###
Luigi Auriemma
Application: HP OpenView Communication Broker
http://www8.hp.com/us/en/software/enterprise-software.html
Versions: ovbbccb.exe <= 11.0.43.0
Platforms:Windows,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
MITKRB5-SA-2011-005
MIT krb5 Security Advisory 2011-005
Original release: 2011-07-05
Topic: FTP daemon fails to set effective group ID
CVE-2011-1526
CVSSv2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:H/RL:O/RC:C
CVSSv2 Base Score: 6.5
Access Vector
===
Summary
===
Name: Blue Coat BCAAA Remote Code Execution Vulnerability
Release Date: 5 July 2011
Reference: NGS00060
Discoverer: Paul Harrington
Vendor: Blue Coat Systems Inc
Vendor Reference: 2-358686722
Systems Affected: All versions of BCAAA associated with ProxySG releases 4.2.3,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2272-1 secur...@debian.org
http://www.debian.org/security/Florian Weimer
July 05, 2011
###
Luigi Auriemma
Application: foobar2000
http://www.foobar2000.org
Versions: <= 1.1.7
Platforms:Windows
Bug: integer overflow
Date: 03 Jul 2011
Author:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Folks,
The IETF has just published RFC 6274, entitled "Security Assessment of
the Internet Protocol Version 4". It contains a large amount of
information on how to improve the security of IPv4 implementations and
IPv4 deployments.
This document is th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02904002
Version: 1
HPSBUX02688 SSRT100513 rev.1 - HP-UX Dynamic Loader, Local Privilege
Escalation, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted u
Ubuntu's reseed(8) can be used to seed the PRNG state of a host. The
script is run when the package installed, and anytime su executes the
script.
reseed(8) performs a unsecured HTTP request to random.org for its
bits, despite random.org offering HTTPS services.
The Ubuntu Security Team took no i
On Tue, Jul 5, 2011 at 9:04 PM, Jeffrey Walton wrote:
> Ubuntu's reseed(8) can be used to seed the PRNG state of a host. The
> script is run when the package installed, and anytime su executes the
> script.
... someone thought this was a good idea.
[an entropy pool remotely biased by MitM attack
Vulnerability ID: HTB23025
Reference:
http://www.htbridge.ch/advisory/idrive_online_backup_activex_control_insecure_method.html
Product: IDrive Online Backup
Vendor: Pro Softnet Corporation ( http://www.idrive.com )
Vulnerable Version: 3.4.0 and probably prior
Tested on: 3.4.0
Vendor Notificatio
Vulnerability ID: HTB23013
Reference:
http://www.htbridge.ch/advisory/atube_catcher_activex_control_savedecrypted_insecure_method.html
Product: aTube Catcher
Vendor: Diego Uscanga ( http://atube-catcher.dsnetwb.com )
Vulnerable Version: 2.3.570 and probably prior
Tested on: 2.3.570
Vendor Notific
On Wed, Jun 29, 2011 at 08:02:45PM +0100, Luigi Auriemma wrote:
> ###
>
> Luigi Auriemma
>
> Application: Winamp
> http://www.winamp.com
> Versions: <= 5.61
> Platforms:Windows
On Wed, 2011-07-06 at 00:04 -0400, Jeffrey Walton wrote:
> Ubuntu's reseed(8) can be used to seed the PRNG state of a host. The
> script is run when the package installed, and anytime su executes the
> script.
>
> reseed(8) performs a unsecured HTTP request to random.org for its
> bits, despite ra
On Mon, Jul 04, 2011 at 06:46:09AM +, sschu...@t-online.de wrote:
> Advisory: Multiple Cross-Site Scripting vulnerabilities in
> WebCalendar
> Advisory ID:SSCHADV2011-008
> Author: Stefan Schurtz
> Affected Software: Version 1.2.3 and probably prior versions
> Ve
On Fri, Jul 01, 2011 at 11:23:40AM +0200, SEC Consult Vulnerability Lab wrote:
> SEC Consult Vulnerability Lab Security Advisory < 20110701-0 >
> ===
> title: Multiple SQL Injection Vulnerabilities
> produ
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco Security Advisory: Cisco Content Services Gateway Denial of
Service Vulnerability
Advisory ID: cisco-sa-20110706-csg
Revision 1.0
For Public Release 2011 July 06 1600 UTC (GMT
16 matches
Mail list logo
