-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
*Title*
Libsrtp srtp_protect/hmac_compute buffer overflow
*Affected products*
- - libsrtp (https://github.com/cisco/libsrtp) all versions
*Description*
Libsrtp is the Cisco Systems, Inc. reference implementation of the
Secure Real-time
=
INTERNET SECURITY AUDITORS ALERT 2013-009
- Original release date: March 15th, 2013
- Last revised: June 4th, 2013
- Discovered by: Manuel Garcia Cardenas
- Severity: 4,8/10 (CVSS Base Score)
- CVE-ID: CVE-2013-2621,
CVE-2013-2623,
*Known Affected Versions: *R5_0_31 (Created March 1st, 2007)
*Date Discovered: *November 13, 2012
Obviously not anything new to get sensitive data out via the VxWorks remote
debugger, but this seemed to warrant specific attention since it did allow
for the disclosure of call logs and full access
As of recently this security hole has been silently fixed.
From: Peter Lustlos peter.lustlo...@yahoo.com
To: full-disclosure@lists.grok.org.uk
Sent: Monday, December 10, 2012 2:57 PM
Subject: Any.Do sends passwords in plaintext
Any.Do transmits Passwords
Not following php sploits lately.
Someone send me this github search:
https://github.com/search?p=3q=extension%3Aphp+mysql_query+%24_GETref=searchresultstype=Code
We've found 76,144 code results
--
spam
___
Full-Disclosure - We believe in it.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
*Title*
Libsrtp srtp_protect/hmac_compute buffer overflow
*Affected products*
- - libsrtp (https://github.com/cisco/libsrtp) all versions
*Description*
Libsrtp is the Cisco Systems, Inc. reference implementation of the
Secure Real-time
Hello list!
These are Insufficient Authorization and Arbitrary File Uploading
vulnerabilities in aCMS. This is commercial CMS. There are multiple
vulnerabilities in aCMS and it's the second part of them.
-
Affected products:
-
Vulnerable are aCMS
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/
Mac OSX Server DirectoryService buffer overflow
1. *Advisory Information*
Title: Mac OSX Server DirectoryService buffer overflow
Advisory ID: CORE-2013-0103
Advisory URL: