Feed aggregator

Vuln: Cisco WebEx Meetings Server CVE-2014-3305 Cross Site Request Forgery Vulnerability

Security Focus Latest Security Advisories - July 27, 2014 - 11:00pm
Cisco WebEx Meetings Server CVE-2014-3305 Cross Site Request Forgery Vulnerability
Categories:

Vuln: Cobbler 'Kickstart' Value Local File Include Vulnerability

Security Focus Latest Security Advisories - July 27, 2014 - 11:00pm
Cobbler 'Kickstart' Value Local File Include Vulnerability
Categories:

Vuln: Zarafa WebAccess and WebApp Local Information Disclosure Vulnerability

Security Focus Latest Security Advisories - July 27, 2014 - 11:00pm
Zarafa WebAccess and WebApp Local Information Disclosure Vulnerability
Categories:

Vuln: PulseAudio 'pa_rtp_recv()' Function Remote Denial of Service Vulnerability

Security Focus Latest Security Advisories - July 27, 2014 - 11:00pm
PulseAudio 'pa_rtp_recv()' Function Remote Denial of Service Vulnerability
Categories:

Vuln: OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability

Security Focus Latest Security Advisories - July 27, 2014 - 11:00pm
OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
Categories:

Vuln: OpenSSL CVE-2014-0195 Memory Corruption Vulnerability

Security Focus Latest Security Advisories - July 27, 2014 - 11:00pm
OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
Categories:

Vuln: ModSecurity 'modsecurity.c' Security Bypass Vulnerability

Security Focus Latest Security Advisories - July 27, 2014 - 11:00pm
ModSecurity 'modsecurity.c' Security Bypass Vulnerability
Categories:

Vuln: CUPS Web Interface CVE-2014-3537 Local Privilege Escalation Vulnerability

Security Focus Latest Security Advisories - July 27, 2014 - 11:00pm
CUPS Web Interface CVE-2014-3537 Local Privilege Escalation Vulnerability
Categories:

Vuln: CUPS Web Interface CVE-2014-5030 Incomplete Fix Local Privilege Escalation Vulnerability

Security Focus Latest Security Advisories - July 27, 2014 - 11:00pm
CUPS Web Interface CVE-2014-5030 Incomplete Fix Local Privilege Escalation Vulnerability
Categories:

Vuln: CUPS Web Interface CVE-2014-5029 Incomplete Fix Local Privilege Escalation Vulnerability

Security Focus Latest Security Advisories - July 27, 2014 - 11:00pm
CUPS Web Interface CVE-2014-5029 Incomplete Fix Local Privilege Escalation Vulnerability
Categories:

Vuln: CUPS Web Interface CVE-2014-5031 Incomplete Fix Local Privilege Escalation Vulnerability

Security Focus Latest Security Advisories - July 27, 2014 - 11:00pm
CUPS Web Interface CVE-2014-5031 Incomplete Fix Local Privilege Escalation Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-4265 Remote Security Vulnerability

Security Focus Latest Security Advisories - July 27, 2014 - 11:00pm
Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
Categories:

Vuln: Apache HTTP Server CVE-2014-0117 Remote Denial of Service Vulnerability

Security Focus Latest Security Advisories - July 27, 2014 - 11:00pm
Apache HTTP Server CVE-2014-0117 Remote Denial of Service Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-4262 Remote Security Vulnerability

Security Focus Latest Security Advisories - July 27, 2014 - 11:00pm
Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
Categories:

3.16-rc7: mainline

Linux Kernel Updates - July 27, 2014 - 2:42pm
Version:3.16-rc7 (mainline) Released:2014-07-27 Source:linux-3.16-rc7.tar.xz PGP Signature:linux-3.16-rc7.tar.sign Patch:patch-3.16-rc7.xz

Barracuda Networks Firewall 6.1.5 - Filter Bypass & Persistent Vulnerabilities

BugTraq Latest Security Advisories - July 25, 2014 - 10:36am

Posted by Vulnerability Lab on Jul 25

Document Title:
===============
Barracuda Networks Firewall 6.1.5 - Filter Bypass & Persistent Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1065

Barracuda Networks Security ID (BNSEC): BNSEC-2067
https://www.barracuda.com/support/knowledgebase/501600000013oia

Video: http://www.vulnerability-lab.com/get_content.php?id=1208

View Video:...
Categories:

Easy file sharing web server - persist XSS in forum msgs

BugTraq Latest Security Advisories - July 25, 2014 - 10:18am

Posted by joseph . giron13 on Jul 25

I saw a posting a month or 2 ago for a BOF in an FTP server belonging to EFS Software here:
http://www.securityfocus.com/bid/19243
At first there was no additional details provided and I hunted up and down before finding it after some fuzzing (stack
smash in password).

While on the hunt, I found one not listed.

Easy file sharing web server - XSS in forum messages.

Its persistent XSS. Don't see that much these days. The BB code (which...
Categories:

Bugtraq: [SECURITY] [DSA 2988-1] transmission security update

Security Focus Latest Security Advisories - July 25, 2014 - 10:15am
[SECURITY] [DSA 2988-1] transmission security update
Categories:

[SECURITY] [DSA 2989-1] apache2 security update

BugTraq Latest Security Advisories - July 25, 2014 - 9:58am

Posted by Stefan Fritsch on Jul 25

-------------------------------------------------------------------------
Debian Security Advisory DSA-2989-1 security () debian org
http://www.debian.org/security/ Stefan Fritsch
July 24, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : apache2
CVE ID : CVE-2014-0118 CVE-2014-0226...
Categories:

Security advisory for Bugzilla 4.5.5, 4.4.5, 4.2.10, and 4.0.14

BugTraq Latest Security Advisories - July 25, 2014 - 9:39am

Posted by dkl on Jul 25

Summary
=======

Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issue has been discovered
in Bugzilla:

* An attacker can get access to some bug information using
the victim's credentials using a specially crafted HTML page.

All affected installations are encouraged to upgrade as soon as
possible.

Vulnerability Details
=====================

Class: Cross Site Request...
Categories: