BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 3 min 41 sec ago

CVE-2015-1730: MSIE jscript9 Java­Script­Stack­Walker memory corruption details and PoC

3 hours 36 min ago

Posted by Berend-Jan Wever on Dec 06

Since November I have been releasing details on all vulnerabilities I
found in web-browsers that I had not released before. I will try to
continue to publish all my old vulnerabilities, including those not in
web-browser, as long as I can find some time to do so. If you find this
information useful, you can help me make more time available by donating
bitcoin to 183yyxa9s1s1f7JBp­PHPmz­Q346y91Rx5DX.

This is the twenty-sixth entry in the...
Categories:

Re: CVE-2016-3222: MS Edge CBaseScriptable::PrivateQueryInterface memory corruption

5 hours 39 min ago

Posted by Berend-Jan Wever on Dec 06

FYI: this link to my blog was 404 until early this morning. It is now up
if you are still interested in reading it.
Categories:

CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used

December 5, 2016 - 7:05am

Posted by Eissing Stefan on Dec 05

Security Advisory - Apache Software Foundation
Apache HTTPD WebServer / httpd.apache.org

Server memory can be exhausted and service denied when HTTP/2 is used

CVE-2016-8740

The Apache HTTPD web server (from 2.4.17-2.4.23) did not apply limitations
on request headers correctly when experimental module for the HTTP/2
protocol is used to access a resource.

The net result is that a the server...
Categories:

Microsoft MSINFO32.EXE ".NFO" Files XML External Entity

December 5, 2016 - 4:34am

Posted by apparitionsec on Dec 05

[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-MSINFO32-XXE-FILE-EXFILTRATION.txt

[+] ISR: ApparitionSec

Vendor:
=================
www.microsoft.com

Product:
==========================
Windows System Information
MSINFO32.exe v6.1.7601

Windows MSINFO32.EXE Displays a comprehensive view of your hardware, system components, and software...
Categories:

Microsoft Windows Media Center "ehshell.exe" XML External Entity

December 5, 2016 - 4:14am

Posted by apparitionsec on Dec 05

[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-MEDIA-CENTER-XXE-FILE-DISCLOSURE.txt

[+] ISR: ApparitionSec

Vendor:
==================
www.microsoft.com

Product:
==================================
Windows Media Center "ehshell.exe"
version 6.1.7600

Vulnerability Type:
====================
XML External Entity

CVE Reference:...
Categories:

[slackware-security] mozilla-firefox (SSA:2016-336-01)

December 1, 2016 - 7:34am

Posted by Slackware Security Team on Dec 01

[slackware-security] mozilla-firefox (SSA:2016-336-01)

New mozilla-firefox packages are available for Slackware 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-45.5.1esr-i586-1_slack14.2.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...
Categories:

[security bulletin] HPSBUX03665 rev.3 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS), URL Redirection

December 1, 2016 - 1:30am

Posted by security-alert on Nov 30

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05324759

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05324759
Version: 3

HPSBUX03665 rev.3 - HP-UX Tomcat-based Servlet Engine, Remote Denial of
Service (DoS), URL Redirection

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2016-12-01...
Categories:

[security bulletin] HPSBGN03680 rev.1 - HPE Propel, Local Denial of Service (DoS), Escalation of Privilege

December 1, 2016 - 1:15am

Posted by security-alert on Nov 30

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05347541

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05347541
Version: 1

HPSBGN03680 rev.1 - HPE Propel, Local Denial of Service (DoS), Escalation of
Privilege

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2016-11-30
Last Updated:...
Categories:

[security bulletin] HPSBGN03677 rev.1 - HPE Network Automation using RPCServlet and Java Deserialization, Remote Code Execution

November 30, 2016 - 2:09pm

Posted by security-alert on Nov 30

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05344849

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05344849
Version: 1

HPSBGN03677 rev.1 - HPE Network Automation using RPCServlet and Java
Deserialization, Remote Code Execution

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date:...
Categories:

[FOXMOLE SA 2016-05-02] e107 Content Management System (CMS) - Multiple Issues

November 30, 2016 - 12:59pm

Posted by FOXMOLE Advisories on Nov 30

=== FOXMOLE - Security Advisory 2016-05-02 ===

e107 Content Management System (CMS) - Multiple Issues
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Affected Versions
=================
e107 2.1.2 Bootstrap CMS

Issue Overview
==============
Vulnerability Type: Multiple Vulnerabilities
Technical Risk: medium
Likelihood of Exploitation: medium
Vendor: e107
Vendor URL: http://www.e107.org
Credits: FOXMOLE employee Tim Herres
Advisory URL:...
Categories:

[security bulletin] HPSBHF03682 rev.1 - HPE Comware 7 Network Products using SSL/TLS, Local Gain Privileged Access

November 30, 2016 - 12:48pm

Posted by security-alert on Nov 30

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05341463

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05341463
Version: 1

HPSBHF03682 rev.1 - HPE Comware 7 Network Products using SSL/TLS, Local Gain
Privileged Access

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2016-11-23
Last...
Categories:

[RT-SA-2016-003] Less.js: Compilation of Untrusted LESS Files May Lead to Code Execution through the JavaScript Less Compiler

November 30, 2016 - 7:05am

Posted by RedTeam Pentesting GmbH on Nov 30

Advisory: Less.js: Compilation of Untrusted LESS Files May Lead to Code
Execution through the JavaScript Less Compiler

RedTeam Pentesting discovered behaviour in the Less.js compiler,
which allows execution of arbitrary code if an untrusted LESS file is
compiled.

Details
=======

Product: Less Compiler
Affected Versions: probably all versions
Fixed Versions: none
Vulnerability Type: Code Execution
Security Risk: low
Vendor URL:...
Categories: