BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 36 min 20 sec ago

[security bulletin] HPSBOV03099 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS) or Disclosure of Information

September 15, 2014 - 4:36am

Posted by security-alert on Sep 15

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04426586

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04426586
Version: 1

HPSBOV03099 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service
(DoS) or Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release...
Categories:

HttpFileServer 2.3.x Remote Command Execution

September 12, 2014 - 11:26am

Posted by danielelinguaglossa on Sep 12

Affected software: http://sourceforge.net/projects/hfs/
Version : 2.3x
# Exploit Title: HttpFileServer 2.3.x Remote Command Execution
# Google Dork: intext:"httpfileserver 2.3"
# Date: 11-09-2014
# Remote: Yes
# Exploit Author: Daniele Linguaglossa
# Vendor Homepage: http://rejetto.com/
# Software Link: http://sourceforge.net/projects/hfs/
# Version: 2.3.x
# Tested on: Windows Server 2008 , Windows 8, Windows 7
# CVE : CVE-2014-6287...
Categories:

[SECURITY] [DSA 3024-1] gnupg security update

September 12, 2014 - 5:14am

Posted by Thijs Kinkhorst on Sep 12

-------------------------------------------------------------------------
Debian Security Advisory DSA-3024-1 security () debian org
http://www.debian.org/security/ Thijs Kinkhorst
September 11, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : gnupg
CVE ID : CVE-2014-5270...
Categories:

[SECURITY] [DSA 3023-1] bind9 security update

September 12, 2014 - 5:05am

Posted by Salvatore Bonaccorso on Sep 12

-------------------------------------------------------------------------
Debian Security Advisory DSA-3023-1 security () debian org
http://www.debian.org/security/ Salvatore Bonaccorso
September 11, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : bind9
CVE ID : CVE-2014-0591
Debian Bug :...
Categories:

NEW VMSA-2014-0009 VMware NSX and vCNS product updates address a critical information disclosure vulnerability

September 12, 2014 - 4:55am

Posted by VMware Security Response Center on Sep 12

------------------------------------------------------------------------
VMware Security Advisory

Advisory ID: VMSA-2014-0009
Synopsis: VMware NSX and vCNS product updates address a critical
information disclosure vulnerability
Issue date: 2014-09-11
Updated on: 2014-09-11 (Initial Advisory)
CVE number: CVE-2014-3796
------------------------------------------------------------------------

1. Summary...
Categories:

Call for Participation: Semantic Web Business and Innovation (SWBI2015) * Switzerland

September 11, 2014 - 11:32am

Posted by jackie on Sep 11

The International Conference on Semantic Web Business and Innovation
(SWBI2015)

The University of Applied Sciences and Arts Western Switzerland (HES-SO
Valais-Wallis)
October 7-9, 2015
http://sdiwc.net/conferences/swbi2015/

All registered papers will be included in SDIWC Digital Library.
=================================================================
The conference aims to enable researchers build connections between
different digital...
Categories:

ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability

September 11, 2014 - 7:01am

Posted by Vulnerability Lab on Sep 11

Document Title:
===============
ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1317

Release Date:
=============
2014-09-10

Vulnerability Laboratory ID (VL-ID):
====================================
1317

Common Vulnerability Scoring System:
====================================
5.9

Product & Service Introduction:...
Categories:

Photorange v1.0 iOS - File Include Web Vulnerability

September 11, 2014 - 6:52am

Posted by Vulnerability Lab on Sep 11

Document Title:
===============
Photorange v1.0 iOS - File Include Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1318

Release Date:
=============
2014-09-07

Vulnerability Laboratory ID (VL-ID):
====================================
1318

Common Vulnerability Scoring System:
====================================
6.3

Product & Service Introduction:...
Categories:

PhotoSync v2.2 iOS - Command Inject Web Vulnerability

September 11, 2014 - 6:40am

Posted by Vulnerability Lab on Sep 11

Document Title:
===============
PhotoSync v2.2 iOS - Command Inject Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1290

Release Date:
=============
2014-08-05

Vulnerability Laboratory ID (VL-ID):
====================================
1290

Common Vulnerability Scoring System:
====================================
6.5

Product & Service Introduction:...
Categories:

[SECURITY] [DSA 3021-2] file regression update

September 11, 2014 - 6:30am

Posted by Luciano Bello on Sep 11

-------------------------------------------------------------------------
Debian Security Advisory DSA-3021-2 security () debian org
http://www.debian.org/security/ Luciano Bello
September 10, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : file
CVE ID : CVE-2014-0207 CVE-2014-0237...
Categories:

[SECURITY] [DSA 3022-1] curl security update

September 11, 2014 - 5:37am

Posted by Yves-Alexis Perez on Sep 11

-------------------------------------------------------------------------
Debian Security Advisory DSA-3022-1 security () debian org
http://www.debian.org/security/ Yves-Alexis Perez
September 10, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : curl
CVE ID : CVE-2014-3613 CVE-2014-3620

Two...
Categories: