Feed aggregator

Bugtraq: Defense in depth -- the Microsoft way (part 22): no DEP in Windows' filesystem (and ASLR barely used)

Defense in depth -- the Microsoft way (part 22): no DEP in Windows' filesystem (and ASLR barely used)
Categories:

Bugtraq: [security bulletin] HPSBGN03209 rev.1 - HP Application Lifecycle Management running SSLv3, Remote Disclosure of Information

[security bulletin] HPSBGN03209 rev.1 - HP Application Lifecycle Management running SSLv3, Remote Disclosure of Information
Categories:

Bugtraq: [ MDVSA-2014:233 ] wordpress

[ MDVSA-2014:233 ] wordpress
Categories:

Bugtraq: [SECURITY] [DSA 3078-1] libksba security update

[SECURITY] [DSA 3078-1] libksba security update
Categories:

More rss feeds from SecurityFocus

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
Categories:

next-20141128: linux-next

Linux Kernel Updates - 2 hours 34 min ago
Version:next-20141128 (linux-next) Released:2014-11-28

Defense in depth -- the Microsoft way (part 22): no DEP in Windows' filesystem (and ASLR barely used)

BugTraq Latest Security Advisories - 5 hours 39 min ago

Posted by Stefan Kanthak on Nov 28

Hi @ll,

more than 20 years ago Microsoft introduced the NTFS filesystem
(supporting ACLs) and "user profiles" to separate user data
(with emphasis on "data") from the OS and each other.

More than 13 years ago Microsoft introduced "software restriction
policies" alias SAFER (<https://support.microsoft.com/kb/310791>,
<https://support.microsoft.com/kb/324036>,
<...
Categories:

[security bulletin] HPSBGN03209 rev.1 - HP Application Lifecycle Management running SSLv3, Remote Disclosure of Information

BugTraq Latest Security Advisories - 5 hours 49 min ago

Posted by security-alert on Nov 28

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04509419

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04509419
Version: 1

HPSBGN03209 rev.1 - HP Application Lifecycle Management running SSLv3, Remote
Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date:...
Categories:

Bugtraq: [KIS-2014-13] Tuleap <= 7.6-4 (register.php) PHP Object Injection Vulnerability

[KIS-2014-13] Tuleap <= 7.6-4 (register.php) PHP Object Injection Vulnerability
Categories:

Bugtraq: [ MDVSA-2014:232 ] glibc

[ MDVSA-2014:232 ] glibc
Categories:

Vuln: libFLAC 'src/libFLAC/stream_decoder.c' Heap Buffer Overflow Vulnerability

libFLAC 'src/libFLAC/stream_decoder.c' Heap Buffer Overflow Vulnerability
Categories:

Vuln: OpenSSL CVE-2014-3470 Denial of Service Vulnerability

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
Categories:

Vuln: WordPress Password Check Denial of Service Vulnerability

WordPress Password Check Denial of Service Vulnerability
Categories:

Vuln: Libksba 'ksba_oid_to_str() Function Buffer Overflow Vulnerability

Libksba 'ksba_oid_to_str() Function Buffer Overflow Vulnerability
Categories:

Vuln: WordPress Cross Site Request Forgery Vulnerability

WordPress Cross Site Request Forgery Vulnerability
Categories:

Vuln: WordPress Password Reset Email Security Bypass Vulnerability

WordPress Password Reset Email Security Bypass Vulnerability
Categories:

Vuln: Polarssl Multiple Security Vulnerabilities

Polarssl Multiple Security Vulnerabilities
Categories:

Vuln: PolarSSL Unspecified Memory Corruption Vulnerability

PolarSSL Unspecified Memory Corruption Vulnerability
Categories:

[ MDVSA-2014:233 ] wordpress

BugTraq Latest Security Advisories - November 27, 2014 - 1:09pm

Posted by security on Nov 27

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:233
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : wordpress
Date : November 27, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:...
Categories:

Bugtraq: [ MDVSA-2014:231 ] icecast

Security Focus Latest Security Advisories - November 27, 2014 - 12:45pm
[ MDVSA-2014:231 ] icecast
Categories: