FreeBSD Security Advisory FreeBSD-SA-13:06.mmap [REVISED]

2013-06-24 Thread FreeBSD Security Advisories
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 = FreeBSD-SA-13:06.mmap Security Advisory The FreeBSD Project Topic:

Facebook Information Disclosure

2013-06-24 Thread Packet Storm
Worth Reading: http://packetstormsecurity.com/news/view/22713/Facebook-Where-Your-Friends-Are-Your-Worst-Enemies.html https://www.facebook.com/notes/facebook-security/important-message-from-facebooks-white-hat-program/10151437074840766

ASUS RT-N66U Router - HTTPS Directory traversal and full file access and credential disclosure vuln

2013-06-24 Thread kyle Lovett
Vulnerable product: ASUS RT-N66U when HTTPS WebService via AiCloud is enabled (AC66R and RT-N65U are effected as well, but need more testing) Vulnerabilities: - Linux 2.6.22 - Researched on both 3.0.0.4.270 and 3.0.0.4.354 firmware - Full directory traversal and plain text disclosure of all

GreHack 2013 - CFP ends on June, 30 - Conf: Nov. 15, Grenoble, France

2013-06-24 Thread F. Duchene
--- *GreHack 2013* — 3rd Call For Papers November 15, Grenoble, France http://grehack.org — Twitter: @grehack --- *Topics* The 2nd International Symposium on Grey-Hat Hacking — aka GreHack 2013 — will gather researchers and practitioners from

Linksys X3000 - Multiple Vulnerabilities

2013-06-24 Thread devnull
Device: X3000 Vendor: Linksys Vulnerable Firmware Releases: Firmware Version: v1.0.03 build 001 Jun 11,2012 Vulnerability Overview: * OS Command Injection The vulnerability is caused by missing input validation in the

[slackware-security] curl (SSA:2013-174-01)

2013-06-24 Thread Slackware Security Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] curl (SSA:2013-174-01) New curl packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog:

CFP: IEEE SafeConfig: 6th Symposium on Security Analytics and Automation (Deadline Extended)

2013-06-24 Thread James Joshi
CALL FOR PAPERS [Deadline Extended] IEEE SafeConfig 2013: 6th Symposium on Security Analytics and Automation (www.safeconfig.org) (collocated with IEEE Conference on Communications and Network Security) Washington, D.C., USA October 16, 2013 Sponsors: IEEE (COMSOC). Important Dates

[ MDVSA-2013:176 ] kernel

2013-06-24 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:176 http://www.mandriva.com/en/support/security/

[security bulletin] HPSBHF02878 rev.1 - HP Smart Zero Client, Unauthorized Access

2013-06-24 Thread security-alert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03757330 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03757330 Version: 1 HPSBHF02878