[Announce] Apache HTTP Server 2.2.22 Released

Apache HTTP Server 2.2.22 Released The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the release of version 2.2.22 of the Apache HTTP Server ("Apache"). This version of Apache is principally a security and bug fix release,

802.1X password exploit on many HTC Android devices

February 1, 2012 Subject 802.1X password exploit on many HTC Android devices -

Security advisory for Bugzilla 4.2rc2, 4.0.4, 3.6.8 and 3.4.14

Summary === Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: * When a user creates a new account, Bugzilla doesn't correctly reject email addresses containing non-ASCII characters, which

Multiple vulnerabilities in OpenEMR

Advisory ID: HTB23069 Product: OpenEMR Vendor: OEMR Vulnerable Version: 4.1.0 and probably prior Tested Version: 4.1.0 Vendor Notification: 11 January 2012 Vendor Patch: 29 January 2012 Public Disclosure: 01 February 2012 Vulnerability Type: Local File Inclusion, Arbitrary Command Execution Solu

ESA-2012-009: EMC Documentum Content Server privilege elevation vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ESA-2012-009: EMC Documentum Content Server privilege elevation vulnerability. EMC Identifier: ESA-2012-009 EMC Identifier: CS-16072 EMC Identifier: CS-16073 CVE Identifier: CVE-2011-4144 Severity Rating: CVSS v2 Base Score: 6.8 (AV:L/AC:L/Au:

XSS phpLDAPadmin: 1.2.0.5 (Debian package) and 1.2.2 (sourceforge)

Attach some PoC analysis related to a XSS vulnerability to phpldapadmin. I previously coordinate with the Cert-US in order they contact with Sourceforge and Debian, but receive they was unable to put in contact with them. The first discover was on January 10 for 1.1.6 version, where after notice