability

Security Focus Latest Security Advisories - September 18, 2018 - 11:00pm
Adobe Acrobat and Reader CVE-2018-12848 Arbitrary Code Execution Vulnerability
Categories:

Vuln: Western Digital My Cloud CVE-2018-17153 Authentication Bypass Vulnerability

Security Focus Latest Security Advisories - September 18, 2018 - 11:00pm
Western Digital My Cloud CVE-2018-17153 Authentication Bypass Vulnerability
Categories:

Vuln: Adobe Acrobat and Reader APSB18-34 Multiple Information Disclosure Vulnerabilities

Security Focus Latest Security Advisories - September 18, 2018 - 11:00pm
Adobe Acrobat and Reader APSB18-34 Multiple Information Disclosure Vulnerabilities
Categories:

Vuln: Symantec Messaging Gateway CVE-2018-12243 XML External Entity Injection Vulnerability

Security Focus Latest Security Advisories - September 18, 2018 - 11:00pm
Symantec Messaging Gateway CVE-2018-12243 XML External Entity Injection Vulnerability
Categories:

Vuln: Symantec Messaging Gateway CVE-2018-12242 Authentication Bypass Vulnerability

Security Focus Latest Security Advisories - September 18, 2018 - 11:00pm
Symantec Messaging Gateway CVE-2018-12242 Authentication Bypass Vulnerability
Categories:

Vuln: Adobe Flash Player CVE-2018-15967 Unspecified Information Disclosure Vulnerability

Security Focus Latest Security Advisories - September 18, 2018 - 11:00pm
Adobe Flash Player CVE-2018-15967 Unspecified Information Disclosure Vulnerability
Categories:

Authentication bypass vulnerability in Western Digital My Cloud allows escalation to admin privileges

BugTraq Latest Security Advisories - September 18, 2018 - 10:42pm

Posted by Securify B.V. on Sep 18

------------------------------------------------------------------------
Authentication bypass vulnerability in Western Digital My Cloud allows
escalation to admin privileges
------------------------------------------------------------------------
Remco Vermeulen, September 2018

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
It was...
Categories:

SEC Consult SA-20180918-0 :: Remote Code Execution via PHP unserialize in Moodle open-source learning platform

BugTraq Latest Security Advisories - September 18, 2018 - 10:39pm

Posted by SEC Consult Vulnerability Lab on Sep 18

SEC Consult Vulnerability Lab Security Advisory < 20180918-0 >
=======================================================================
title: Remote Code Execution via PHP unserialize
product: Moodle - Open-source learning platform
vulnerable version: 3.5 to 3.5.1, 3.4 to 3.4.4, 3.1 to 3.1.13 and
earlier unsupported versions
fixed version: 3.5.2, 3.4.5, 3.3.8 and 3.1.14
CVE...
Categories: