Feed aggregator

Incredible PBX remote command execution exploit

BugTraq Latest Security Advisories - October 21, 2014 - 9:47am

Posted by simo on Oct 21

#!/usr/bin/perl
#
# Title: Incredible PBX remote command execution exploit
# Author: Simo Ben youssef
# Contact: Simo_at_Morxploit_com
# Discovered: 1 September 2014
# Coded: 21 October 2014
# Published: 21 October 2014
# MorXploit Research
# http://www.MorXploit.com
# Vendor: PBX in a Flash
# Vendor url: http://pbxinaflash.net/
# Software: Incredible PBX 11
# Version: 2.0.6.5.0
# Product url: http://incrediblepbx.com/
# Download:...
Categories:

Bugtraq: [security bulletin] HPSBUX03150 SSRT101681 rev.1 - HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Service (DoS) and Other Vulnerabilities

Security Focus Latest Security Advisories - October 21, 2014 - 9:45am
[security bulletin] HPSBUX03150 SSRT101681 rev.1 - HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Service (DoS) and Other Vulnerabilities
Categories:

Bugtraq: [slackware-security] openssh (SSA:2014-293-01)

Security Focus Latest Security Advisories - October 21, 2014 - 9:45am
[slackware-security] openssh (SSA:2014-293-01)
Categories:

Bugtraq: LiteCart Security Advisory - Multiple XSS Vulnerabilities - CVE-2014-7183

Security Focus Latest Security Advisories - October 21, 2014 - 9:45am
LiteCart Security Advisory - Multiple XSS Vulnerabilities - CVE-2014-7183
Categories:

Bugtraq: APPLE-SA-2014-10-20-2 Apple TV 7.0.1

Security Focus Latest Security Advisories - October 21, 2014 - 9:45am
APPLE-SA-2014-10-20-2 Apple TV 7.0.1
Categories:

[ MDVSA-2014:196 ] rsyslog

BugTraq Latest Security Advisories - October 21, 2014 - 9:35am

Posted by security on Oct 21

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:196
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : rsyslog
Date : October 21, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

[slackware-security] openssh (SSA:2014-293-01)

BugTraq Latest Security Advisories - October 21, 2014 - 9:21am

Posted by Slackware Security Team on Oct 21

[slackware-security] openssh (SSA:2014-293-01)

New openssh packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/openssh-6.7p1-i486-1_slack14.1.txz: Upgraded.
This update fixes a security issue that allows remote servers to trigger
the skipping of SSHFP DNS RR checking by presenting an...
Categories:

[security bulletin] HPSBUX03150 SSRT101681 rev.1 - HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Service (DoS) and Other Vulnerabilities

BugTraq Latest Security Advisories - October 21, 2014 - 9:04am

Posted by security-alert on Oct 21

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04483248

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04483248
Version: 1

HPSBUX03150 SSRT101681 rev.1 - HP-UX Apache Server Suite running Apache
Tomcat or PHP, Remote Denial of Service (DoS) and Other Vulnerabilities

NOTICE: The information in this Security Bulletin should be acted...
Categories:

Bugtraq: APPLE-SA-2014-10-20-1 iOS 8.1

Security Focus Latest Security Advisories - October 21, 2014 - 8:30am
APPLE-SA-2014-10-20-1 iOS 8.1
Categories:

Bugtraq: AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability

Security Focus Latest Security Advisories - October 21, 2014 - 8:30am
AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability
Categories:

Vuln: Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
Categories:

Vuln: Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
Categories:

Vuln: Apache HTTP Server Multiple Denial of Service Vulnerabilities

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
Apache HTTP Server Multiple Denial of Service Vulnerabilities
Categories:

Vuln: Oracle Database Server CVE-2014-6544 Remote Security Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
Oracle Database Server CVE-2014-6544 Remote Security Vulnerability
Categories:

Vuln: Oracle Database Server CVE-2014-4289 Remote Security Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
Oracle Database Server CVE-2014-4289 Remote Security Vulnerability
Categories:

Vuln: WordPress WP Database Manager Plugin Multiple Security Vulnerabilities

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
WordPress WP Database Manager Plugin Multiple Security Vulnerabilities
Categories:

Vuln: GNU glibc '__gconv_translit_find()' Function Local Heap Based Buffer Overflow Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
GNU glibc '__gconv_translit_find()' Function Local Heap Based Buffer Overflow Vulnerability
Categories:

Vuln: OpenStack Compute (Nova) VMware Driver Denial of Service Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
OpenStack Compute (Nova) VMware Driver Denial of Service Vulnerability
Categories:

Vuln: Apple Mac OS X CVE-2014-4443 ASN.1 Data Remote Denial of Service Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
Apple Mac OS X CVE-2014-4443 ASN.1 Data Remote Denial of Service Vulnerability
Categories:

Vuln: Apple Mac OS X CVE-2014-4439 Mail Application Information Disclosure Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
Apple Mac OS X CVE-2014-4439 Mail Application Information Disclosure Vulnerability
Categories: