Feed aggregator

Vuln: OpenSSH 'child_set_env()' Function Security Bypass Vulnerability

Security Focus Latest Security Advisories - July 20, 2014 - 11:00pm
OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
Categories:

Vuln: Linux Kernel CVE-2013-4299 Information Disclosure Vulnerability

Security Focus Latest Security Advisories - July 20, 2014 - 11:00pm
Linux Kernel CVE-2013-4299 Information Disclosure Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-4263 Remote Security Vulnerability

Security Focus Latest Security Advisories - July 20, 2014 - 11:00pm
Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
Categories:

Vuln: Apache Struts ClassLoader Manipulation Incomplete Fix Security Bypass Vulnerability

Security Focus Latest Security Advisories - July 20, 2014 - 11:00pm
Apache Struts ClassLoader Manipulation Incomplete Fix Security Bypass Vulnerability
Categories:

Vuln: Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability

Security Focus Latest Security Advisories - July 20, 2014 - 11:00pm
Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
Categories:

Vuln: Apache Struts ClassLoader Manipulation CVE-2014-0094 Security Bypass Vulnerability

Security Focus Latest Security Advisories - July 20, 2014 - 11:00pm
Apache Struts ClassLoader Manipulation CVE-2014-0094 Security Bypass Vulnerability
Categories:

Vuln: Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability

Security Focus Latest Security Advisories - July 20, 2014 - 11:00pm
Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
Categories:

Vuln: Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability

Security Focus Latest Security Advisories - July 20, 2014 - 11:00pm
Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
Categories:

Vuln: Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability

Security Focus Latest Security Advisories - July 20, 2014 - 11:00pm
Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-4268 Remote Security Vulnerability

Security Focus Latest Security Advisories - July 19, 2014 - 11:00pm
Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
Categories:

Bugtraq: [SECURITY] [DSA 2979-1] fail2ban security update

[SECURITY] [DSA 2979-1] fail2ban security update
Categories:

ESA-2014-074: EMC RecoverPoint Appliance Security Control Bypass Vulnerability

BugTraq Latest Security Advisories - July 18, 2014 - 9:27am

Posted by Security Alert on Jul 18

ESA-2014-074: EMC RecoverPoint Appliance Security Control Bypass Vulnerability

EMC Identifier: ESA-2014-074

CVE Identifier: CVE-2014-2519

Severity Rating: CVSS v2 Base Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:N/A:P)

Affected products:
• EMC RecoverPoint 4.1

Summary:
EMC RecoverPoint Appliance (RPA) 4.1 has the internal firewall disabled by default.

Details:

The firewall rule in EMC RPA 4.1 to drop incoming connections except...
Categories:

Microsoft MSN HBE - Blind SQL Injection Vulnerability

BugTraq Latest Security Advisories - July 18, 2014 - 9:14am

Posted by Vulnerability Lab on Jul 18

Document Title:
===============
Microsoft MSN HBE - Blind SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1183

Video: http://www.vulnerability-lab.com/get_content.php?id=1282

Vulnerability Magazine:
http://vulnerability-db.com/magazine/articles/2014/07/17/vl-core-team-published-blind-sql-injection-vulnerability-video-poc-msrc

Release Date:
=============
2014-07-17...
Categories:

Barracuda Networks Message Archiver 650 - Persistent Input Validation Vulnerability (BNSEC 703)

BugTraq Latest Security Advisories - July 18, 2014 - 9:04am

Posted by Vulnerability Lab on Jul 18

Document Title:
===============
Barracuda Networks Message Archiver 650 - Persistent Input Validation Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=751

https://www.barracuda.com/support/knowledgebase/501600000013lXe
Barracuda Networks Security ID (BNSEC): 703

BNSEC-00703: Remote authenticated persistent XSS in Barracuda Message Archiver v3.2
Solution #00006604

Release Date:...
Categories:

[SECURITY] [DSA 2980-1] openjdk-6 security update

BugTraq Latest Security Advisories - July 18, 2014 - 8:48am

Posted by Moritz Muehlenhoff on Jul 18

-------------------------------------------------------------------------
Debian Security Advisory DSA-2980-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
July 17, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : openjdk-6
CVE ID : CVE-2014-2490 CVE-2014-4209...
Categories:

[SECURITY] [DSA 2979-1] fail2ban security update

BugTraq Latest Security Advisories - July 18, 2014 - 8:37am

Posted by Moritz Muehlenhoff on Jul 18

-------------------------------------------------------------------------
Debian Security Advisory DSA-2979-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
July 17, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : fail2ban
CVE ID : CVE-2013-7176 CVE-2013-7177

Two...
Categories:

Bugtraq: Ignore the amount customers confirm is no security vulnerability according to PayPal

Ignore the amount customers confirm is no security vulnerability according to PayPal
Categories:

Bugtraq: [HITB-Announce] REMINDER: #HITB2014KUL CFP Deadline: 1st August

[HITB-Announce] REMINDER: #HITB2014KUL CFP Deadline: 1st August
Categories:

Bugtraq: IP.Board 3.4 cross-site scripting in Referer header

IP.Board 3.4 cross-site scripting in Referer header
Categories:

Bugtraq: [SECURITY] [DSA 2765-2] davfs regression update

[SECURITY] [DSA 2765-2] davfs regression update
Categories: