Opera Stored Cross Site Scripting Vulnerability

2008-10-22 Thread Roberto Suggi
== = = Opera Stored Cross Site Scripting Vulnerability = = Vendor Website: = http://www.opera.com = = Affected Version: = -- All desktop versions = = Public disclosure on 22nd October 2008 =

Secunia Research: GNU Enscript setfilename Special Escape Buffer Overflow

2008-10-22 Thread Secunia Research
== Secunia Research 22/10/2008 - GNU Enscript setfilename Special Escape Buffer Overflow - == Table of Contents Affected

Secunia Research: HP OpenView Products Shared Trace Service Denial of Service

2008-10-22 Thread Secunia Research
== Secunia Research 22/10/2008 - HP OpenView Products Shared Trace Service Denial of Service - == Table of Contents Affected

Advisory for Oracle CPU October 2008 - APEX Flows excessive privileges

2008-10-22 Thread Pete Finnigan
Advisory for Oracle CPU October 2008 - APEX FLOWS excessive privileges == See http://www.petefinnigan.com/Advisory_CPU_Oct_2008.htm for details Description --- Oracle Appication Express (APEX) is a rapid development

FGA-2008-23:EMC NetWorker Denial of Service Vulnerability

2008-10-22 Thread noreply-secresearch
FGA-2008-23:EMC NetWorker Denial of Service Vulnerability 2008.October.21 Fortinet's FortiGuard Global Security Research Team Discovers Vulnerability in EMC NetWorker Summary: A resource exhaustion vulnerability exists throughout multiple EMC products through an exploited RPC interface.

Secunia Research: Trend Micro OfficeScan CGI Parsing Buffer Overflows

2008-10-22 Thread Secunia Research
== Secunia Research 22/10/2008 - Trend Micro OfficeScan CGI Parsing Buffer Overflows - == Table of Contents Affected

Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA

2008-10-22 Thread Cisco Systems Product Security Incident Response Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA Advisory ID: cisco-sa-20081022-asa http://www.cisco.com/warp/public/707/cisco-sa-20081022-asa.shtml Revision 1.0 For Public Release 2008 October 22 1600 UTC (GMT

Re: FGA-2008-23:EMC NetWorker Denial of Service Vulnerability

2008-10-22 Thread Security_Alert
Correction to the posted bulletin: The Networker software versions affected are incorrectly identified. The following Networker products are affected by this issue: * NetWorker Server, Storage Node and Client 7.3.x and 7.4, 7.4.1, 7.4.2 * NetWorker Client and Storage Node for Open VMS 7.3.2

SECOBJADV-2008-05: Symantec Veritas Storage Foundation Arbitrary File Read Vulnerability

2008-10-22 Thread Security Objectives Corporation
== = Security Objectives Advisory (SECOBJADV-2008-05) = == Veritas Storage Foundation Arbitrary File Read Vulnerability

SNMP Injection: Achieving Persistent HTML Injection via SNMP on Embedded Devices

2008-10-22 Thread ProCheckUp Research
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SNMP Injection: Achieving Persistent HTML Injection via SNMP on Embedded Devices Introduction In our earlier ZyXEL Gateways Vulnerability Research paper[1], we introduced a new technique: SNMP injection a.k.a. persistent HTML injection via SNMP.

[SECURITY] [DSA 1658-1] New dbus packages fix denial of service

2008-10-22 Thread Thijs Kinkhorst
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1658-1 [EMAIL PROTECTED] http://www.debian.org/security/ Thijs Kinkhorst October 22, 2008