[security bulletin] HPSBUX02928 SSRT101274 rev.1 - HP-UX running perl, Remote Denial of Service (DoS)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03924247 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03924247 Version: 1 HPSBUX02928 S

[ MDVSA-2013:230 ] gdm

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:230 http://www.mandriva.com/en/support/security/ __

OWASP Zed Attack Proxy 2.2.0

Hi folks, ZAP 2.2.0 is now available from http://code.google.com/p/zaproxy/downloads/list This includes support for scripts embedded in ZAP components like the active and passive scanners as well as support for Zest - a new security focused scripting language from the Mozilla security team. It al

[SECURITY] [DSA 2755-1] python-django security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-2755-1 secur...@debian.org http://www.debian.org/security/ Salvatore Bonaccorso September 11, 2013

ProFTPd mod_sftp/mod_sftp_pam invalid pool allocation in kbdint authentication

Hi there! See my blog post about the mentioned vulnerability. http://kingcope.wordpress.com/2013/09/11/proftpd-mod_sftpmod_sftp_pam-invalid-pool-allocation-in-kbdint-authentication/ Cheers, Kingcope

Cross-Site Scripting (XSS) in WikkaWiki

Advisory ID: HTB23170 Product: WikkaWiki Vendor: Wikka Development Team Vulnerable Version(s): 1.3.4 and probably prior Tested Version: 1.3.4 Vendor Notification: August 21, 2013 Vendor Patch: August 31, 2013 Public Disclosure: September 11, 2013 Vulnerability Type: Cross-Site Scripting [CWE-79]

Insecure CHIASMUS encryption in GSTOOL

== Insecure CHIASMUS encryption in GSTOOL == GSTOOL versions 3.0 to 4.7 (inclusive) contain an insecure encryption feature using the non-public CHIASMUS block cipher. Due to the use of an insecure PRNG for key generation, files encrypted using the encryption feature of this tool can be decrypted wi

Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Web Vulnerability

Title: == Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Web Vulnerability Date: = 2013-09-11 References: === http://www.vulnerability-lab.com/get_content.php?id=812 Security Bulletin: MS13-067 http://technet.microsoft.com/de-de/security/bulletin/MS13-067

[SECURITY] [DSA 2754-1] exactimage security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2754-1 secur...@debian.org http://www.debian.org/security/ Raphael Geissert September 10, 2013

[security bulletin] HPSBUX02926 SSRT101281 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03922396 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03922396 Version: 1 HPSBUX02926 S

Synology DSM multiple vulnerabilities

** Title: Synology DSM multiple vulnerabilities Version affected: <= 4.3-3776 Vendor: Synology Discovered by: Andrea Fabrizi Email: andrea.fabr...@gmail.com Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched ***

Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities

Title: == Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities Date: = 2013-08-30 References: === http://www.vulnerability-lab.com/get_content.php?id=1062 VL-ID: = 1063 Common Vulnerability Scoring System: 8.8 Introducti

eTransfer Lite v1.0 iOS - Persistent Filename Vulnerability

Title: == eTransfer Lite v1.0 iOS - Persistent Filename Vulnerability Date: = 2013-08-31 References: === http://www.vulnerability-lab.com/get_content.php?id=1064 VL-ID: = 1064 Common Vulnerability Scoring System: 3.8 Introduction: =