Defense in depth -- the Microsoft way (part 56): 10+ year old security update installers are susceptiblle to 20+ year old vulnerability

2018-07-19 Thread Stefan Kanthak
Hi @ll, Microsoft released "Description of the security update for the remote code execution vulnerability in Visual Studio 2010 Service Pack 1: July 10, 2018" some days ago. The executable installer VS10SP1-KB4336919-x86.exe offered for downloa

[SECURITY] [DSA 4251-1] vlc security update

2018-07-19 Thread Moritz Muehlenhoff
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4251-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 18, 2018

GhostMail - (Status Message) Persistent Web Vulnerability

2018-07-19 Thread Vulnerability Lab
Document Title: === GhostMail - (Status Message) Persistent Web Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1470 Release Date: = 2018-06-27 Vulnerability Laboratory ID (VL-ID):

Barracuda Cloud Control v3.020 - CS Cross Site Vulnerability

2018-07-19 Thread Vulnerability Lab
Document Title: === Barracuda Cloud Control v3.020 - CS Cross Site Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=662 Release Date: = 2018-07-18 Vulnerability Laboratory ID (VL-ID): ==

GhostMail - (filename to link) POST Inject Web Vulnerability

2018-07-19 Thread Vulnerability Lab
Document Title: === GhostMail - (filename to link) POST Inject Web Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1471 Release Date: = 2018-06-26 Vulnerability Laboratory ID (VL-ID): =

Binance v1.5.0 - Insecure File Permission Vulnerability

2018-07-19 Thread Vulnerability Lab
Document Title: === Binance v1.5.0 - Insecure File Permission Vulnerability References (Source): https://www.vulnerability-lab.com/get_content.php?id=2135 Release Date: = 2018-07-17 Vulnerability Laboratory ID (VL-ID): =

[SECURITY] [DSA 4252-1] znc security update

2018-07-19 Thread Moritz Muehlenhoff
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4252-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 18, 2018

[slackware-security] httpd (SSA:2018-199-01)

2018-07-19 Thread Slackware Security Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] httpd (SSA:2018-199-01) New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--+ patches/packag