Feed aggregator

Easy file sharing web server - persist XSS in forum msgs

BugTraq Latest Security Advisories - July 25, 2014 - 10:18am

Posted by joseph . giron13 on Jul 25

I saw a posting a month or 2 ago for a BOF in an FTP server belonging to EFS Software here:
http://www.securityfocus.com/bid/19243
At first there was no additional details provided and I hunted up and down before finding it after some fuzzing (stack
smash in password).

While on the hunt, I found one not listed.

Easy file sharing web server - XSS in forum messages.

Its persistent XSS. Don't see that much these days. The BB code (which...
Categories:

Bugtraq: [SECURITY] [DSA 2988-1] transmission security update

Security Focus Latest Security Advisories - July 25, 2014 - 10:15am
[SECURITY] [DSA 2988-1] transmission security update
Categories:

[SECURITY] [DSA 2989-1] apache2 security update

BugTraq Latest Security Advisories - July 25, 2014 - 9:58am

Posted by Stefan Fritsch on Jul 25

-------------------------------------------------------------------------
Debian Security Advisory DSA-2989-1 security () debian org
http://www.debian.org/security/ Stefan Fritsch
July 24, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : apache2
CVE ID : CVE-2014-0118 CVE-2014-0226...
Categories:

Security advisory for Bugzilla 4.5.5, 4.4.5, 4.2.10, and 4.0.14

BugTraq Latest Security Advisories - July 25, 2014 - 9:39am

Posted by dkl on Jul 25

Summary
=======

Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issue has been discovered
in Bugzilla:

* An attacker can get access to some bug information using
the victim's credentials using a specially crafted HTML page.

All affected installations are encouraged to upgrade as soon as
possible.

Vulnerability Details
=====================

Class: Cross Site Request...
Categories:

[SECURITY] [DSA 2988-1] transmission security update

BugTraq Latest Security Advisories - July 25, 2014 - 9:20am

Posted by Moritz Muehlenhoff on Jul 25

-------------------------------------------------------------------------
Debian Security Advisory DSA-2988-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
July 24, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : transmission
CVE ID : CVE-2014-4909

Ben Hawkes...
Categories:

Bugtraq: Barracuda Networks Firewall 6.1.2 #36 - Filter Bypass & Exception Handling Vulnerability + PoC Video BNSEC-2398

Barracuda Networks Firewall 6.1.2 #36 - Filter Bypass & Exception Handling Vulnerability + PoC Video BNSEC-2398
Categories:

Bugtraq: [slackware-security] mozilla-thunderbird (SSA:2014-204-03)

[slackware-security] mozilla-thunderbird (SSA:2014-204-03)
Categories:

Bugtraq: [slackware-security] mozilla-firefox (SSA:2014-204-02)

[slackware-security] mozilla-firefox (SSA:2014-204-02)
Categories:

Bugtraq: [slackware-security] httpd (SSA:2014-204-01)

[slackware-security] httpd (SSA:2014-204-01)
Categories:

next-20140725: linux-next

Linux Kernel Updates - July 25, 2014 - 5:08am
Version:next-20140725 (linux-next) Released:2014-07-25

Vuln: Barracuda Networks Web Firewall Multiple HTML Injection Vulnerabilities

Security Focus Latest Security Advisories - July 24, 2014 - 11:00pm
Barracuda Networks Web Firewall Multiple HTML Injection Vulnerabilities
Categories:

Vuln: Microsoft Internet Explorer CVE-2014-2813 Remote Memory Corruption Vulnerability

Security Focus Latest Security Advisories - July 24, 2014 - 11:00pm
Microsoft Internet Explorer CVE-2014-2813 Remote Memory Corruption Vulnerability
Categories:

Vuln: Microsoft Internet Explorer CVE-2014-2806 Remote Memory Corruption Vulnerability

Security Focus Latest Security Advisories - July 24, 2014 - 11:00pm
Microsoft Internet Explorer CVE-2014-2806 Remote Memory Corruption Vulnerability
Categories:

Vuln: Cisco WebEx Meetings Server CVE-2014-3301 Information Disclosure Vulnerability

Security Focus Latest Security Advisories - July 24, 2014 - 11:00pm
Cisco WebEx Meetings Server CVE-2014-3301 Information Disclosure Vulnerability
Categories:

Vuln: Apache HTTP Server 'mod_cache' Module Remote Denial of Service Vulnerability

Security Focus Latest Security Advisories - July 24, 2014 - 11:00pm
Apache HTTP Server 'mod_cache' Module Remote Denial of Service Vulnerability
Categories:

Vuln: BulletProof FTP Client Local Buffer Overflow Vulnerability

Security Focus Latest Security Advisories - July 24, 2014 - 11:00pm
BulletProof FTP Client Local Buffer Overflow Vulnerability
Categories:

Vuln: Apple QuickTime 'mvhd' Atom Heap Memory Corruption Vulnerability

Security Focus Latest Security Advisories - July 24, 2014 - 11:00pm
Apple QuickTime 'mvhd' Atom Heap Memory Corruption Vulnerability
Categories:

Vuln: Siemens SIMATIC WinCC and PCS 7 CVE-2014-4685 Local Privilege Escalation Vulnerability

Security Focus Latest Security Advisories - July 24, 2014 - 11:00pm
Siemens SIMATIC WinCC and PCS 7 CVE-2014-4685 Local Privilege Escalation Vulnerability
Categories:

Vuln: Siemens SIMATIC WinCC and PCS7 Database Server Remote Privilege Escalation Vulnerability

Security Focus Latest Security Advisories - July 24, 2014 - 11:00pm
Siemens SIMATIC WinCC and PCS7 Database Server Remote Privilege Escalation Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-0453 Remote Security Vulnerability

Security Focus Latest Security Advisories - July 24, 2014 - 11:00pm
Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
Categories: