Feed aggregator

Bugtraq: Fwd: REWTERZ-20140103 - ManageEngine ServiceDesk Plus User Privileges Management Vulnerability

Security Focus Latest Security Advisories - January 27, 2015 - 4:45am
Fwd: REWTERZ-20140103 - ManageEngine ServiceDesk Plus User Privileges Management Vulnerability
Categories:

Bugtraq: REWTERZ-20140102 - ManageEngine ServiceDesk Plus User Enumeration Vulnerability

Security Focus Latest Security Advisories - January 27, 2015 - 4:45am
REWTERZ-20140102 - ManageEngine ServiceDesk Plus User Enumeration Vulnerability
Categories:

CVE-2015-0223: anonymous access to qpidd cannot be prevented

BugTraq Latest Security Advisories - January 27, 2015 - 4:17am

Posted by Gordon Sim on Jan 27

Apache Software Foundation - Security Advisory

anonymous access to qpidd cannot be prevented

CVE-2015-0223 CVS: 5.8

Severity: Moderate

Vendor:

The Apache Software Foundation

Versions Affected:

Apache Qpid's qpidd up to and including version 0.30

Description:

An attacker can gain access to qpidd as an anonymous user, even if the
ANONYMOUS mechanism is disallowed.

Solution:

A patch is available (...
Categories:

CVE-2015-0224: qpidd can be crashed by unauthenticated user

BugTraq Latest Security Advisories - January 27, 2015 - 4:10am

Posted by Gordon Sim on Jan 27

Apache Software Foundation - Security Advisory

qpidd can be crashed by unauthenticated user

CVE-2015-0224 CVS: 7.8

Severity: Moderate

Vendor:

The Apache Software Foundation

Versions Affected:

Apache Qpid's qpidd up to and including version 0.30

Description:

In CVE-2015-0203 it was announced that certain unexpected protocol
sequences cause the broker process to crash due to insufficient
checking, but that authentication...
Categories:

[CORE-2015-0002] - Android WiFi-Direct Denial of Service

BugTraq Latest Security Advisories - January 27, 2015 - 4:02am

Posted by CORE Advisories Team on Jan 27

Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

Android WiFi-Direct Denial of Service

1. *Advisory Information*

Title: Android WiFi-Direct Denial of Service
Advisory ID: CORE-2015-0002
Advisory URL:
http://www.coresecurity.com/advisories/android-wifi-direct-denial-service
Date published: 2015-01-26
Date of last update: 2015-01-26
Vendors contacted: Android Security Team
Release mode: User release

2. *Vulnerability...
Categories:

WebKitGTK+ Security Advisory WSA-2015-0001

BugTraq Latest Security Advisories - January 27, 2015 - 3:52am

Posted by Carlos Alberto Lopez Perez on Jan 27

------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2015-0001
------------------------------------------------------------------------

Date reported : January 26, 2015
Advisory ID : WSA-2015-0001
Advisory URL : http://webkitgtk.org/security/WSA-2015-0001.html
Affected versions : 2.4 series before 2.4.1, 2.4.2 and 2.4.8.
CVE identifiers :...
Categories:

next-20150127: linux-next

Linux Kernel Updates - January 27, 2015 - 3:48am
Version:next-20150127 (linux-next) Released:2015-01-27

Bugtraq: REWTERZ-20140101 - ManageEngine ServiceDesk SQL Injection Vulnerability

Security Focus Latest Security Advisories - January 27, 2015 - 3:30am
REWTERZ-20140101 - ManageEngine ServiceDesk SQL Injection Vulnerability
Categories:

Bugtraq: [HITB-Announce] #HITB2015AMS Call for Papers 1st Round is Closing in 10 Days

Security Focus Latest Security Advisories - January 27, 2015 - 3:30am
[HITB-Announce] #HITB2015AMS Call for Papers 1st Round is Closing in 10 Days
Categories:

Vuln: GNU glibc 'iconv()' Denial of Service Vulnerability

Security Focus Latest Security Advisories - January 27, 2015 - 12:00am
GNU glibc 'iconv()' Denial of Service Vulnerability
Categories:

Vuln: Mozilla Firefox/SeaMonkey Bitmap Rendering Information Disclosure Vulnerability

Security Focus Latest Security Advisories - January 27, 2015 - 12:00am
Mozilla Firefox/SeaMonkey Bitmap Rendering Information Disclosure Vulnerability
Categories:

Vuln: Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-8635 Multiple Memory Corruption Vulnerabilities

Security Focus Latest Security Advisories - January 27, 2015 - 12:00am
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-8635 Multiple Memory Corruption Vulnerabilities
Categories:

Vuln: Wireshark TLS/SSL Decryption CVE-2015-0564 Denial of Service Vulnerability

Security Focus Latest Security Advisories - January 27, 2015 - 12:00am
Wireshark TLS/SSL Decryption CVE-2015-0564 Denial of Service Vulnerability
Categories:

Vuln: Wireshark DEC DNA Routing Protocol Dissector CVE-2015-0562 Remote Denial of Service Vulnerability

Security Focus Latest Security Advisories - January 27, 2015 - 12:00am
Wireshark DEC DNA Routing Protocol Dissector CVE-2015-0562 Remote Denial of Service Vulnerability
Categories:

Vuln: Xen MMU CVE-2014-8594 Local Security Bypass Vulnerability

Security Focus Latest Security Advisories - January 27, 2015 - 12:00am
Xen MMU CVE-2014-8594 Local Security Bypass Vulnerability
Categories:

Vuln: Microsoft Windows Kerberos Checksum CVE-2014-6324 Remote Privilege Escalation Vulnerability

Security Focus Latest Security Advisories - January 27, 2015 - 12:00am
Microsoft Windows Kerberos Checksum CVE-2014-6324 Remote Privilege Escalation Vulnerability
Categories:

Vuln: kwallet Weak Stored Password Encryption Local Security Weakness

Security Focus Latest Security Advisories - January 27, 2015 - 12:00am
kwallet Weak Stored Password Encryption Local Security Weakness
Categories:

Vuln: IBM Tivoli Storage Manager Client CVE-2013-2964 Local Buffer Overflow Vulnerability

Security Focus Latest Security Advisories - January 27, 2015 - 12:00am
IBM Tivoli Storage Manager Client CVE-2013-2964 Local Buffer Overflow Vulnerability
Categories:

Vuln: Linux Kernel 'vdso_addr()' Function Local Security Bypass Vulnerability

Security Focus Latest Security Advisories - January 27, 2015 - 12:00am
Linux Kernel 'vdso_addr()' Function Local Security Bypass Vulnerability
Categories:

Vuln: Django CVE-2015-0219 Security Bypass Vulnerability

Security Focus Latest Security Advisories - January 27, 2015 - 12:00am
Django CVE-2015-0219 Security Bypass Vulnerability
Categories: