BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 56 min 7 sec ago

Hawkeye-G v3.0.1 Persistent XSS & Information Leakage

July 27, 2015 - 6:01am

Posted by apparitionsec on Jul 27

[+] Credits: John Page ( hyp3rlinx )

[+] Domains: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0725.txt

Vendor:
================================
www.hexiscyber.com

Product:
================================
Hawkeye-G v3.0.1.4912

Hawkeye G is an active defense disruptive technology that
detects, investigates, remediates and removes cyber threats
within the network.

Vulnerability Type:...
Categories:

Hawkeye-G v3 CSRF Vulnerability ***[UPDATED CORRECTED]

July 24, 2015 - 8:56am

Posted by apparitionsec on Jul 24

***[UPDATED CORRECTION] ***

[+] Credits: John Page ( hyp3rlinx )

[+] Domains: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0724.txt

Vulnerability Type:
===================
CSRF

CVE Reference:
==============
CVE-2015-2878

Vendor:
===================
www.hexiscyber.com

Product:
=====================================================================
Hawkeye-G v3.0.1.4912

Hawkeye G is an active...
Categories:

[SECURITY] [DSA 3315-1] chromium-browser security update

July 24, 2015 - 8:32am

Posted by Michael Gilbert on Jul 24

-------------------------------------------------------------------------
Debian Security Advisory DSA-3315-1 security () debian org
https://www.debian.org/security/ Michael Gilbert
July 23, 2015 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : chromium-browser
CVE ID : CVE-2015-1266...
Categories:

Hawkeye-G v3.0.1.4912 CSRF Vulnerability CVE-2015-2878

July 24, 2015 - 8:08am

Posted by apparitionsec on Jul 24

[+] Credits: John Page ( hyp3rlinx )

[+] Domains: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0724.txt

Vulnerability Type:
===================
CSRF

CVE Reference:
==============
CVE-2015-2878

Vendor:
===================
www.hexiscyber.com

Product:
=====================================================================
Hawkeye-G v3.0.1.4912

Hawkeye G is an active defense disruptive technology...
Categories:

[SECURITY] [DSA 3314-1] typo3-src end of life

July 24, 2015 - 6:26am

Posted by Moritz Muehlenhoff on Jul 24

-------------------------------------------------------------------------
Debian Security Advisory DSA-3314-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
July 23, 2015 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : typo3-src

Upstream security support for Typo3 4.5.x ended...
Categories:

Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser

July 23, 2015 - 1:58pm

Posted by Qualys Security Advisory on Jul 23

Hello, it is July 23, 2015, 17:00 UTC, the Coordinated Release Date for
CVE-2015-3245 and CVE-2015-3246. Please find our advisory below, and
our exploit attached.

Qualys Security Advisory

CVE-2015-3245 userhelper chfn() newline filtering

CVE-2015-3246 libuser passwd file handling

--[ Summary ]-----------------------------------------------------------------

The libuser library implements a standardized interface for manipulating
and...
Categories:

ThaiWeb CMS 2015Q3 - SQL Injection Web Vulnerability

July 23, 2015 - 8:57am

Posted by Vulnerability Lab on Jul 23

Document Title:
===============
ThaiWeb CMS 2015Q3 - SQL Injection Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1555

Release Date:
=============
2015-07-23

Vulnerability Laboratory ID (VL-ID):
====================================
1555

Common Vulnerability Scoring System:
====================================
8.6

Product & Service Introduction:...
Categories: