Feed aggregator

[security bulletin] HPSBMU03600 rev.1 - HPE Insight Control server provisioning using OpenSSL, Remote Denial of Service (DoS)

BugTraq Latest Security Advisories - May 25, 2016 - 2:51pm

Posted by security-alert on May 25

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c05150736

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05150736
Version: 1

HPSBMU03600 rev.1 - HPE Insight Control server provisioning using OpenSSL,
Remote Denial of Service (DoS)

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release...
Categories:

[security bulletin] HPSBUX03606 rev.1 - HPE HP-UX running Apache Tomcat 7, Multiple Remote Vulnerabilities

BugTraq Latest Security Advisories - May 25, 2016 - 2:40pm

Posted by security-alert on May 25

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c05150442

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05150442
Version: 1

HPSBUX03606 rev.1 - HPE HP-UX running Apache Tomcat 7, Multiple Remote
Vulnerabilities

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2016-05-25
Last...
Categories:

[security bulletin] HPSBMU03601 rev.1 - HPE Insight Control server deployment using OpenSSL, Multiple Vulnerabilities

BugTraq Latest Security Advisories - May 25, 2016 - 2:26pm

Posted by security-alert on May 25

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c05150800

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05150800
Version: 1

HPSBMU03601 rev.1 - HPE Insight Control server deployment using OpenSSL,
Multiple Vulnerabilities

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date:...
Categories:

VMWare vSphere Web Client Flash XSS

BugTraq Latest Security Advisories - May 25, 2016 - 1:11pm

Posted by apparitionsec on May 25

[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/VMWARE-VSPHERE-FLASH-XSS.txt

[+] ISR: apparitionsec

Vendor:
===============
www.vmware.com

Product:
====================================
VMWare vSphere Web Client v5.1 - 6.0

A server virtualization platform from VMware. Also referred to as a cloud operating system or virtualized data center
platform, VMware...
Categories:

Bugtraq: [security bulletin] HPSBGN03605 rev.1 - HPE Service Manager, Remote Disclosure of Information

[security bulletin] HPSBGN03605 rev.1 - HPE Service Manager, Remote Disclosure of Information
Categories:

Cisco Security Advisory: Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability

BugTraq Latest Security Advisories - May 25, 2016 - 11:51am

Posted by Cisco Systems Product Security Incident Response Team on May 25

Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability

Advisory ID: cisco-sa-20160525-ipv6

Revision 1.0

For Public Release 2016 May 25 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

A vulnerability in the IP Version 6 (IPv6) packet processing functions of Cisco IOS XR Software and Cisco IOS XE
Software could allow an unauthenticated, remote attacker to...
Categories:

Bugtraq: MSA-2016-01: PowerFolder Remote Code Execution Vulnerability

MSA-2016-01: PowerFolder Remote Code Execution Vulnerability
Categories:

Open-Xchange Security Advisory 2016-05-25

BugTraq Latest Security Advisories - May 25, 2016 - 7:48am

Posted by Martin Heiland on May 25

Product: OX AppSuite
Vendor: Open-Xchange GmbH

Internal reference: 44542 (Bug ID)
Vulnerability type: Cross Site Scripting (CWE-80)
Vulnerable version: 7.8.0 and earlier
Vulnerable component: frontend
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed versions: 7.6.2-rev40, 7.6.3-rev7, 7.8.0-rev19
Researcher credits: Satish Bommisetty
Vendor notification: 2016-03-07
Solution date: 2016-03-29
CVE reference: CVE-2016-3173
CVSSv3:...
Categories:

Bugtraq: [SECURITY] [DSA 3586-1] atheme-services security update

[SECURITY] [DSA 3586-1] atheme-services security update
Categories:

Bugtraq: AfterLogic WebMail Pro ASP.NET < 6.2.7 Administrator Account Takover via XXE Injection

AfterLogic WebMail Pro ASP.NET < 6.2.7 Administrator Account Takover via XXE Injection
Categories:

[slackware-security] libarchive (SSA:2016-145-01)

BugTraq Latest Security Advisories - May 25, 2016 - 4:23am

Posted by Slackware Security Team on May 25

[slackware-security] libarchive (SSA:2016-145-01)

New libarchive packages are available for Slackware 14.1 and -current to
fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/libarchive-3.1.2-i486-2_slack14.1.txz: Rebuilt.
Patched an issue with Zip archive handling that could allow an attacker
to overwrite parts of the heap in a controlled fashion and execute...
Categories:

Bugtraq: [RCESEC-2016-002] XenAPI v1.4.1 for XenForo Multiple Unauthenticated SQL Injections

[RCESEC-2016-002] XenAPI v1.4.1 for XenForo Multiple Unauthenticated SQL Injections
Categories:

[security bulletin] HPSBGN03605 rev.1 - HPE Service Manager, Remote Disclosure of Information

BugTraq Latest Security Advisories - May 25, 2016 - 12:56am

Posted by security-alert on May 24

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c05149290

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05149290
Version: 1

HPSBGN03605 rev.1 - HPE Service Manager, Remote Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2016-05-24
Last Updated:...
Categories:

next-20160525: linux-next

Linux Kernel Updates - May 24, 2016 - 10:41pm
Version:next-20160525 (linux-next) Released:2016-05-25