software updates that address this vulnerability.
Workarounds that mitigate this vulnerability are available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-tftp
-BEGIN PGP SIGNATURE-
Comment: GPGTools
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password
Change Vulnerability
Advisory ID: cisco-sa-20150722-mp
Revision 1.0
For Public Release 2015 July 22 16:00 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Cisco Security Advisory: Cisco Application Policy Infrastructure Controller
Access Control Vulnerability
Advisory ID: cisco-sa-20150722-apic
Revision 1.0
For Public Release 2015 July 22 16:00 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ESA-2015-118: EMC Avamar Directory Traversal Vulnerability
EMC Identifier: ESA-2015-118
CVE Identifier: CVE-2015-4527
Severity Rating: CVSS v2 Base Score: 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)
Affected products:
EMC Avamar Server all version
See also: http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt
-
modzero Security Advisory:
Multiple Vulnerabilities in Xceedium Xsuite [MZ-15-02]
-
Advisory ID: HTB23264
Product: Paid Memberships Pro WordPress plugin
Vendor: Stranger Studios
Vulnerable Version(s): 1.8.4.2 and probably prior
Tested Version: 1.8.4.2
Advisory Publication: July 1, 2015 [without technical details]
Vendor Notification: July 1, 2015
Vendor Patch: July 8, 2015
Pu
Advisory ID: HTB23267
Product: Count Per Day WordPress plugin
Vendor: Tom Braider
Vulnerable Version(s): 3.4 and probably prior
Tested Version: 3.4
Advisory Publication: July 1, 2015 [without technical details]
Vendor Notification: July 1, 2015
Vendor Patch: July 1, 2015
Public Disclosure: Jul
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3312-1 secur...@debian.org
https://www.debian.org/security/ Alessandro Ghedini
July 22, 2015
# Vulnerability type: SQL Injection
# Vendor: http://www.netcracker.com/
# Product: NetCracker Resource Management System
# Affected version: =< 8.0
# Patched version: 8.2
# Credit: Foo Jong Meng, Chia Junyuan, Benjamin Tan
# CVE ID: CVE-2015-3423
# PROOF OF CONCEPT (SQLi)
SQL Injection (SQLi) vu
# Vulnerability type: Cross-site Scripting
# Vendor: http://www.netcracker.com/
# Product: NetCracker Resource Management System
# Affected version: =< 8.0
# Patched version: 8.2
# Credit: Foo Jong Meng, Chia Junyuan, Benjamin Tan
# CVE ID: CVE-2015-2207
# PROOF OF CONCEPT (XSS)
Cross-site scrip
[+] Credits: John Page ( hyp3rlinx )
[+] Domains: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/AS-OPENWEBANALYTICS0721.txt
Vendor:
www.openwebanalytics.com
Product:
Open-Web-Analytics-1.5.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
=
FreeBSD-SA-15:13.tcpSecurity Advisory
The FreeBSD Project
Topic:
Summary:
Logstash 1.5.2 and prior versions are vulnerable to a SSL/TLS security issue
called the FREAK attack. If you are using the Lumberjack input, FREAK allows an
attacker to successfully implement a man in the middle attack, intercepting
communication between the Logstash Forwarder agent an
13 matches
Mail list logo