-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-09:04.bind Security Advisory
The FreeBSD Project
Topic:
Title:
--
* Cisco Unified IP Phone 7960G and 7940G (SIP) RTP Header Vulnerability
Summary:
* The Cisco Unified IP Phone 7960G and 7940G (SIP) do not correctly
parse some malformed RTP headers leading to a deterministic denial of
service
Assigned CVE:
-
* CVE-2008-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDefense Security Advisory 01.13.09
http://labs.idefense.com/intelligence/vulnerabilities/
Jan 13, 2009
I. BACKGROUND
Oracle Corp.'s Secure Backup is a tape backup management software, for
more information, please visit following website:
## www.BugReport.ir #
#
# AmnPardaz Security Research Team
#
# Title: phpList Local File inclusion
# Vendor: http://www.phplist.com
# Bug: Local File Inclusion
# Vulnerable Version: 2.10.8 (prior versions also may be affected)
# Exploitation:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDefense Security Advisory 01.13.09
http://labs.idefense.com/intelligence/vulnerabilities/
Jan 13, 2009
I. BACKGROUND
Oracle Secure Backup is a network backup system for Oracle Databases.
For more information, see:
NGSSoftware Insight Security Research Advisory
Name: Trigger abuse of MDSYS.SDO_TOPO_DROP_FTBL
Systems Affected: Oracle 10g R1 and R2 (10.1.0.5 and 10.2.0.2)
Severity: High
Vendor URL: http://www.oracle.com/
Author: David Litchfield [ dav...@ngssoftware.com ]
Reported: 23rd July 2008
Date of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:007
http://www.mandriva.com/security/
SUMMARY
WowWee Rovio - Insufficient Access Controls - Covert Audio/Video
Snooping Possible
OVERVIEW
Rovio from WowWee does not adequately secure all accessible URLs or media
streams, enabling an unauthorized user with network access to the robotic
webcam platform the ability to listen to and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello,
This is Paul Oxman with Cisco PSIRT.
For mitigations and workarounds, please consult the Cisco
Security Response available at:
http://www.cisco.com/warp/public/707/cisco-sr-20081105-vtp.shtml
Regards
Advisories for Oracle CPU January 2009 vulnerabilities Attached.
Polyakov Alexandr
Information Security Analyst
__
DIGITAL SECURITY
phone: +7 812 703 1547
+7 812 430 9130
e-mail: a.polya...@dsec.ru
www.dsec.ru
---
This message
, RELEASE SOFTWARE (fc5)
Assigned Cisco Bug ID#:
CSCsr72301
CVE reference:
CVE-2008-3821
References:
http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-19
http://www.cisco.com/warp/public/707/cisco-sr-20090114-http.shtml
Fix:
Please see Cisco advisory for information
/*DoS code for Cisco VLAN Trunking Protocol Vulnerability
*
*vulerability discription:
*http://www.cisco.com/warp/public/707/cisco-sr-20081105-vtp.shtml
*
*To Known:
* 1.the switch must in Server/Client Mode.
* 2.the port ,attacker connected,must be in trunk Mode.
* Cisco
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Cisco ONS Platform Crafted Packet
Vulnerability
Advisory ID: cisco-sa-20090114-ons
http://www.cisco.com/warp/public/707/cisco-sa-20090114-ons.shtml
Revision 1.0
For Public Release 2009 January 14 1600 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:008
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:009
http://www.mandriva.com/security/
-
Call for Papers!
Conference on Cyber Warfare
June 17-19, 2009
Tallinn, Estonia
The Cooperative Cyber Defence Centre of Excellence is hosting a Conference on
Cyber Warfare in 2009.
CCD CoE is soliciting research papers within the emerging field of cyber
warfare,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: IronPort Encryption Appliance / PostX and
PXE Encryption Vulnerabilities
Advisory ID: cisco-sa-20090114-ironport
Revision 1.0
For Public Release 2009 January 14 1600 UTC (GMT
# OTSTurntables 1.00.027 (.ofl) Local Stack Overflow Exploit
# Discovered exploited bY suN8Hclf
# crimson.l...@gmail.com, blacksideofthesun.linuxsecured.net
# Tested on: Windows XP SP2 Polish Full patched
#
# Only 274 bytes for shellcode. Wanna more, exploit SEH !!!
#
# Thanks to
__
Avira - RAR -Division by Zero Null Pointer Dereference
__
Reference : [TZO-2009-1]-Avira Antivir
Location :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1704secur...@debian.org
http://www.debian.org/security/ Steffen Joeris
January 14, 2009
ZDI-09-003: Oracle Secure Backup exec_qr() Command Injection Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-003
January 14, 2009
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle Secure Backup
-- Vulnerability Details:
This vulnerability allows remote attackers to
ZDI-09-004: Oracle TimesTen evtdump Remote Format String Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-004
January 14, 2009
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle TimesTen
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been
Hi,
Happy new year! Attached goes and advisory for one of the recently fixed
Oracle vulnerabilities in the product Oracle Secure Backup.
Regards,
Joxean Koret
Oracle Secure Backup 10g Remote Code Execution
==
Product Description
===
Hi again,
Attached goes and advisory for the unique vulnerability in Oracle
TimesTen fixed in the Oracle Critical Patch Update January 2009.
Cheers!
Joxean Koret
Oracle TimesTen Remote Format String
Product Description
===
Oracle TimesTen
24 matches
Mail list logo