[Full-disclosure] [Security-news] SA-CONTRIB-2013-085 - Feed Element Mapper - Cross Site Scripting

View online: https://drupal.org/node/2124279 * Advisory ID: DRUPAL-SA-CONTRIB-2013-085 * Project: Feed Element Mapper [1] (third-party module) * Version: 6.x * Date: 2013-October-30 * Security risk: Less critical [2] * Exploitable from: Remote * Vulnerability: Cross Site Scripting

[Full-disclosure] [Security-news] SA-CONTRIB-2013-083 - Quiz - Access Bypass

View online: https://drupal.org/node/2123995 * Advisory ID: DRUPAL-SA-CONTRIB-2013-083 * Project: Quiz [1] (third-party module) * Version: 6.x * Date: 2013-October-30 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Access bypass, Information

[Full-disclosure] [Security-news] SA-CONTRIB-2013-084 - FileField Sources - Access Bypass

View online: https://drupal.org/node/2124241 * Advisory ID: DRUPAL-SA-CONTRIB-2013-084 * Project: FileField Sources [1] (third-party module) * Version: 6.x, 7.x * Date: 2013-Oct-30 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Access bypass

[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers Advisory ID: cisco-sa-20131030-asr1000 Revision 1.0 For Public Release 2013 October 30 16:00 UTC (GMT

[Full-disclosure] [ MDVSA-2013:263 ] roundcubemail

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:263 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:262 ] python-pycrypto

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:262 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:261 ] dropbear

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:261 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:260 ] x11-server

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:260 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:259 ] x11-server

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:259 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:258 ] icu

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:258 http://www.mandriva.com/en/support/security

[Full-disclosure] [ISecAuditors Security Advisories] XSS vulnerability in LinkedIn

= INTERNET SECURITY AUDITORS ALERT 2013-003 - Original release date: March 3rd, 2013 - Last revised: March 10th, 2013 - Discovered by: Vicente Aguilera Diaz - Severity: 4.3/10 (CVSSv2 Base Score) = I

[Full-disclosure] [ISecAuditors Security Advisories] HTTP Response Splitting Vulnerability in WebCollab <= v3.30

= INTERNET SECURITY AUDITORS ALERT 2013-011 - Original release date: March 21st, 2013 - Last revised: March 21st, 2013 - Discovered by: Manuel García Cárdenas - Severity: 5/10 (CVSS Base Score) - CVE-ID: CVE-2013-2652

[Full-disclosure] [Security-news] SA-CONTRIB-2013-082 - Bean - Cross Site Scripting (XSS)

View online: https://drupal.org/node/2118873 * Advisory ID: DRUPAL-SA-CONTRIB-2013-082 * Project: Bean [1] (third-party module) * Version: 7.x * Date: 2013-10-23 * Security risk: Highly critical [2] * Exploitable from: Remote * Vulnerability: Cross Site Scripting

[Full-disclosure] [Security-news] SA-CONTRIB-2013-081 - Spaces - Access bypass

View online: https://drupal.org/node/2118717 * Advisory ID: DRUPAL-SA-CONTRIB-2013-081 * Project: Spaces [1] (third-party module) * Version: 6.x * Date: 2013-10-23 * Security risk: Less critical [2] * Exploitable from: Remote * Vulnerability: Access bypass DESCRIPTION

[Full-disclosure] Cisco Security Advisory: Cisco IOS XR Software Route Processor Denial of Service Vulnerability

ed the SMU for CSCtz62593 are not affected by this vulnerability. Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-iosxr -BEGIN PGP

[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Identity Services Engine

vulnerabilities are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-ise Note: Cisco ISE Software is also affected by the Apache Struts Command Execution Vulnerability described in a separate Cisco

[Full-disclosure] Cisco Security Advisory: Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products

products except Cisco Business Edition 3000. Cisco Business Edition 3000 should contact their Cisco representative for available options. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content

[Full-disclosure] [ MDVSA-2013:257 ] nss

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:257 http://www.mandriva.com/en/support/security

Re: [Full-disclosure] My File Explorer v1.3.1 iOS - Multiple Web Vulnerabilities

"The _local_ command inject web vulnerability via device name can be exploited by _remote_ attackers with _physical_ device access and low user interaction." Keep up the stellar work Ben! #derp ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [ MDVSA-2013:249 ] libraw

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:249 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:248 ] xinetd

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:248 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:247 ] gnupg

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:247 http://www.mandriva.com/en/support/security

[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Software

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Software Advisory ID: cisco-sa-20131009-fwsm Revision 1.0 For Public Release 2013 October 9 16:00 UTC (GMT

[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software Advisory ID: cisco-sa-20131009-asa Revision 1.0 For Public Release 2013 October 9 16:00 UTC (GMT

[Full-disclosure] [ISecAuditors Security Advisories] Multiple Reflected XSS vulnerabilities in BoltWire <= v3.5

= INTERNET SECURITY AUDITORS ALERT 2013-010 - Original release date: March 20th, 2013 - Last revised: March 25th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 (CVSS Base Score) - CVE-ID: CVE-2013-2651

[Full-disclosure] [ISecAuditors Security Advisories] Multiple Vulnerabilities in Uebimiau <= 2.7.11

= INTERNET SECURITY AUDITORS ALERT 2013-008 - Original release date: March 15th, 2013 - Last revised: March 20th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 (CVSS Base Score) - CVE-ID: CVE-2013-2621, CVE-2013-2622

[Full-disclosure] [ MDVSA-2013:246 ] openjpa

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:246 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:245 ] proftpd

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:245 http://www.mandriva.com/en/support/security

[Full-disclosure] [Security-news] SA-CONTRIB-2013-078 - Quick Tabs - Access Bypass

View online: https://drupal.org/node/2103187 * Advisory ID: DRUPAL-SA-CONTRIB-2013-078 * Project: Quick Tabs [1] (third-party module) * Version: 6.x, 7.x * Date: 2013-October-02 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Access bypass

[Full-disclosure] Cisco Security Advisory: Cisco IOS XR Software Memory Exhaustion Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco IOS XR Software Memory Exhaustion Vulnerability Advisory ID: cisco-sa-20131002-iosxr Revision 1.0 For Public Release 2013 October 2 16:00 UTC (GMT

[Full-disclosure] [ MDVSA-2013:244 ] davfs2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:244 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:243 ] polkit

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:243 http://www.mandriva.com/en/support/security

[Full-disclosure] [ISecAuditors Security Advisories] Multiple Reflected Cross-Site Scripting vulnerabilities

= INTERNET SECURITY AUDITORS ALERT 2012-003 - Original release date: 16th December 2012 - Last revised: 26th September 2013 - Discovered by: Eduardo Garcia Melia - Severity: 6.8/10 (CVSS Base Scored) = I

[Full-disclosure] XAMPP 1.8.1 Local Write Access Vulnerability

= INTERNET SECURITY AUDITORS ALERT 2013-007 - Original release date: March 14th, 2013 - Last revised: March 19th, 2013 - Discovered by: Manuel García Cárdenas - Severity: 6,8/10 (CVSS Base Score) - CVE-ID: CVE-2013-2586

[Full-disclosure] [ MDVSA-2013:242 ] kernel

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:242 http://www.mandriva.com/en/support/security

[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Resource Reservation Protocol Interface Queue Wedge Vulnerability

: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-rsvp Note: The September 25, 2013, Cisco IOS Software Security Advisory bundled publication includes eight Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS

[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Memory Leak Vulnerability

link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ike Note: The September 25, 2013, Cisco IOS Software Security Advisory bundled publication includes eight Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each

[Full-disclosure] Cisco Security Advisory: Cisco IOS Software DHCP Denial of Service Vulnerability

this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-dhcp Note: The September 25, 2013, Cisco IOS Software Security Advisory bundled publication includes eight Cisco Security Advisories. All

[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Queue Wedge Denial of Service Vulnerability

vulnerability are available. Cisco has released free software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-wedge Note: The September 25, 2013, Cisco IOS Software Security

[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability

device. Repeated exploitation could result in a sustained DoS condition. Cisco has released free software updates that address this vulnerability. A workaround is available to mitigate this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center

[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Zone-Based Firewall and Content Filtering Vulnerability

released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-cce Note: The September 25

[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities

that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-nat Note: The September 25, 2013, Cisco IOS Software

[Full-disclosure] Cisco Security Advisory: Cisco IOS Software IPv6 Virtual Fragmentation Reassembly Denial of Service Vulnerability

has released free software updates that address this vulnerability. There are no workarounds for this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ipv6vfr Note: The September 25, 2013

[Full-disclosure] [ MDVSA-2013:241 ] perl-Crypt-DSA

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:241 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:240 ] glpi

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:240 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:239 ] wordpress

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:239 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:238 ] wireshark

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:238 http://www.mandriva.com/en/support/security

[Full-disclosure] [Security-news] SA-CONTRIB-2013-077 - Google Site Search - Cross Site Scripting (XSS)

View online: https://drupal.org/node/2092395 * Advisory ID: DRUPAL-SA-CONTRIB-2013-077 * Project: Google Site Search [1] (third-party module) * Version: 6.x, 7.x * Date: 2013-September-18 * Security risk: Less critical [2] * Exploitable from: Remote * Vulnerability: Cross Site

[Full-disclosure] Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password Enumeration Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password Enumeration Vulnerability Advisory ID: cisco-sa-20130918-pc Revision 1.0 For Public Release 2013 September 18 16:00

[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager Advisory ID: cisco-sa-20130918-dcnm Revision 1.0 For Public Release 2013 September 18 16:00 UTC (GMT

[Full-disclosure] [ MDVSA-2013:237 ] firefox

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:237 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:236 ] subversion

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:236 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:235 ] mediawiki

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:235 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:234 ] python-django

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:234 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:233 ] python-OpenSSL

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:233 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:232 ] libmodplug

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:232 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:231 ] openswan

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:231 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:230 ] gdm

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:230 http://www.mandriva.com/en/support/security

[Full-disclosure] [Security-news] SA-CONTRIB-2013-075 - Click2Sell - Multiple Vulnerabilities (XSS and CSRF)

View online: https://drupal.org/node/2087055 * Advisory ID: DRUPAL-SA-CONTRIB-2013-075 * Project: Click2Sell Suite [1] (third-party module) * Version: 6.x * Date: 2013-September-11 * Security risk: Highly critical [2] * Exploitable from: Remote * Vulnerability: Cross Site Scripting

[Full-disclosure] [Security-news] SA-CONTRIB-2013-076 - jQuery Countdown - Cross Site Scripting (XSS)

View online: https://drupal.org/node/2087095 * Advisory ID: DRUPAL-SA-CONTRIB-2013-076 * Project: jQuery Countdown [1] (third-party module) * Version: 7.x * Date: 2013-September-11 * Security risk: Less critical [2] * Exploitable from: Remote * Vulnerability: Cross Site Scripting

[Full-disclosure] [Security-news] SA-CONTRIB-2013-074 - MediaFront - Cross Site Scripting (XSS)

View online: https://drupal.org/node/2087051 * Advisory ID: DRUPAL-SA-CONTRIB-2013-074 * Project: MediaFront [1] (third-party module) * Version: 6.x, 7.x * Date: 2013-September-11 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Cross Site

[Full-disclosure] [ MDVSA-2013:229 ] bzr

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:229 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:228 ] cacti

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:228 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:227 ] python-setuptools

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:227 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:226 ] roundcubemail

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:226 http://www.mandriva.com/en/support/security

[Full-disclosure] [Security-news] PSA-2013-001: Drupal core - Users can insert hidden text and links

View online: https://drupal.org/node/2081887 * Advisory ID: PSA-2013-001 * Project: Drupal core [1] * Version: 6.x, 7.x * Date: 2013-September-04 * Security risk: Not critical [2] * Exploitable from: Remote * Vulnerability: Information Disclosure DESCRIPTION

[Full-disclosure] [Security-news] SA-CONTRIB-2013-073 - Make Meeting Scheduler - Access Bypass

View online: https://drupal.org/node/2081637 * Advisory ID: DRUPAL-SA-CONTRIB-2013-073 * Project: Make Meeting Scheduler [1] (third-party module) * Version: 6.x * Date: 2013-September-04 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Access

[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players Advisory ID: cisco-sa-20130904-webex Revision 1.0 For Public Release 2013 September 4 16:00 UTC (GMT

[Full-disclosure] [ MDVSA-2013:225 ] libdigidoc

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:225 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:224 ] libtiff

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:224 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:223 ] asterisk

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:223 http://www.mandriva.com/en/support/security

[Full-disclosure] NEW VMSA-2013-0011 VMware ESXi and ESX address an NFC Protocol Unhandled Exception

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - --- VMware Security Advisory Advisory ID: VMSA-2013-0011 Synopsis:VMware ESXi and ESX address an NFC Protocol Unhandled Exception Issue date: 2013-08-29 Updated

[Full-disclosure] [Security-news] SA-CONTRIB-2013-071 - Flag - Cross Site Scripting

View online: https://drupal.org/node/2076221 * Advisory ID: DRUPAL-SA-CONTRIB-2013-071 * Project: Flag [1] (third-party module) * Version: 7.x * Date: 2013-August-28 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Cross Site Scripting

[Full-disclosure] [Security-news] SA-CONTRIB-2013-072 - Node View Permissions - Access Bypass

View online: https://drupal.org/node/2076315 * Advisory ID: DRUPAL-SA-CONTRIB-2013-072 * Project: Node View Permissions [1] (third-party module) * Version: 7.x * Date: 2013-August-28 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Access bypass

[Full-disclosure] Cisco Security Advisory: Cisco Secure Access Control Server Remote Command Execution Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Secure Access Control Server Remote Command Execution Vulnerability Advisory ID: cisco-sa-20130828-acs Revision 1.0 For Public Release 2013 August 28 16:00 UTC (GMT

[Full-disclosure] AST-2013-005: Remote Crash when Invalid SDP is sent in SIP Request

Asterisk Project Security Advisory - AST-2013-005 ProductAsterisk SummaryRemote Crash when Invalid SDP is sent in SIP Request Nature of Advisory Remote Crash

[Full-disclosure] AST-2013-004: Remote Crash From Late Arriving SIP ACK With SDP

Asterisk Project Security Advisory - AST-2013-004 Product Asterisk Summary Remote Crash From Late Arriving SIP ACK With SDP Nature of Advisory Remote Crash

[Full-disclosure] [ MDVSA-2013:222 ] puppet

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:222 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:221 ] php

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:221 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:220 ] lcms

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:220 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:219 ] libtiff

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:219 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:218 ] python-django

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:218 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:217 ] spice

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:217 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:216 ] perl-Proc-ProcessTable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:216 http://www.mandriva.com/en/support/security

[Full-disclosure] NEW VMSA-2013-0010 VMware Workstation host privilege escalation vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - --- VMware Security Advisory Advisory ID: VMSA-2013-0010 Synopsis:VMware Workstation host privilege escalation vulnerability Issue date: 2013-08-22 Updated

[Full-disclosure] CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework

ring OXM issue is fixed in 4.0.0.M2 Credit: These issues were identified by Alvaro Munoz of the HP Enterprise Security Team. References: http://www.gopivotal.com/security/cve-2013-4152 https://github.com/SpringSource/spring-framework/pull/317 (Spring OXM) https://jira.springsource.org/browse/SPR-1

[Full-disclosure] [ MDVSA-2013:215 ] cacti

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:215 http://www.mandriva.com/en/support/security

[Full-disclosure] [Security-news] SA-CONTRIB-2013-070 - Zen - Cross Site Scripting

View online: https://drupal.org/node/2071157 * Advisory ID: DRUPAL-SA-CONTRIB-2013-070 * Project: Zen [1] (third-party module) * Version: 7.x * Date: 2013-August-21 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Cross Site Scripting

[Full-disclosure] Cisco Security Advisory: Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability

interruption of presence services. Cisco has released free software updates that address this vulnerability. There are no workarounds available to mitigate exploitation of this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content

[Full-disclosure] Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Denial of Service Vulnerabilities

the monitoring of voice services and exhaust system resources. Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-hcm -BEGIN PGP

[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager

vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cucm -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlIUzXcACgkQUddfH3

[Full-disclosure] [ MDVSA-2013:214 ] python

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:214 http://www.mandriva.com/en/support/security

[Full-disclosure] Sparty : A SharePoint and FrontPage Security Auditing Tool !

Hi All Sparty is an open source tool written in python to audit web applications using SharePoint and FrontPage architecture. The motivation behind this tool is to provide an easy and robust way to scrutinize the security configurations of SharePoint and FrontPage based web applications. Due to

[Full-disclosure] [Security-news] SA-CONTRIB-2013-069 - Password Policy - XSS

View online: https://drupal.org/node/2065387 * Advisory ID: DRUPAL-SA-CONTRIB-2013-069 * Project: Password policy [1] (third-party module) * Version: 6.x, 7.x * Date: 2013-August-14 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Cross Site

[Full-disclosure] [Security-news] SA-CONTRIB-2013-068 - Entity API - Access Bypass

View online: https://drupal.org/node/2065207 * Advisory ID: DRUPAL-SA-CONTRIB-2013-068 * Project: Entity API [1] (third-party module) * Version: 7.x * Date: 2013-August-14 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Access bypass

[Full-disclosure] [Security-news] SA-CONTRIB-2013-067 - BOTCHA - Information Disclosure (potential Privilege Escalation)

View online: https://drupal.org/node/2065057 * Advisory ID: DRUPAL-SA-CONTRIB-2013-067 * Project: BOTCHA Spam Prevention [1] (third-party module) * Version: 7.x * Date: 2013-August-14 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Information

[Full-disclosure] [ MDVSA-2013:213 ] xymon

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:213 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:212 ] otrs

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:212 http://www.mandriva.com/en/support/security

[Full-disclosure] [ MDVSA-2013:211 ] lcms2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:211 http://www.mandriva.com/en/support/security

[Full-disclosure] [Security-news] SA-CONTRIB-2013-066 - Monster Menus - Multiple Vulnerabilities

View online: https://drupal.org/node/2059823 * Advisory ID: DRUPAL-SA-CONTRIB-2013-066 * Project: Monster Menus [1] (third-party module) * Version: 6.x, 7.x * Date: 2013-August-07 * Security risk: Moderately critical [2] * Exploitable from: Remote * Vulnerability: Access bypass

<    1   2   3   4   5   6   7   8   9   10   >