[security bulletin] HPSBUX03359 SSRT102094 rev.2 - HP-UX pppoec, local elevation of privilege

2015-10-05 Thread security-alert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04718530 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04718530 Version: 2 HPSBUX03359

[slackware-security] seamonkey (SSA:2015-274-03)

2015-10-05 Thread Slackware Security Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] seamonkey (SSA:2015-274-03) New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--+ patches/packa

[slackware-security] mozilla-thunderbird (SSA:2015-274-01)

2015-10-05 Thread Slackware Security Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2015-274-01) New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--+

[slackware-security] php (SSA:2015-274-02)

2015-10-05 Thread Slackware Security Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] php (SSA:2015-274-02) New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--+ patches/packages/php-5.4.

[security bulletin] HPSBST03418 rev.2 - HP P6000 Command View Software, Remote Disclosure of Information

2015-10-05 Thread security-alert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04779034 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04779034 Version: 2 HPSBST03418

FTGate 2009 Build 6.4.00 CSRF Vulnerabilities

2015-10-05 Thread apparitionsec
[+] Credits: hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/AS-FTGATE-2009-CSRF.txt Vendor: www.ftgate.com Product: FTGate 2009 SR3 May 13 2010 Build 6.4.00 V

CVE-2015-6237 - Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability

2015-10-05 Thread Specto
Document Title Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability Affected Products === Vendor: Tripwire Software/Appliance: IP360 VnE Vulnerability Manager Affected (verified) versions: v7.2.2 -> v7.2.5 CVE ==

[SYSS-2015-039] CSRF in OpenText Secure MFT

2015-10-05 Thread adrian . vollmer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Advisory ID: SYSS-2015-039 Product: Secure MFT Vendor: http://www.opentext.com Affected Version(s): 2013 R3, 2014 R1/R2, 2015 R1 Tested Version(s): 2014 R2 SP4 Vulnerability Type: Cross-Site Request Forgery (CWE-352) Risk Level: Medium Solution Statu

[ZDI-15-396] ManageEngine ServiceDesk Plus remote code execution

2015-10-05 Thread Pedro Ribeiro
Hi, Yet another RCE bug in ManageEngine ServiceDesk. This was disclosed by ZDI under ID ZDI-15-396 on August 20th, and fixed in version 9103 [1]. Details below, full advisory can be obtained from my repo at [E2]. A Metasploit module that exploits this vulnerability has been submitted upstream in

Qualys Security Advisory - OpenSMTPD Audit Report

2015-10-05 Thread Qualys Security Advisory
(Sorry for the "CVE-2015-ABCD" place-holders in the report, but OpenSMTPD's developers were ready with the patches before MITRE was ready with the CVE-IDs.) Qualys Security Advisory OpenSMTPD Audit Report Contents ===

FreeBSD Security Advisory FreeBSD-SA-15:24.rpcbind [REVISED]

2015-10-05 Thread FreeBSD Security Advisories
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 = FreeBSD-SA-15:24.rpcbindSecurity Advisory The FreeBSD Project Topic:

ZTE GPON F427 and possibly F460/F600 - authorization bypass and cleartext password storage

2015-10-05 Thread jerzy . patraszewski
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Title: ZTE GPON F427 and possibly F460/F600 - authorization bypass and cleartext password storage Author: Jerzy Patraszewski Date: 10 July 2015 Affected software : === ZTE GPON: F427 Version:V3.0 Firmwar

Correction: BMC-2015-0005: File inclusion vulnerability caused by misconfiguration of "BIRT Viewer" servlet as used in BMC Remedy AR Reporting

2015-10-05 Thread appsec
Errata: This is a correction of our previous disclosure email from September 23rd, 2015. Our previous posting implied that the security vulnerability we discovered was in the "BIRT Viewer" servlet itself. This is NOT the case, but rather the vulnerability is in how the "BIRT Viewer" was configure

Correction: BMC-2015-0006: File inclusion vulnerability caused by misconfiguration of "BIRT Engine" servlet as used in BMC Remedy AR Reporting

2015-10-05 Thread appsec
Errata: This is a correction of our previous disclosure email from September 23rd, 2015. Our previous posting implied that the security vulnerability we discovered was in the "BIRT Engine" servlet itself. This is NOT the case, but rather the vulnerability is in how the "BIRT Engine" was configure

Reflected Cross-Site Scripting (XSS) in SourceBans

2015-10-05 Thread High-Tech Bridge Security Research
Advisory ID: HTB23273 Product: SourceBans Vendor: Sourcebans team Vulnerable Version(s): 1.4.11 and probably prior Tested Version: 1.4.11 Advisory Publication: October 2, 2015 [without technical details] Vendor Notification: October 2, 2015 Public Disclosure: October 23, 2015 Vulnerability Type

Multiple Reflected XSS in Payment Form for PayPal Pro version 1.0.1 WordPress plugin

2015-10-05 Thread ibemed
Vulnerability title: Multiple Reflected XSS in Payment Form for PayPal Pro version 1.0.1 WordPress plugin CVE: CVE-2015-7666 Vendor: WordPress DWBooster Product: Payment Form for PayPal Pro Affected version: 1.0.1 Fixed version: 1.0.2 Reported by: Ibéria Medeiros Vulnerability Details: ==

Multiple Reflected XSS in ResAds version 1.0.1 WordPress plugin

2015-10-05 Thread ibemed
Vulnerability title: Multiple Reflected XSS in ResAds version 1.0.1 WordPress plugin CVE: CVE-2015-7667 Vendor: WordPress web-mv Product: ResAds Affected version: 1.0.1 Fixed version: 1.0.2 Reported by: Ibéria Medeiros Vulnerability Details: = It was discovered that no protect

A Reflected XSS in Easy2Map version 1.2.9 WordPress plugin

2015-10-05 Thread ibemed
Vulnerability title: A Reflected XSS in Easy2Map version 1.2.9 WordPress plugin CVE: CVE-2015-7668 Vendor: Steven Ellis Product: Easy2Map Affected version: 1.2.9 Fixed version: 1.3.0 Reported by: Ibéria Medeiros Vulnerability Details: = It was discovered that no protection agai

Multiple Path/Directory Traversal and/or Local File Inclusion in Easy2Map version 1.2.9 WordPress plugin

2015-10-05 Thread ibemed
Vulnerability title: Multiple Path/Directory Traversal and/or Local File Inclusion in Easy2Map version 1.2.9 WordPress plugin CVE: CVE-2015-7669 Vendor: Steven Ellis Product: Easy2Map Affected version: 1.2.9 Fixed version: 1.3.0 Reported by: Ibéria Medeiros Vulnerability Details:

LanSpy 2.0.0.155 Buffer Overflow

2015-10-05 Thread apparitionsec
[+] Credits: hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/AS-LANSPY-BUFFER-OVERFLOW-10052015.txt Vendor: www.lantricks.com Product: LanSpy.exe LanSpy is network se