[ MDVSA-2014:228 ] phpmyadmin

2014-11-26 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:228 http://www.mandriva.com/en/support/security/

Сross-Site Request Forgery (CSRF) in xEpan

2014-11-26 Thread High-Tech Bridge Security Research
Advisory ID: HTB23240 Product: xEpan Vendor: Xavoc Technocrats Pvt. Ltd. Vulnerable Version(s): 1.0.1 and probably prior Tested Version: 1.0.1 Advisory Publication: October 22, 2014 [without technical details] Vendor Notification: October 22, 2014 Public Disclosure: November 26, 2014

CVE-2014-5439 - Root shell on Sniffit [with exploit]

2014-11-26 Thread Hector Marco
CVE-2014-5439 - Root shell on Sniffit Sniffit is a packet sniffer and monitoring tool. The attacker can create a specially-crafted sniffit configuration file, which is able to bypass all three protection mechanisms: - Non-eXecutable bit NX - Stack Smashing Protector SSP - Address

[ MDVSA-2014:229 ] libvncserver

2014-11-26 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:229 http://www.mandriva.com/en/support/security/

[SECURITY] [DSA 3077-1] openjdk-6 security update

2014-11-26 Thread Moritz Muehlenhoff
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-3077-1 secur...@debian.org http://www.debian.org/security/Moritz Muehlenhoff November 26, 2014

[security bulletin] HPSBGN03202 rev.1 - HP CMS: Configuration Manager running OpenSSL, Remote Disclosure of Information

2014-11-26 Thread security-alert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04507568 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04507568 Version: 1 HPSBGN03202