-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] bind (SSA:2012-209-01)
New bind packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1,
13.37, and -current to fix security issues.
Here are the details from the Slackware 13.37 ChangeLog:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2012:110-1
http://www.mandriva.com/security/
Trustwave SpiderLabs Security Advisory TWSL2012-014:
Multiple Vulnerabilities in Scrutinizer NetFlow sFlow Analyzer
Published: 07/27/12
Version: 1.0
Vendor: Plixer International (http://www.plixer.com)
Product: Scrutinizer NetFlow and sFlow Analyzer
Version affected: Confirmed 9.0.1 (Build
The open source Spark IM client from Ignite Realtime has a feature
that can save the user's password - this password is stored insecurely
due to the use of a static encryption key.
The password is stored in a file called spark.properties and is
encrypted with Triple DES in ECB mode. The problem
1. OVERVIEW
ocPoral CMS 7.1.5 and lower versions are vulnerable to Open URL Redirection.
2. BACKGROUND
ocPortal is the website Content Management System (a CMS) for building
and maintaining a dynamic website. ocPortal's powerful feature-set
means there's always a way to accomplish your vision.
A security oversight has been discovered in LedgerSMB 1.3 which could
allow a malicious user to cause a denial of service against LedgerSMB
or otherwise affect the way in which certain forms of data would get
entered. In most cases we do not believe this to be particularly
severe in the absence
Dr. Web Control Center Admin UI Remote Script Code Injection
=
Affected Products/Versions
--
Product Name: Dr. Web Enterprise Server
Version Number: 6.00.3.20300
Product/Company Information
DataWatch Monarch BI v5.1 client section stored cross-site scripting
Class: Input Validation Error
Remote: Yes
Local: No
Published: 26/06/2012
Credit: Raymond Rizk of Dionach Limited (vu...@dionach.com)
Vulnerable: DataWatch Monarch BI v5.1
DataWatch's Monarch BI client section is prone to
DataWatch Monarch BI v5.1 admin section blind SQL injection
Class: Input Validation Error
Remote: Yes
Local: No
Published: 26/06/2012
Credit: Raymond Rizk of Dionach Limited (vu...@dionach.com)
Vulnerable: DataWatch Monarch BI v5.1
DataWatch's Monarch BI client section is prone to a blind
DataWatch Monarch BI v5.1 admin section blind XPath injection
Class: Input Validation Error
Remote: Yes
Local: No
Published: 26/06/2012
Credit: Raymond Rizk of Dionach Limited (vu...@dionach.com)
Vulnerable: DataWatch Monarch BI v5.1
DataWatch's Monarch BI admin section is prone to a blind
TEMENOS T24 R07.03 reflected cross-site scripting
Class: Input Validation Error
Remote: Yes
Local: No
Published: 26/06/2012
Credit: Raymond Rizk of Dionach Limited (vu...@dionach.com)
Vulnerable: TEMENOS T24 R07.03
TEMENOS T24 is prone to a reflected cross-site scripting vulnerability
TEMENOS T24 R07.03 authentication bypass
Class: Access Validation Error
Remote: Yes
Local: No
Published: 26/06/2012
Credit: Raymond Rizk of Dionach Limited (vu...@dionach.com)
Vulnerable: TEMENOS T24 R07.03
TEMENOS T24 is prone to an authentication bypass vulnerability as it fails to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2517-1 secur...@debian.org
http://www.debian.org/security/Nico Golde
July 30, 2012
13 matches
Mail list logo