eTransfer Lite v1.0 iOS - Persistent Filename Vulnerability

Title: == eTransfer Lite v1.0 iOS - Persistent Filename Vulnerability Date: = 2013-08-31 References: === http://www.vulnerability-lab.com/get_content.php?id=1064 VL-ID: = 1064 Common Vulnerability Scoring System: 3.8 Introduction:

Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities

Title: == Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities Date: = 2013-08-30 References: === http://www.vulnerability-lab.com/get_content.php?id=1062 VL-ID: = 1063 Common Vulnerability Scoring System: 8.8

Synology DSM multiple vulnerabilities

** Title: Synology DSM multiple vulnerabilities Version affected: = 4.3-3776 Vendor: Synology Discovered by: Andrea Fabrizi Email: andrea.fabr...@gmail.com Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched

[security bulletin] HPSBUX02926 SSRT101281 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03922396 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03922396 Version: 1 HPSBUX02926

[SECURITY] [DSA 2754-1] exactimage security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2754-1 secur...@debian.org http://www.debian.org/security/ Raphael Geissert September 10, 2013

Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Web Vulnerability

Title: == Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Web Vulnerability Date: = 2013-09-11 References: === http://www.vulnerability-lab.com/get_content.php?id=812 Security Bulletin: MS13-067 http://technet.microsoft.com/de-de/security/bulletin/MS13-067

Insecure CHIASMUS encryption in GSTOOL

== Insecure CHIASMUS encryption in GSTOOL == GSTOOL versions 3.0 to 4.7 (inclusive) contain an insecure encryption feature using the non-public CHIASMUS block cipher. Due to the use of an insecure PRNG for key generation, files encrypted using the encryption feature of this tool can be decrypted

Cross-Site Scripting (XSS) in WikkaWiki

Advisory ID: HTB23170 Product: WikkaWiki Vendor: Wikka Development Team Vulnerable Version(s): 1.3.4 and probably prior Tested Version: 1.3.4 Vendor Notification: August 21, 2013 Vendor Patch: August 31, 2013 Public Disclosure: September 11, 2013 Vulnerability Type: Cross-Site Scripting

ProFTPd mod_sftp/mod_sftp_pam invalid pool allocation in kbdint authentication

Hi there! See my blog post about the mentioned vulnerability. http://kingcope.wordpress.com/2013/09/11/proftpd-mod_sftpmod_sftp_pam-invalid-pool-allocation-in-kbdint-authentication/ Cheers, Kingcope

[SECURITY] [DSA 2755-1] python-django security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-2755-1 secur...@debian.org http://www.debian.org/security/ Salvatore Bonaccorso September 11, 2013

OWASP Zed Attack Proxy 2.2.0

Hi folks, ZAP 2.2.0 is now available from http://code.google.com/p/zaproxy/downloads/list This includes support for scripts embedded in ZAP components like the active and passive scanners as well as support for Zest - a new security focused scripting language from the Mozilla security team. It

[ MDVSA-2013:230 ] gdm

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2013:230 http://www.mandriva.com/en/support/security/

[security bulletin] HPSBUX02928 SSRT101274 rev.1 - HP-UX running perl, Remote Denial of Service (DoS)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03924247 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03924247 Version: 1 HPSBUX02928