Home page logo
/
bugtraq logo
Bugtraq Mailing List

The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!

List Archives

JanFebMarAprMayJunJulAugSepOctNovDec
2014113155187198159176158145192164
2013132157159192130126202208149164147150
2012192192173233157192172226130147123157
2011193272320296203184236217198218189188
2010286236267274296269271375236273230284
2009298247289297302270263263243314200318
2008443460400323341233304271351269228272
2007704526485492435369387490407453439364
2006519559598603699763564569514524599439
2005383532553516361300524445366393376342
2004329681368393330476367421467366402470
2003274393464396331260155359528352352353
2002393383438440302380433434312435387278
2001507347479301443776436269276311316
2000439488357266397455434450504448409525
19994024862573001998269377451303385395
1998144118231194234243378306240242296222
199710911910616322521119716477150219188
19962025112021717326892166131153
19952832602272662455080112103299937
199433861201895210613696364144264
19933421

Latest Posts

[ MDVSA-2014:209 ] java-1.7.0-openjdk security (Oct 24)
_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:209
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : java-1.7.0-openjdk
Date : October 24, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem...

[ MDVSA-2014:208 ] phpmyadmin security (Oct 24)
_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:208
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : phpmyadmin
Date : October 24, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:...

[ MDVSA-2014:207 ] ejabberd security (Oct 24)
_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:207
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : ejabberd
Date : October 24, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:...

[ MDVSA-2014:206 ] ctags security (Oct 24)
_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:206
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : ctags
Date : October 24, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated...

[ MDVSA-2014:205 ] lua security (Oct 24)
_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:205
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : lua
Date : October 24, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated lua...

[slackware-security] glibc (SSA:2014-296-01) Slackware Security Team (Oct 24)
[slackware-security] glibc (SSA:2014-296-01)

New glibc packages are available for Slackware 14.1 and -current to fix
security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/glibc-2.17-i486-8_slack14.1.txz: Rebuilt.
This update fixes several security issues, and adds an extra security
hardening patch from Florian Weimer. Thanks to mancha for help with
tracking and...

[slackware-security] pidgin (SSA:2014-296-02) Slackware Security Team (Oct 24)
[slackware-security] pidgin (SSA:2014-296-02)

New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
pidgin-2.10.10-i486-1_slack14.1.txz: Upgraded.
This update fixes several security issues:
Insufficient SSL certificate validation (CVE-2014-3694)
Remote crash parsing malformed MXit emoticon...

[KIS-2014-12] TestLink <= 1.9.12 (database.class.php) Path Disclosure Weakness Egidio Romano (Oct 24)
----------------------------------------------------------------
TestLink <= 1.9.12 (database.class.php) Path Disclosure Weakness
----------------------------------------------------------------

[-] Software Link:

http://testlink.org/

[-] Affected Versions:

Version 1.9.12 and prior versions.

[-] Weakness Description:

The vulnerable code is located in the /lib/functions/database.class.php script:

208....

[KIS-2014-11] TestLink <= 1.9.12 (execSetResults.php) PHP Object Injection Vulnerability Egidio Romano (Oct 24)
--------------------------------------------------------------------------
TestLink <= 1.9.12 (execSetResults.php) PHP Object Injection Vulnerability
--------------------------------------------------------------------------

[-] Software Link:

http://testlink.org/

[-] Affected Versions:

Version 1.9.12 and prior versions.

[-] Weakness Description:

The vulnerable code is located in the /lib/execute/execSetResults.php script:

428....

[SECURITY] [DSA 3055-1] pidgin security update Moritz Muehlenhoff (Oct 24)
-------------------------------------------------------------------------
Debian Security Advisory DSA-3055-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
October 23, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : pidgin
CVE ID : CVE-2014-3694 CVE-2014-3695...

OpenBSD <= 5.5 Local Kernel Panic Alejandro Hernandez (Oct 24)
OpenBSD <= 5.5 (All architectures) is prone to a local DoS condition by triggering a kernel panic through a malformed
ELF executable.

A patch has been released to address this issue. See "013 Reliability Fix" at:
http://www.openbsd.org/errata55.html#013_kernexec

More details and PoC code:
http://www.ioactive.com/pdfs/IOActive_Advisory_OpenBSD_5_5_Local_Kernel_Panic.pdf

Regards,

Alejandro Hernandez
Senior Security Consultant...

[ MDVSA-2014:203 ] openssl security (Oct 24)
_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:203
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : openssl
Date : October 23, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:...

[ MDVSA-2014:204 ] libxml2 security (Oct 24)
_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:204
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : libxml2
Date : October 23, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

A...

File Manager v4.2.10 iOS - Code Execution Vulnerability Vulnerability Lab (Oct 24)
Document Title:
===============
File Manager v4.2.10 iOS - Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1343

Release Date:
=============
2014-10-21

Vulnerability Laboratory ID (VL-ID):
====================================
1343

Common Vulnerability Scoring System:
====================================
9

Product & Service Introduction:...

Dell SonicWall GMS v7.2.x - Persistent Web Vulnerability Vulnerability Lab (Oct 24)
Document Title:
===============
Dell SonicWall GMS v7.2.x - Persistent Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1222

Release Date:
=============
2014-10-21

Vulnerability Laboratory ID (VL-ID):
====================================
1222

Common Vulnerability Scoring System:
====================================
3

Product & Service Introduction:...

More Lists

Dozens of other network security lists are archived at SecLists.Org.


[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]