-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04635715
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04635715
Version: 1
HPSBOV03318 r
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04629160
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04629160
Version: 2
HPSBHF03310 r
-=[Advanced Information Security Corp]=-
Author: Nicholas Lemonias
Advisory Date: 13/4/2015
Email: lem.nikolas (at) gmail (dot) com
Introduction
==
During a source-code audit of the Apache HTTPD 2.2.29 release
implementation for linux; conducted internally by the Advanced
Information Secu
-=[Advanced Information Security Corp]=-
Author: Nicholas Lemonias
Advisory Date: 13/4/2015
Email: lem.nikolas (at) gmail (dot) com
Introduction
==
During a source-code audit of the Apache HTTPD 2.2.29 release
implementation for linux; conducted internally by the Advanced
Information Secu
Ruxcon 2015 Call For Presentations
Melbourne, Australia, October 24-25
CQ Function Centre
http://www.ruxcon.org.au
The Ruxcon team is pleased to announce the first round of Call For
Presentations for Ruxcon 2015.
This year the conference will take place over the weekend of the 24th and 25th
of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-3224-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
April 12, 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3223-1 secur...@debian.org
http://www.debian.org/security/Alessandro Ghedini
April 12, 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3222-1 secur...@debian.org
http://www.debian.org/security/Alessandro Ghedini
April 12, 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3221-1 secur...@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
April 12, 2015
OVERVIEW
==
The 4/8/2015 security updates from Apple included a patch for a Safari
cross-domain vulnerability. An attacker could create web content
which, when viewed by a target user, bypasses some of the normal
cross-domain restrictions to access or modify HTTP cookies belonging
to any w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3220-1 secur...@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
April 11, 2015
Title: Hijack any website from weebly.com by just adding an administrator to
their website. [Insecure Direct Object Reference Vulnerability]
=
Weebly is a web-hosting service that allows the user to drag-and-drop while
using their website builder. As of August 2012, Weebly hosts over 20 m
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3219-1 secur...@debian.org
http://www.debian.org/security/Alessandro Ghedini
April 11, 2015
I. Overview
OrangeHRM (Opensource 3.2.1, Professional & Enterprise 4.11) are prone to a
multiple Blind SQL injection & XSS vulnerabilities. These vulnerabilities
allows an attacker to inject SQL commands to compromise the affected databas
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2015:203
http://www.mandriva.com/en/support/security/
__
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04634535
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04634535
Version: 1
HPSBGN03316 r
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-3218-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
April 10, 2015
https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/
The Admin framework in Apple OS X contains a hidden backdoor API to
root privileges. It’s been there for several years (at least since
2011), I found it in October 2014 and it can be exploited to esca
SEC Consult Vulnerability Lab Security Advisory < 20150410-0 >
===
title: Unauthenticated Local File Disclosure
product: Multiple TP-LINK products (see Vulnerable / tested
versions)
vulnerable version: M
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2015:201
http://www.mandriva.com/en/support/security/
__
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2015:202
http://www.mandriva.com/en/support/security/
__
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2015:200
http://www.mandriva.com/en/support/security/
__
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2015:199
http://www.mandriva.com/en/support/security/
__
23 matches
Mail list logo