Title: /tmp race condition in IBM Installation Manager V1.8.1 install script
Author: Larry W. Cashdollar, @_larry0
Date: 2015-10-29
Download Site: http://www-03.ibm.com/software/products/en/appserv-wasfordev
Vendor: IBM
Vendor Notified: -00-00
Vendor Contact:
Description: IBM Installation
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3208-2 secur...@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
November 14, 2015
[+] Credits: hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/AS-CFIMAGEHOST-XSS.txt
Vendor:
codefuture.co.uk/projects/imagehost
Product:
===
CF Image Host 1.65 -
[+] Credits: hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/AS-CFIMAGEHOST-PHP-CMD-INJECTION.txt
Vendor:
codefuture.co.uk/projects/imagehost
Product:
===
CF Image
## Advisory Information
Title: SSDP command injection using UDP for a lot of Dlink routers including
DIR-815, DIR-850L
Vendors contacted: William Brown (Dlink)
Release mode: Released
CVE: None
Note: All these security issues have been discussed with the vendor and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] seamonkey (SSA:2015-318-01)
New seamonkey packages are available for Slackware 14.1 and -current to
fix security issues.
Here are the details from the Slackware 14.1 ChangeLog:
+--+
## Full Disclosure
#Exploit Title : PHP Address Book SQL Injection Vulnerability
#Exploit Author : Rahul Pratap Singh
#Date : 14/Nov/2015
#Home Page Link : http://sourceforge.net/projects/php-addressbook/
#Blog Url : 0x62626262.wordpress.com
#Linkedin
[+] Credits: hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/AS-CFIMAGEHOST-CSRF.txt
Vendor:
codefuture.co.uk/projects/imagehost
Product:
===
CF Image Host 1.65 -
## Advisory Information
Title: DIR-866L Buffer overflows in HNAP and send email functionalities
Vendors contacted: William Brown , Patrick Cline
patrick.cl...@dlink.com(Dlink)
CVE: None
Note: All these security issues have been discussed with the vendor and vendor
Title:
D-link wireless router DIR-816L Cross-Site Request Forgery (CSRF)
vulnerability
Credit:
==
Name: Bhadresh Patel
Company/affiliation: HelpAG
Website: www.helpag.com
CVE:
=
CVE-2015-5999
Date:
10-11-2015 (dd/mm/)
Vendor:
==
D-Link is a computer
10 matches
Mail list logo