BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 1 hour 6 min ago

[slackware-security] mozilla-firefox (SSA:2014-204-02)

July 24, 2014 - 10:39am

Posted by Slackware Security Team on Jul 24

[slackware-security] mozilla-firefox (SSA:2014-204-02)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-24.7.0esr-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...
Categories:

[slackware-security] httpd (SSA:2014-204-01)

July 24, 2014 - 10:27am

Posted by Slackware Security Team on Jul 24

[slackware-security] httpd (SSA:2014-204-01)

New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/httpd-2.4.10-i486-1_slack14.1.txz: Upgraded.
This update fixes the following security issues:
*) SECURITY: CVE-2014-0117 (cve.mitre.org)
mod_proxy: Fix crash in Connection...
Categories:

[security bulletin] HPSBMU03076 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows running OpenSSL, Multiple Vulnerabilities

July 24, 2014 - 10:16am

Posted by security-alert on Jul 24

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04379485

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04379485
Version: 1

HPSBMU03076 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows
running OpenSSL, Multiple Vulnerabilities

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible....
Categories:

[SECURITY] [DSA 2987-1] openjdk-7 security update

July 24, 2014 - 10:07am

Posted by Moritz Muehlenhoff on Jul 24

-------------------------------------------------------------------------
Debian Security Advisory DSA-2987-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
July 23, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : openjdk-7
CVE ID : CVE-2014-2483 CVE-2014-2490...
Categories:

[SECURITY] [DSA 2986-1] iceweasel security update

July 24, 2014 - 9:57am

Posted by Moritz Muehlenhoff on Jul 24

-------------------------------------------------------------------------
Debian Security Advisory DSA-2986-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
July 23, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : iceweasel
CVE ID : CVE-2014-1544 CVE-2014-1547...
Categories:

Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account

July 24, 2014 - 9:48am

Posted by Stefan Kanthak on Jul 24

Hi @ll,

the import function of Windows Mail executes a rogue program C:\Program.exe
with the credentials of another account, resulting in a privilege escalation!

1. Fetch <http://home.arcor.de/skanthak/download/SENTINEL.EXE> and save it as
C:\Program.exe

2. Start Windows Mail (part of Windows Vista and Windows Server 2008)

3. On the File menu, click Identities

4. On the entry page of the wizard click [ Continue > ]

5. Select...
Categories:

[security bulletin] HPSBMU03074 rev.1 - HP Insight Control server migration on Linux and Windows running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information

July 24, 2014 - 9:39am

Posted by security-alert on Jul 24

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04378799

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04378799
Version: 1

HPSBMU03074 rev.1 - HP Insight Control server migration on Linux and Windows
running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized
Access, Disclosure of Information

NOTICE: The...
Categories: