Hello All,
Today, Oracle released Java SE 7 Update 21, which among other
things addresses six security vulnerabilities that were reported
to the company earlier this year (Issues 51, 55 and 57-60).
Our original vulnerability reports and Proof of Concept codes
for these and some previously
[ESNC-2013-001] Privilege Escalation in SAP Healthcare Industry Solution
Please refer to www.esnc.de for the original security advisory,
updates and additional information.
1. Business Impact
Sitecom WLM-3500 backdoor accounts
==
[ADVISORY INFORMATION]
Title: Sitecom WLM-3500 backdoor accounts
Discovery date: 24/03/2013
Release date: 16/04/2013
Credits:Roberto Paleari (roberto.pale...@emaze.net, @rpaleari)
Advisory URL:
[ESNC-2013-002] Privilege Escalation in SAP Production Planning and Control
Please refer to www.esnc.de for the original security advisory,
updates and additional information.
1. Business Impact
[ESNC-2013-003] Remote OS Command Execution in SAP BASIS Communication Services
Please refer to www.esnc.de for the original security advisory,
updates and additional information.
1. Business Impact
Open-Xchange Security Advisory (multiple vulnerabilities)
Multiple security issues for Open-Xchange Server 6 and OX AppSuite have been
discovered and fixed. The vendor has chosen a responsible full disclosure
method to publish security issue details. Users of the software have already
been
Advisory ID: HTB23150
Product: KrisonAV CMS
Vendor: http://www.krisonav.com
Vulnerable Version(s): 3.0.1 and probably prior
Tested Version: 3.0.1
Vendor Notification: March 27, 2013
Vendor Patch: March 31, 2013
Public Disclosure: April 17, 2013
Vulnerability Type: Cross-Site Scripting [CWE-79],
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Folks,
We have just released SI6 Networks' IPv6 Toolkit v1.3.4: a
security assessment and troubleshooting toolkit for the IPv6 protocol
suite.
The toolkit is available at:
http://www.si6networks.com/tools/ipv6toolkit, where you can find a
the usual
Hello All,
We wanted to add the following information to our yesterday post.
We've learned that RedHat's Bugzilla associates CVE-2013-1537 [1]
with the RMI issue allowing for a remote loading and execution of
arbitrary Java code on servers [2].
It looks that Oracle has finally patched RMI