BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 2 hours 10 min ago

[security bulletin] HPSBGN03407 rev.1 - HP Operations Manager for Windows, Remote Unauthorized Modification, Disclosure of Information

August 31, 2015 - 6:25am

Posted by security-alert on Aug 31

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04773119

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04773119
Version: 1

HPSBGN03407 rev.1 - HP Operations Manager for Windows, Remote Unauthorized
Modification, Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible....
Categories:

[security bulletin] HPSBGN03387 rev.1 - HP Intelligent Provisioning, Remote Code Execution, Unauthorized Access

August 31, 2015 - 6:17am

Posted by security-alert on Aug 31

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04756070

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04756070
Version: 1

HPSBGN03387 rev.1 - HP Intelligent Provisioning, Remote Code Execution,
Unauthorized Access

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2015-08-27...
Categories:

[security bulletin] HPSBMU03416 rev.1 - HP Data Protector, Remote Disclosure of Information

August 31, 2015 - 6:09am

Posted by security-alert on Aug 31

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04776510

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04776510
Version: 1

HPSBMU03416 rev.1 - HP Data Protector, Remote Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2015-08-28
Last Updated:...
Categories:

[SECURITY] [DSA 3345-1] iceweasel security update

August 31, 2015 - 6:01am

Posted by Salvatore Bonaccorso on Aug 31

-------------------------------------------------------------------------
Debian Security Advisory DSA-3345-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
August 29, 2015 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : iceweasel
CVE ID : CVE-2015-4497 CVE-2015-4498...
Categories:

[slackware-security] mozilla-firefox (SSA:2015-241-01)

August 31, 2015 - 5:53am

Posted by Slackware Security Team on Aug 31

[slackware-security] mozilla-firefox (SSA:2015-241-01)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-38.2.1esr-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...
Categories:

Re: Re: UAC Bypass Vulnerability on "Windows 7" in Windows Script Host

August 31, 2015 - 5:46am

Posted by kev . r on Aug 31

May you teach me how to hack
Categories:

Re: UAC Bypass Vulnerability on "Windows 7" in Windows Script Host

August 27, 2015 - 11:30am

Posted by Rich Pieri on Aug 27

UAC is not a security boundary. It's purpose is to annoy users in order
to force vendors to fix their bad code:

http://www.cnet.com/news/microsoft-vista-feature-designed-to-annoy-users/
Categories:

[SECURITY] [DSA 3344-1] php5 security update

August 27, 2015 - 11:21am

Posted by Sebastien Delafond on Aug 27

-------------------------------------------------------------------------
Debian Security Advisory DSA-3344-1 security () debian org
https://www.debian.org/security/ Sebastien Delafond
August 27, 2015 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : php5
CVE ID : CVE-2015-4598 CVE-2015-4643...
Categories:

[security bulletin] HPSBGN03402 rev.2 - HP Performance Manager, Remote Disclosure of Information

August 27, 2015 - 11:11am

Posted by security-alert on Aug 27

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04772190

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04772190
Version: 2

HPSBGN03402 rev.2 - HP Performance Manager, Remote Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2015-08-26
Last Updated:...
Categories:

UAC Bypass Vulnerability on "Windows 7" in Windows Script Host

August 27, 2015 - 7:29am

Posted by vozzie on Aug 27

UAC Bypass Vulnerability in Windows Script Host.

The Windows Script Host executables suffer from a vulnerability due to a missing embedded manifest. Using another
exploit, the combination of "wusa.exe" and "makecab.exe" files can be copied to the Windows folder. Copies of a
manifest and the script host allow to execute the copied script host and bypass UAC warning messages in case the UAC
settings are default.

Both ZDI...
Categories:

[security bulletin] HPSBHF03408 rev.1 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote Execution of Arbitrary Code

August 27, 2015 - 7:22am

Posted by security-alert on Aug 27

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04773272

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04773272
Version: 1

HPSBHF03408 rev.1 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote
Execution of Arbitrary Code

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date:...
Categories: