-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1980-1 secur...@debian.org
http://www.debian.org/security/ Steffen Joeris
January 27, 2010
PR09-15: XSS injection vulnerability within HP System Management
Homepage (Insight Manager)
Vulnerability found: 11th October 2009
Severity: Medium
Description:
A XSS vulnerability has been found within HP System Management; Arising
from insufficient input filtering.
By using a specially-crafte
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1979-1 secur...@debian.org
http://www.debian.org/security/ Raphael Geissert
January 27, 2009
Advisory: Geo++(R) GNCASTER: Faulty implementation of HTTP Digest
Authentication
During a penetration test, RedTeam Pentesting discovered that the
GNCaster software has multiple bugs in its implementation of HTTP Digest
Authentication.
Details
===
Product: Geo++(R) GNCASTER
Affect
===
Ubuntu Security Notice USN-803-2 January 27, 2010
dhcp3 vulnerability
CVE-2009-0692
===
A security issue affects the following Ubuntu releases:
Ubuntu 8.10
Ubuntu 9.04
Ubu
Advisory: Geo++(R) GNCASTER: Insecure handling of NMEA-data
During a penetration test, RedTeam Pentesting discovered that the
GNCaster software does not handle NMEA-data correctly. An attacker that
has valid login credentials can use this to crash the server software or
potentially execute code on
Advisory: Geo++(R) GNCASTER: Insecure handling of long URLs
During a penetration test, RedTeam Pentesting discovered that the
GNCASTER software does not handle long URLs correctly. An attacker can
use this to crash the server software or potentially execute code on the
server.
Details
===
P
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:028
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified
MeetingPlace
Advisory ID: cisco-sa-20100127-mp
Revision 1.0
For Public Release 2010 Jan 27 1600 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:027
http://www.mandriva.com/security/
2010/1/26 Fernando Augusto :
> Fun stuff...
>
> From here (Brazil) neither me nor anyone I asked, even through different
> carriers, are getting this kind of data while looking at
> http://e107.org/news.php I am not someone that talks here, but I believe
> that it should be looked with more car
Name: Mod_proxy from apache 1.3 - Integer overflow which
causes heap overflow.
Author:Adam Zabrocki ( or )
Date: Jan 27, 2010
Issue:
Mod_proxy from apache 1.3.xx (tested on latest version - 1.3.41) allows local
and remote
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01992642
Version: 1
HPSBMA02502 SSRT090171 rev.1 - HP OpenView Storage Data Protector, Local
Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon
Hi,
We have found that SAP BusinessObjects version 12 is vulnerable to
Multiple Cross-Site Scripting (XSS), Cross Domain redirects and Server
path information disclosure with the following consecuences:
-An attacker may be able to cause execution of malicious scripting code
in the browser of a vi
umm, this bug was already reported by Skylined:
http://securityreason.com/exploitalert/7731
And doesn't seem to look like it can lead to code execution.
ShareTronix - HTML Injection Vulnerability
Version Affected: 1.0.4 (newest)
Info:
Sharetronix Opensource is a multimedia microblogging platform.
It helps people in a community, company, or group to exchange short messages
over the Web.
Credits: MaXe from InterN0T (patched the vulnera
Wow, a *crash exploit*!!! Amazing!!! How on earth did you discover it!?!?
Berend-Jan Wever
http://skypher.com/SkyLined
On Tue, Jan 26, 2010 at 12:35 PM, wrote:
>
> #
> # Securitylab.ir
> ###
17 matches
Mail list logo