-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-4620-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 12, 2020
Hi,
we have published a new post in our blog titled "How to hack a company by
circumventing its WAF through the abuse of a different security appliance and
win bug bounties".
We basically have [ab]used a Bluecoat device behaving as a request forwarder to
mask our malicious payload, avoid WAF
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] libarchive (SSA:2020-043-01)
New libarchive packages are available for Slackware 14.1, 14.2, and -current to
fix security issues.
Here are the details from the Slackware 14.2 ChangeLog:
+--+
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-4621-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 12, 2020
From the low-hanging-fruit-department
F-SECURE Generic Malformed Container bypass (RAR)
Ref : [TZO-15-2020] -
WebKitGTK and WPE WebKit Security Advisory WSA-2020-0002
Date reported : February 14, 2020
Advisory ID :
The TrustedInstaller service running on the Windows operating system
hosts a COM service called Sxs Store Class; its ISxsStore interface
provides methods to install/uninstall assemblies via application
manifests files into the WinSxS store. These API methods were meant to
be available for users
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-4624-1 secur...@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 14, 2020
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-4625-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 15, 2020