BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 17 min 35 sec ago

Glype proxy local address filter bypass

7 hours 2 min ago

Posted by Securify B.V. on Sep 23

------------------------------------------------------------------------
Glype proxy local address filter bypass
------------------------------------------------------------------------
Securify, September 2014

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A vulnerability has been identified in the Glype web-based proxy. Glype
has a...
Categories:

[security bulletin] HPSBPI03107 rev.1 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access

7 hours 11 min ago

Posted by security-alert on Sep 23

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04451722

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04451722
Version: 1

HPSBPI03107 rev.1 - Certain HP LaserJet Printers, MFPs and Certain HP
OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access

NOTICE: The information in this Security Bulletin should be acted...
Categories:

Glype proxy privacy settings can be disabled via CSRF

7 hours 19 min ago

Posted by Securify B.V. on Sep 23

------------------------------------------------------------------------
Glype proxy privacy settings can be disabled via CSRF
------------------------------------------------------------------------
Securify, September 2014

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------

A path traversal vulnerability has been identified in the Glype...
Categories:

Glype proxy cookie jar path traversal allows code execution

7 hours 28 min ago

Posted by Securify B.V. on Sep 23

------------------------------------------------------------------------
Glype proxy cookie jar path traversal allows code execution
------------------------------------------------------------------------
Securify, September 2014

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A path traversal vulnerability has been identified in the Glype...
Categories:

Re: TP-LINK WDR4300 - Stored XSS & DoS

7 hours 36 min ago

Posted by Simon Waters on Sep 23

Regarding other versions I have confirmed the TP-Link TD-W8969 v2 with latest vendor firmware has stored XSS on DHCP
host-name parameter also.

Firmware Version:0.6.0 3.1 v0019.0 Build 140514 Rel.63553n
Hardware Version:TD-W8968 v2 00000000
Categories:

[ MDVSA-2014:180 ] gnupg

7 hours 44 min ago

Posted by security on Sep 23

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:180
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : gnupg
Date : September 22, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

Re: TP-LINK WDR4300 - Stored XSS & DoS

7 hours 54 min ago

Posted by ozelisyan on Sep 23

**2014-09-16:
Vendor released a fix.

http://www.tp-link.com/resources/software/TL-WDR4300_v1_140916.zip
Categories:

Strength and Weakness of Methods to Confirm SSH Host Key

September 22, 2014 - 5:38am

Posted by John Leo on Sep 22

Monkeysphere
(advice from maxigas)
"verify your SSH key through the OpenPGP web of trust"
Strength: OpenPGP is cool if you REALLY know how to use it.
Weakness: "vote counting scheme" does not sound too cool.

"use of an organization's own HTTPS site"
(advice from Stephanie Daugherty)
In my personal opinion, this is the best solution.
Weakness: basically nothing - it's very secure.

"use DNSSEC to...
Categories:

TP-LINK WDR4300 - Stored XSS & DoS

September 22, 2014 - 5:23am

Posted by ozelisyan on Sep 22

Advisory Information
===============

Vendors Contacted: TP-LINK
Vendor Patched: Yes, Firmware 140916
System Affected: N750 Wireless Dual Band Gigabit Router (TL-WDR4300), might affect others.
Versions Affected: 130617 , possibly earlier
CVE Numbers Assigned: CVE-2014-4727, CVE-2014-4728

Vulnerabilities Description
===================

# Stored XSS -

It is possible inject javascript code via DHCP hostname field,
If the administrator will...
Categories:

[SECURITY] [DSA 3030-1] mantis security update

September 22, 2014 - 5:15am

Posted by Moritz Muehlenhoff on Sep 22

-------------------------------------------------------------------------
Debian Security Advisory DSA-3030-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
September 20, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : mantis
CVE ID : CVE-2014-1608 CVE-2014-1609...
Categories:

CVE-2014-5516 CSRF protection bypass in "KonaKart" Java eCommerce product

September 22, 2014 - 5:07am

Posted by Christian Schneider on Sep 22

CVE-2014-5516
===================
"Cross-Site Request Forgery (CSRF) protection bypass" (CWE-352) vulnerability
in "KonaKart Storefront Application" Enterprise Java eCommerce product

Vendor
===================
DS Data Systems (UK) Ltd.

Product
===================
"KonaKart is an affordable java based shopping cart software solution for online retailers.
Let KonaKart help increase your eCommerce sales."
- source:...
Categories:

[SECURITY] [DSA 3029-1] nginx security update

September 22, 2014 - 4:57am

Posted by Salvatore Bonaccorso on Sep 22

-------------------------------------------------------------------------
Debian Security Advisory DSA-3029-1 security () debian org
http://www.debian.org/security/ Salvatore Bonaccorso
September 20, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : nginx
CVE ID : CVE-2014-3616
Debian Bug :...
Categories:

Re: Multiple Vulnerabilities with Aztech Modem Routers

September 19, 2014 - 12:29pm

Posted by Federick Joe P Fajardo on Sep 19

The following CVE's have been assigned for this issues:

CVE-2014-6435 - Potential DoS attack
Link to OSVDB ID: 111432 - http://osvdb.org/show/osvdb/111432

CVE-2014-6436 - Broken Session Management
Link to OSVDB ID: 111433 - http://osvdb.org/show/osvdb/111433

CVE-2014-6437 - File and Data Exposure
Link to OSVDB ID: 111434 - http://osvdb.org/show/osvdb/111434
Link to OSVDB ID: 111435 - http://osvdb.org/show/osvdb/111435

09/01/2014 -...
Categories:

[SECURITY] [DSA 3025-2] apt regression update

September 19, 2014 - 7:00am

Posted by Salvatore Bonaccorso on Sep 19

-------------------------------------------------------------------------
Debian Security Advisory DSA-3025-2 security () debian org
http://www.debian.org/security/ Salvatore Bonaccorso
September 18, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : apt
Debian Bug : 762079

The previous update for apt,...
Categories:

AST-2014-010: Remote crash when handling out of call message in certain dialplan configurations

September 19, 2014 - 6:52am

Posted by Asterisk Security Team on Sep 19

Asterisk Project Security Advisory - AST-2014-010

Product Asterisk
Summary Remote crash when handling out of call message in
certain dialplan configurations
Nature of Advisory Remotely triggered crash of Asterisk
Susceptibility Remote authenticated sessions...
Categories:

AST-2014-009: Remote crash based on malformed SIP subscription requests

September 19, 2014 - 6:43am

Posted by Asterisk Security Team on Sep 19

Asterisk Project Security Advisory - AST-2014-009

Product Asterisk
Summary Remote crash based on malformed SIP subscription
requests
Nature of Advisory Remotely triggered crash of Asterisk
Susceptibility Remote authenticated sessions...
Categories:

CVE ID Syntax Change - Deadline Approaching

September 19, 2014 - 6:33am

Posted by Christey, Steven M. on Sep 19

As we approach the end of 2014, CVE identifiers are getting closer and
closer to the magic CVE-2014-9999 mark, which means that MITRE will be
issuing a 5-digit CVE ID within a matter of months, in accordance with
the new syntax that was selected in 2013 (basically using 5, 6, or
even more digits as needed). Some people are still unaware that this
change has happened or have been slow to implement it.

Once a CVE identifier is issued using the...
Categories:

APPLE-SA-2014-09-17-7 Xcode 6.0.1

September 19, 2014 - 6:21am

Posted by Apple Product Security on Sep 19

APPLE-SA-2014-09-17-7 Xcode 6.0.1

Xcode 6.0.1 is now available and addresses the following:

subversion
Available for: OS X Mavericks v10.9.4 or later
Impact: A malicious attacker may be able to cause Subversion
to terminate unexpectedly
Description: A denial of service issue existed in Subversion when
SVNListParentPath was enabled. This issue was addressed by updating
Subversion to version 1.7.17.
CVE-ID
CVE-2014-0032

Xcode 6.0.1 may be...
Categories:

Oracle Corporation MyOracle - Persistent Vulnerability

September 19, 2014 - 6:12am

Posted by Vulnerability Lab on Sep 19

Document Title:
===============
Oracle Corporation MyOracle - Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1261

Oracle Security ID (Team Tracking ID): admin () vulnerability-lab com-001:2014

http://vulnerability-db.com/magazine/articles/2014/09/17/oracle-corporation-fixed-vulnerability-myoracle-online-service-application

Release Date:
=============
2014-09-17...
Categories:

Apple iOS / OSX Foundation NSXMLParser XML eXternal Entity (XXE) Flaw

September 19, 2014 - 6:01am

Posted by VSR Advisories on Sep 19

VSR Security Advisory
http://www.vsecurity.com/

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Advisory Name: Apple Foundation NSXMLParser XML eXternal Entity (XXE) Flaw
Release Date: 2014-09-17
Application: Apple iOS Foundation Framework
Apple OS X Foundation Framework
Versions: iOS 7.0, 7.1, OS X 10.9 - 10.9.4
Severity: High
Author:...
Categories: