MiniDLNA prior to v1.1.0 (http://sourceforge.net/projects/minidlna/)
is prone to a variety of issues which could be used to take control of
a host running this software.
CVE-2013-2738 and CVE-2013-2745 are SQL injection issues.
CVE-2013-2739 has been assigned for a heap-based buffer overflow
McAfee has released a Knowledgebase Article (KB) to address the issues reported
by a NATO pen test.
https://kc.mcafee.com/corporate/index?page=contentid=KB78824
Both SQL Injection vulnerabilities were identified on May 10th, 2013 and
patched as specified in SB10043. McAfee's internal testing
Title:
==
Nikon CoolPix L Series Fw1.0 - Information Disclosure Issue
Date:
=
2013-07-16
References:
===
http://www.vulnerability-lab.com/get_content.php?id=1014
VL-ID:
=
1014
Common Vulnerability Scoring System:
3.5
Introduction:
Title:
==
FTP Sprite v1.2.1 iOS - Persistent Web Vulnerability
Date:
=
2013-07-12
References:
===
http://www.vulnerability-lab.com/get_content.php?id=1007
VL-ID:
=
1007
Common Vulnerability Scoring System:
3.7
Introduction:
Title:
==
Barracuda CudaTel 2.6.02.040 - Client Side Cross Site Scripting Vulnerability
Date:
=
2013-07-15
References:
===
http://www.vulnerability-lab.com/get_content.php?id=776
BARRACUDA NETWORK SECURITY ID: BNSEC-807
VL-ID:
=
776
Common Vulnerability Scoring System:
Title:
==
Dell Kace 1000 SMA v5.4.70402 - Persistent Vulnerabilities
Date:
=
2013-07-16
References:
===
http://www.vulnerability-lab.com/get_content.php?id=833
VL-ID:
=
833
Common Vulnerability Scoring System:
3.5
Introduction:
Title:
==
Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities
Date:
=
2013-07-13
References:
===
http://www.vulnerability-lab.com/get_content.php?id=1009
VL-ID:
=
1009
Common Vulnerability Scoring System:
5.6
Introduction:
Hey guys,
Related to this I´ve found a proof of concept test script:
php -r 'xml_parse_into_struct(xml_
parser_create_ns(), str_repeat(blah, 1000), $b);'
Gabe
twitter: @gmaggiotti
On Mon, Jul 15, 2013 at 3:41 AM, secur...@mandriva.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi list,
I would like to inform you that the details of the vulnerability in
built-in system app of Samsung Galaxy S3/S4 (assigned as CVE-2013-4763
and CVE-2013-4764) are now disclosed to public.
In Samsung Galaxy S3/S4, a pre-loaded app, i.e.,
sCloudBackupProvider.apk, is used to provide backup
Author: Michal Blaszczak
Website: http://blaszczakm.blogspot.com
Project: hack voip - http://blaszczakm.blogspot.com/search/label/hack%20voip
Date: 16.07.2013
Voice Logger - VoIP software for Call Center
1) bypass login
login: admin' or 1='1
password: admin
line: 168 file:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03747342
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03747342
Version: 2
HPSBMU02870
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03788014
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03788014
Version: 1
HPSBGN02882
12 matches
Mail list logo