[SECURITY] [DSA 2464-1] icedove security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2464-1 secur...@debian.org http://www.debian.org/security/Moritz Muehlenhoff May 02, 2012

VMSA-2012-0009 VMware Workstation, Player, ESXi and ESX patches address critical security issues

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 --- VMware Security Advisory Advisory ID: VMSA-2012-0009 Synopsis:VMware Workstation, Player, ESXi and ESX patches address critical security issues

FreeBSD Security Advisory FreeBSD-SA-12:01.openssl

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 = FreeBSD-SA-12:01.opensslSecurity Advisory The FreeBSD Project Topic: O

Fortinet FortiWeb Web Application Firewall Policy Bypass

BINAR10 Report on Fortinet Fortiweb Findings 02/05/2012 - Fortinet FortiWeb Web Application Firewall Policy Bypass - 1) Affected Product Fabricant: Fortinet Product name: FortiWeb Version: Latest update to Tue, 2 May 2012 Type: Web A

Firefox security bug (proxy-bypass) in current Tor BBs

https://blog.torproject.org/blog/firefox-security-bug-proxy-bypass-current-tbbs "A user has discovered a severe security bug in Firefox related to websockets bypassing the SOCKS proxy DNS configuration. This means when connecting to a websocket service, your Firefox will query your local DNS res

LACSEC 2012 Agenda (May 6-11, 2012, Quito, Ecuador)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 LACSEC 2012 7th Network Security Event for Latin America and the Caribbean May 6-11, 2012, Quito, Ecuador http://lacnic.net/en/eventos/lacnicxvii/ LACNIC (http://www.lacnic.net) is the

Advisory: Android SQLite Journal Information Disclosure (CVE-2011-3901)

1 Background Android applications are executed in a sandbox environment, to ensure that no application can access sensitive information held by another, without adequate privileges. For example, The Browser application holds sensitive information such as cookies, cache and history, and

SQL Injection and other issues in Micro Technology Services, Inc. Lynx

1. Summary The Micro Technology Services Inc. "Lynx Message Server 7.11.10.2" and/or "LynxTCPService version 1.1.62" web interface is vulnerable to SQL Injection, Cross-Site Scripting, and other security problems. 2. Description Lynx is a "Facility wide Duress and Emergency Notification" system

[waraxe-2012-SA#088] - Reflected XSS in Joomla 2.5.4 admin sysinfo page

[waraxe-2012-SA#088] - Reflected XSS in Joomla 2.5.4 admin sysinfo page === Author: Janek Vind "waraxe" Date: 03. May 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-88.html CVE: http://cve.mitre.org/cgi-

[waraxe-2012-SA#087] - Reflected XSS in Joomla 1.5.26 "ja_purity" template

[waraxe-2012-SA#087] - Reflected XSS in Joomla 1.5.26 "ja_purity" template === Author: Janek Vind "waraxe" Date: 03. May 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-87.html CVE: http://cve.mitre.org/c