BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 32 min 59 sec ago

NEW VMSA-2014-0008 VMware vSphere product updates to third party libraries

September 10, 2014 - 4:50am

Posted by VMware Security Response Center on Sep 10

------------------------------------------------------------------------
VMware Security Advisory

Advisory ID: VMSA-2014-0008
Synopsis: VMware vSphere product updates to third party libraries
Issue date: 2014-09-09
Updated on: 2014-09-09 (Initial Advisory)
CVE numbers: --- Struts ---
CVE-2014-0114
--- tc-server ---
CVE-2013-4590, CVE-2013-4322, and CVE-2014-0050
---...
Categories:

Re: Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities

September 10, 2014 - 4:41am

Posted by sales on Sep 10

Date: 12 Aug 2014

A software update for the Text Chat Room & Audio/Video Chat Room (v8.2.0) is now available to download in the Pro Chat
Rooms customer area that addresses this security issue.

We would like to express our thanks to Mike Manzotti @ Dionach Ltd who assisted us with this update.
Categories:

[SECURITY] [DSA 3021-1] file security update

September 9, 2014 - 11:54am

Posted by Luciano Bello on Sep 09

-------------------------------------------------------------------------
Debian Security Advisory DSA-3021-1 security () debian org
http://www.debian.org/security/ Luciano Bello
September 09, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : file
CVE ID : CVE-2014-0207 CVE-2014-0237...
Categories:

FreeBSD Security Advisory FreeBSD-SA-14:18.openssl

September 9, 2014 - 11:45am

Posted by FreeBSD Security Advisories on Sep 09

=============================================================================
FreeBSD-SA-14:18.openssl Security Advisory
The FreeBSD Project

Topic: OpenSSL multiple vulnerabilities

Category: contrib
Module: openssl
Announced: 2014-09-09
Affects: All supported versions of FreeBSD.
Corrected: 2014-08-07 21:04:42 UTC...
Categories:

Cisco Security Advisory: Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability

September 9, 2014 - 5:14am

Posted by Cisco Systems Product Security Incident Response Team on Sep 09

Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service
Vulnerability

Advisory ID: cisco-sa-20140908-ucse

Revision 1.0

For Public Release 2014 September 8 16:00 UTC (GMT)
+--------------------------------------------------------------------

Summary
=======

A vulnerability in the Cisco Integrated Management Controller (Cisco IMC) SSH module of the Cisco Unified Computing
System...
Categories:

IBM WebSphere Application Server (WAS) Integrated Solutions Console Login Page username Parameter Reflected XSS Security Vulnerability

September 9, 2014 - 5:04am

Posted by main on Sep 09

INFO:
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Aug 27 2014 12:00AM
Updated: Aug 27 2014 12:00AM
Credit: G. S. McNamara, CGI Federal Emerging Technologies Security Practice (ETSP)
Vulnerable: IBM WebSphere Application Server (WAS) Integrated Solutions Console 7.0.0.19

DISCUSSION:
IBM WebSphere Application Server (WAS) contains a flaw that allows a reflected cross-site scripting (XSS) attack. This
flaw...
Categories:

[security bulletin] HPSBST03106 rev.1 - HP P2000 G3 MSA Array System running OpenSSL, Remote Unauthorized Access or Disclosure of Information

September 9, 2014 - 4:54am

Posted by security-alert on Sep 09

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04438404

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04438404
Version: 1

HPSBST03106 rev.1 - HP P2000 G3 MSA Array System running OpenSSL, Remote
Unauthorized Access or Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as...
Categories: