Multiple Vulnerabilities in Intex Wireless N150 Easy Setup Router

2016-05-30 Thread mohitreload
Intex Wireless N150 Easy Setup Router Vulnerabilities 1. Overview Intex Wireless N150 Easy Setup Router, firmware version: V5.07.51_en_INX01, uses default credentials, vulnerable to cross-site request forgery, clear text Transmission of Sensitive Information and other attacks. 2.

[CVE-2016-4945] Login Form Hijacking Vulnerability in Citrix NetScaler Gateway

2016-05-30 Thread Daniel Schliebner
PERSICON Security Advisory === Title: Login Form Hijacking vulnerability Product: Citrix Netscaler Vulnerable Version: 11.0 Build 64.35 Fixed Version: 11.0 Build 66.11

[slackware-security] php (SSA:2016-148-03)

2016-05-30 Thread Slackware Security Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] php (SSA:2016-148-03) New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--+

[SECURITY] [DSA 3588-1] symfony security update

2016-05-30 Thread Luciano Bello
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian Security Advisory DSA-3588-1 secur...@debian.org https://www.debian.org/security/Luciano Bello May 29, 2016

[slackware-security] libxml2 (SSA:2016-148-01)

2016-05-30 Thread Slackware Security Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] libxml2 (SSA:2016-148-01) New libxml2 packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--+

[slackware-security] libxslt (SSA:2016-148-02)

2016-05-30 Thread Slackware Security Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] libxslt (SSA:2016-148-02) New libxslt packages are available for Slackware 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: +--+

[oCERT 2016-001] Jetty path sanitization issues

2016-05-30 Thread Daniele Bianco
Description: Jetty is a Java HTTP (Web) server and Servlet container. The Jetty path normalization mechanism suffers of an implementation issue when parsing the request URLs. The path normalization logic implemented in the PathResource class and introduced in Jetty versions 9.3.x can be

WebKitGTK+ Security Advisory WSA-2016-0004

2016-05-30 Thread Carlos Alberto Lopez Perez
WebKitGTK+ Security Advisory WSA-2016-0004 Date reported : May 30, 2016 Advisory ID: WSA-2016-0004 Advisory

[SECURITY] [DSA 3589-1] gdk-pixbuf security update

2016-05-30 Thread Salvatore Bonaccorso
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-3589-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 30, 2016

[SECURITY] Lorex ECO DVR Hard coded password

2016-05-30 Thread andrew . hofmans
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 1. ADVISORY INFORMATION === Product: Lorex ECO DVR Vendor URL: https://www.lorextechnology.com/ Type: Hard coded password [CWE-259] Date found: 2016-05-04 Date published: 2016-05-30 CVE: - 2. CREDITS == This