ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities EMC Identifier: ESA-2013-002 CVE Identifier: CVE-2012-2293, CVE-2012-2292, CVE-2012-1064, CVE-2012-2294 Severity Rating: See below for scores for individual issues Affected Products:

[HITB-Announce] #HITB2013AMS FINAL CALL for Paper Submissions

Hi everyone - This is the FINAL CALL for paper submissions for the 4th annual HITB Security Conference in Amsterdam, #HITB2013AMS. We're looking for talks that are highly technical, but most importantly, material which is new and cutting edge. Submissions are due BEFORE 8th Feb 23:59 CET HITB

Oracle Automated Service Manager 1.3 Auto Service Request 4.3 local root during install

Oracle Automated Service Manager 1.3 local root during install Larry W. Cashdollar 1/29/2013 @_larry0 SUNWsasm-1.3.1-20110815093723 https://updates.oracle.com/Orion/Services/download?type=readmearu=15864534 From the README: Oracle Automated Service Manager 1.3.1 Oracle Automated Service

FreeBSD 9.1 ftpd Remote Denial of Service

FreeBSD 9.1 ftpd Remote Denial of Service Maksymilian Arciemowicz http://cxsecurity.org/ http://cxsec.org/ Public Date: 01.02.2013 URL: http://cxsecurity.com/issue/WLB-2013020003 Affected servers: - ftp.uk.freebsd.org, - ftp.ua.freebsd.org, - ftp5.freebsd.org, - ftp5.us.freebsd.org, -

[ MDVSA-2013:006 ] freetype2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:006 http://www.mandriva.com/security/

[security bulletin] HPSBMU02842 SSRT100909 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 UPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03652323 Version: 1 HPSBMU02842 SSRT100909 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) NOTICE: The information in this

DC++ 0.802 and below incorrectly registers URI schemes in Windows

DC++ 0.802 and below incorrectly registers URI schemes in Windows Background DC++ [1] is a chat and file sharing application for the Direct Connect [2] network. DC++ registers three URI schemes in Microsoft Windows; dchub, adc and magnet. Microsoft outlines the approach in 'Registering an

APPLE-SA-2013-02-01-1 Java for Mac OS X v10.6 Update 12

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 APPLE-SA-2013-02-01-1 Java for Mac OS X v10.6 Update 12 Java for Mac OS X v10.6 Update 12 is now available and addresses the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Multiple vulnerabilities in Java 1.6.0_37

[SECURITY] [DSA 2614-1] libupnp security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-2614-1 secur...@debian.org http://www.debian.org/security/ Yves-Alexis Perez February 01, 2013

[SECURITY] [DSA 2615-1] libupnp4 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-2615-1 secur...@debian.org http://www.debian.org/security/ Yves-Alexis Perez February 01, 2013

[SECURITY] [DSA 2617-1] samba security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2617-1 secur...@debian.org http://www.debian.org/security/ Luciano Bello February 02, 2013

[SECURITY] [DSA 2616-1] nagios3 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2616-1 secur...@debian.org http://www.debian.org/security/Jonathan Wiltshire February 03, 2013

Directory Traversal - EasyITSP = 2.0.7

Directory Traversal - EasyITSP = 2.0.7 EasyITSP - Telephone System VoIP http://blaszczakm.blogspot.com Michal Blaszczak Search/Read/Delete filetype *.txt Search/Play/Delete filetype *.wav - Voicemail file: voicemail.php line: 220 foreach (glob($vmdir/$_SESSION[phone]/$vmfolder/*.txt) as

NGS00336 Patch Notification: Symantec Network Access Control Privilege Escalation

Medium Risk Vulnerability in Symantec Network Access Control 04 February 2013 Gavin Jones of NCC Group has discovered a Medium risk vulnerability in Symantec Endpoint Protection Version 12.1.1000.157.105 Impact: Privilege escalation Versions affected: Symantec Network Access Control v12.1

NGS00315 Patch Notification: Symantec Enterprise Security Management Agent Privilege Escalation

Medium Risk Vulnerability in Symantec Enterprise Security Management 04 February 2013 Gavin Jones of NCC Group has discovered a Medium risk vulnerability in Symantec Enterprise Security Management 9.0.1 Agent (version 9.0.1153.20001) Impact: Privilege escalation Versions affected: Symantec

[SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU

Hello All, Below, we are providing you with technical details regarding security issues reported by us to Oracle and addressed by the company in a recent Feb 2013 Java SE CPU [1]. [Issue 29] This issue allows for the creation of arbitrary Proxy objects for interfaces defined in restricted

[IMF 2013] Call for Participation

Dear all, please find enclosed the call for participation for IMF 2013. See the program at: http://www.imf-conference.org/imf2013/program.html The conference will take place from Tuesday, March 12th through Thursday, March 14th in Nuremberg, Germany. Registration Details can be found at:

Multiple Vulnerabilities in D'Link DIR-600 and DIR-300 (rev B)

Device Name: DIR-600 / DIR 300 - HW rev B1 Vendor: D-Link Vulnerable Firmware Releases - DIR-300: Firmware Version : 2.12 - 18.01.2012 Firmware Version : 2.13 - 07.11.2012 Vulnerable Firmware Releases - DIR-600: Firmware-Version : 2.12b02 -

0day full - Free Monthly Websites v2.0 - Multiple Web Vulnerabilities

Title: == Free Monthly Websites v2.0 - Multiple Web Vulnerabilities Date: = 2013-02-04 References: === http://www.vulnerability-lab.com/get_content.php?id=851 VL-ID: = 851 Common Vulnerability Scoring System: 8.5 Introduction: