-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
---
VMware Security Advisory
Advisory ID: VMSA-2012-0005
Synopsis: VMware vCenter Server, Orchestrator, Update Manager,
vShield,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2012:031
http://www.mandriva.com/security/
This seems to be same issue as http://secunia.com/advisories/38699/ /
http://osvdb.org/show/osvdb/62558
I created item about this case to their sf issue tracker:
https://sourceforge.net/tracker/?func=detailaid=3507681group_id=148518atid=771904
- Henri Salo
On Thu, Mar 15, 2012 at 05:31:41PM
We have discovered that the wipe function on Android does not reliably
delete data on all devices. On a Nexus S running Android 2.3.6, we were
able to recover user data after running a wipe both using the factory
data reset from the menu and by wiping the device from recovery.
To recover data,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03102449
Version: 5
HPSBPI02728 SSRT100692 rev.5 - Certain HP Printers and HP Digital Senders,
Remote Firmware Update Enabled by Default
NOTICE: The information in this Security Bulletin
Title: at32 Reverse Proxy - Multiple HTTP Header Field Denial Of Service
Vulnerability
Product : at32 Reverse Proxy
Version : v1.060.310
Vendor: http://www.at32.com/doc/rproxy.htm
Class: Boundary Condition Error
CVE:
Remote: Yes
Local: No
Published: 2012-03-14
Updated:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ESA-2012-014: RSA enVision Multiple Vulnerabilities
EMC Identifier:ESA-2012-014
CVE Identifiers: CVE-2012-0399, CVE-2012-0400, CVE-2012-0401,
CVE-2012-0402, CVE-2012-0403
Severity Rating: CVSS Base Score: See below for scores for
Dell Webcam Software Bundled ActiveX Control CrazyTalk4Native.dll
sprintf Remote Buffer Overflow Vulnerability
Tested against: Microsoft Windows Vista SP2
Microsoft Windows XP SP3
Microsoft Windows 2003 R2 SP2
Internet Explorer 7/8/9
download url
The other possible exploit is that I work for company X. After being fired from
company X I setup a second rogue network and have people connect to it. Thus
giving me the option to steal passwords or present false information via a fake
intranet site or whatever. Since I worked there I already
Isn't this just roaming? If the two APs have the same SSID and
authentication, then they're one ESSID and the BSSIDs are irrelevant.
And if iOS and Win don't move between APs, how can they exist in
multi-ap environments?
From: Security Mailing List [s3cl...@hotmail.com]
Sent: Monday, March
There is an EVIL bug in at least the Linux (2.2.35-8) Tor Browser Bundle
start-tor-browser script. It will log things like domain names to a file in the
root of the browser bundle.
https://trac.torproject.org/projects/tor/ticket/5417
Ticket #5417 (new defect)
RelativeLink.sh in Tor browser
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet
Unauthenticated
Remote Directory Traversal Vulnerability
product homepage: http://www.manageengine.com/products/device-expert/
file tested: ManageEngine_DeviceExpert.exe
tested against: Microsoft Windows Server 2003 r2 sp2
VUPEN Security Research - Adobe Flash Player Matrix3D Remote Memory
Corruption (APSB12-05 / CVE-2012-0768)
Website : http://www.vupen.com/english/research.php
Twitter : http://twitter.com/vupen
I. BACKGROUND
-
Adobe Flash Player is a cross-platform browser-based
Multiple file-parsing vulnerabilities leading to evasion in different
antivirus(AV) products. All
affected products are command-line versions of
the AVs.
Vulnerability Descriptions
1. Specially crafted infected POSIX TAR files with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ADVISORY NUMBER 031912
Advisory # 1:
TITLE
OS Command Injection Vulnerability in Aruba Remote Access Point
Diagnostic Web Interface.
SUMMARY
An OS command injection vulnerability has been discovered in the Aruba
Remote Access Point's Diagnostic
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2436-1 secur...@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
March 19, 2012
On 02/27/2012 02:39 PM, Henri Salo wrote:
On Mon, Feb 27, 2012 at 09:31:52AM -0700, Kurt Seifried wrote:
If you make a list of issues (e.g. XSS, CSRF, etc) with the code
examples I can assign the various blocks of issues CVEs.
1. ./administration/install.php opens ../functions/db_connect.php
17 matches
Mail list logo