(CVE-2013-1059) Linux Kernel libceph Null Pointer Dereference Vulnerability

Original URL: http://hkpco.kr/advisory/CVE-2013-1059.txt Linux Kernel libceph Null Pointer Dereference Vulnerability (CVE-2013-1059) Author - Chanam Park (@hkpco) Website - http://hkpco.kr/ Date - 2013. 07. 06 0. Introduction This is very brief advisory just to record the

[security bulletin] HPSBST02896 rev.1 - HP StoreVirtual Storage, Remote Unauthorized Access

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03825537 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03825537 Version: 1 HPSBST02896

Re: Project Pier Web Vulnerabilities

Mitre has assigned the following CVE's for these issues in Project Pier: XSS: CVE-2013-3635 Session cookies lack HttpOnly flag: CVE-2013-3636 Session cookies lack Secure flag: CVE-2013-3637 On Tue, May 21, 2013 at 9:26 PM, the infinitenigma theinfiniteni...@gmail.com wrote: Summary

Re: Cisco/Linksys E1200 N300 Reflected XSS

Mitre has assigned the following CVE for this issue: CVE-2013-2679 On Mon, Apr 29, 2013 at 12:27 AM, Carl Benedict theinfiniteni...@gmail.com wrote: Summary Software : Cisco/Linksys Router OS Hardware : E1200 N300 (others currently untested) Version : 2.0.04 (others

[slackware-security] dbus (SSA:2013-191-01)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] dbus (SSA:2013-191-01) New dbus packages are available for Slackware 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: +--+

VULNERABLE (3rd party) components in Adobe Reader 11.0.03, and dangling reference to Acrobat.exe

Hi @ll, the current Adobe Reader 11.0.03 installs the following VULNERABLE (3rd party) components: 1. Adobe Flash Player Plugin 11.5.502.110 | X:\filever.exe /S %ProgramFiles%\Adobe\npswf*.dll |x:\program files\adobe\reader 11.0\reader\npswf*.dll | --a-- W32i DLL ENU11.5.502.110

[Foreground Security 2013-001]: Joomla AICONTACTSAFE 2.0.19 Extension Cross-Site Scripting (XSS) vulnerability

Joomla AICONTACTSAFE 2.0.19 Extension Cross-Site Scripting (XSS) vulnerability FOREGROUND SECURITY, SECURITY ADVISORY 2013-001 - Original release date: July 10, 2013 - Discovered by: Adam Willard (Software Security Analyst at Foreground

Air Drive Plus v2.4 iOS - Arbitrary File Upload Vulnerability

Title: == Air Drive Plus v2.4 iOS - Arbitrary File Upload Vulnerability Date: = 2013-07-09 References: === http://www.vulnerability-lab.com/get_content.php?id=1000 VL-ID: = 1000 Common Vulnerability Scoring System: 6.7