Feed aggregator

[SECURITY] [DSA 3314-1] typo3-src end of life

BugTraq Latest Security Advisories - July 24, 2015 - 6:26am

Posted by Moritz Muehlenhoff on Jul 24

-------------------------------------------------------------------------
Debian Security Advisory DSA-3314-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
July 23, 2015 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : typo3-src

Upstream security support for Typo3 4.5.x ended...
Categories:

next-20150724: linux-next

Linux Kernel Updates - July 24, 2015 - 12:52am
Version:next-20150724 (linux-next) Released:2015-07-24

Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser

BugTraq Latest Security Advisories - July 23, 2015 - 1:58pm

Posted by Qualys Security Advisory on Jul 23

Hello, it is July 23, 2015, 17:00 UTC, the Coordinated Release Date for
CVE-2015-3245 and CVE-2015-3246. Please find our advisory below, and
our exploit attached.

Qualys Security Advisory

CVE-2015-3245 userhelper chfn() newline filtering

CVE-2015-3246 libuser passwd file handling

--[ Summary ]-----------------------------------------------------------------

The libuser library implements a standardized interface for manipulating
and...
Categories:

Bugtraq: Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability

Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability
Categories:

ThaiWeb CMS 2015Q3 - SQL Injection Web Vulnerability

BugTraq Latest Security Advisories - July 23, 2015 - 8:57am

Posted by Vulnerability Lab on Jul 23

Document Title:
===============
ThaiWeb CMS 2015Q3 - SQL Injection Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1555

Release Date:
=============
2015-07-23

Vulnerability Laboratory ID (VL-ID):
====================================
1555

Common Vulnerability Scoring System:
====================================
8.6

Product & Service Introduction:...
Categories:

Bugtraq: Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability

Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability
Categories:

[SECURITY] [DSA 3313-1] linux security update

BugTraq Latest Security Advisories - July 23, 2015 - 5:58am

Posted by Salvatore Bonaccorso on Jul 23

-------------------------------------------------------------------------
Debian Security Advisory DSA-3313-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
July 23, 2015 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2015-3290 CVE-2015-3291...
Categories:

Bugtraq: ESA-2015-118: EMC Avamar Directory Traversal Vulnerability

ESA-2015-118: EMC Avamar Directory Traversal Vulnerability
Categories:

next-20150723: linux-next

Linux Kernel Updates - July 23, 2015 - 1:54am
Version:next-20150723 (linux-next) Released:2015-07-23

Cisco Security Advisory: Cisco IOS Software TFTP Server Denial of Service Vulnerability

BugTraq Latest Security Advisories - July 22, 2015 - 12:54pm

Posted by Cisco Systems Product Security Incident Response Team on Jul 22

Cisco Security Advisory: Cisco IOS Software TFTP Server Denial of Service Vulnerability

Advisory ID: cisco-sa-2015722-tftp

Revision 1.0

For Public Release 2015 July 22 16:00 UTC (GMT)

------------------------------------------------------------------------------------------

Summary
=======

A vulnerability in the TFTP server feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated,
remote attacker to cause a denial of...
Categories:

Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability

BugTraq Latest Security Advisories - July 22, 2015 - 12:43pm

Posted by Cisco Systems Product Security Incident Response Team on Jul 22

Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability

Advisory ID: cisco-sa-20150722-mp

Revision 1.0

For Public Release 2015 July 22 16:00 UTC (GMT)

----------------------------------------------------------------------------------------

Summary
=======

The password change functionality in the Cisco Unified MeetingPlace Web Conferencing application could allow an
unauthenticated remote, attacker to...
Categories:

Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability

BugTraq Latest Security Advisories - July 22, 2015 - 12:31pm

Posted by Cisco Systems Product Security Incident Response Team on Jul 22

Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability

Advisory ID: cisco-sa-20150722-apic

Revision 1.0

For Public Release 2015 July 22 16:00 UTC (GMT)

-----------------------------------------------------------------------------------------

Summary
=======

A vulnerability in the cluster management configuration of the Cisco Application Policy Infrastructure Controller
(APIC) and the...
Categories:

ESA-2015-118: EMC Avamar Directory Traversal Vulnerability

BugTraq Latest Security Advisories - July 22, 2015 - 12:23pm

Posted by Security Alert on Jul 22

ESA-2015-118: EMC Avamar Directory Traversal Vulnerability

EMC Identifier: ESA-2015-118

CVE Identifier: CVE-2015-4527

Severity Rating: CVSS v2 Base Score: 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)

Affected products:

• EMC Avamar Server all versions from 7.0 to 7.1.1-145 (inclusive)
• EMC Avamar Virtual Addition (AVE) all versions from 7.0 to 7.1.1-145 (inclusive)

Summary:

EMC Avamar includes a directory traversal vulnerability...
Categories:

Bugtraq: Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02]

Security Focus Latest Security Advisories - July 22, 2015 - 12:00pm
Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02]
Categories:

Bugtraq: Multiple XSS Vulnerabilities in Paid Memberships Pro WordPress Plugin

Security Focus Latest Security Advisories - July 22, 2015 - 12:00pm
Multiple XSS Vulnerabilities in Paid Memberships Pro WordPress Plugin
Categories:

Bugtraq: SQL Injection in Count Per Day WordPress Plugin

Security Focus Latest Security Advisories - July 22, 2015 - 12:00pm
SQL Injection in Count Per Day WordPress Plugin
Categories:

Bugtraq: [SECURITY] [DSA 3312-1] cacti security update

Security Focus Latest Security Advisories - July 22, 2015 - 12:00pm
[SECURITY] [DSA 3312-1] cacti security update
Categories:

Bugtraq: NetCracker Resource Management 8.0 - SQL Injection Vulnerability

Security Focus Latest Security Advisories - July 22, 2015 - 10:45am
NetCracker Resource Management 8.0 - SQL Injection Vulnerability
Categories: