#
# Securitylab.ir
#
# Application Info:
# Name: Sigma Portal
# Vendor: http://www.sigma.ir
#
#
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02660122
Version: 2
HPSBST02619 SSRT100281 rev.2 - HP StorageWorks Storage Mirroring, Remote
Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon
==
Secunia Research 23/12/2010
- Microsoft Word LFO Parsing Double-Free Vulnerability -
==
Table of Contents
Affected
#
# Securitylab.ir
#
# Application Info:
# Name: Asan Portal
# Vendor: http://iptech.ir/default.aspx?id=130
[waraxe-2010-SA#078] - Multiple Vulnerabilities in CruxCMS 3.0.0
===
Author: Janek Vind waraxe
Date: 27. December 2010
Location: Estonia, Tartu
Web: http://www.waraxe.us/advisory-78.html
Affected Software:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:251-2
http://www.mandriva.com/security/
ADVISORY INFORMATION:
Advisory ID: NGENUITY-2010-009
Date discovered: 8.28.2010
Date published: 12.22.2010
SOFTWARE AFFECTED:
“Django is a high-level Python Web framework that encourages rapid
development and clean, pragmatic design.” [1]
The admin interface of the Django web framework can be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:259
http://www.mandriva.com/security/
Addenum:
Merry Christmas to everyone!
Ollie
--
Oliver Goebelmailto:goe...@cert.uni-stuttgart.de
Stabsstelle DV-Sicherheit (RUS-CERT) Tel:+49 711 685 1 CERT
Universitaet Stuttgart Tel:+49 711 685 8-3678 / Fax:-3688
Breitscheidstr. 2, 70174 Stuttgart
Credit: Michael Brooks
Bug Fix in 1.1.2:
http://www.pligg.com/blog/1174/pligg-cms-1-1-2-release/
Special thanks to Eric Heikkinen for patching these quickly.
Blind SQL Injection
http://host/pligg_1.1.2/search.php?adv=1status=
'and+sleep(9)or+sleep(9)or+1%3D' search=onadvancesearch= Search
Dear all,
the deadline for the submission of papers to IMF 2011 has been extended.
Accepted papers will be published in IEEE Computer Society's Conference
Proceedings Series and be available in the IEEE online Digital Library.
Please excuse possible cross-postings.
=[ Tempest Security Intelligence - Advisory #02 / 2010 ]=
Information Disclosure Vulnerability in FlexVision Agent Listener
-
Authors: Victor Ribeiro Hora victor *SPAM* tempest.com.br
fixed with version 1.2.4
###
# Exploit Title: Social Engine 4.x (Music Plugin) Arbitrary File Upload
# Google Dork: inurl:user/auth/forgot
# Date: 22/12/2010
# Author: MyDoom ( Moroccan Hacker )
# Contact: mydoom2...@gmail.com
# Software Link:
14 matches
Mail list logo