APPLE-SA-2011-09-09-1 Security Update 2011-005

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 APPLE-SA-2011-09-09-1 Security Update 2011-005 Security Update 2011-005 is now available and addresses the following: Certificate Trust Policy Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.1, OS X Lion Server v10.7.1 Impa

[slackware-security] httpd (SSA:2011-252-01)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] httpd (SSA:2011-252-01) Not long ago, httpd package updates were issued to clamp down on a denial of service bug that's seen some action in the wild. New packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, 13.37

[ MDVSA-2011:134 ] rsyslog

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2011:134 http://www.mandriva.com/security/ _

CVE-2011-2731: Spring Security privilege escalation when using RunAsManager

CVE-2011-2731: Spring Security privilege escalation when using RunAsManager Severity: Moderate Versions Affected: 2.0.0 to 2.0.6 3.0.0 to 3.0.5 Earlier versions may also be affected Description: Spring Security provides a mechanism (RunAsManager) to allow particular operations to run with a dif

CVE-2011-2894: Spring Framework and Spring Security serialization-based remoting vulnerabilities

CVE-2011-2894: Spring Framework and Spring Security serialization-based remoting vulnerabilities Severity: Critical Versions Affected: Spring Framework: 3.0.0 to 3.0.5 Spring Security: 2.0.0 to 2.0.6 3.0.0 to 3.0.5 Earlier versions may also be affected Description: Several issue

CVE-2011-2732: Spring Security header injection vulnerability

CVE-2011-2732: Spring Security header injection vulnerability Severity: Important Versions Affected: 2.0.0 to 2.0.6 3.0.0 to 3.0.5 Earlier versions may also be affected Description: Spring Security allows the use of a parameter (named "spring-security-redirect" by default) to determine

CVE-2011-2730: Spring Framework Information Disclosure

CVE-2011-2730: Spring Framework Information Disclosure Severity: Variable depending on application. Likely to be low to moderate, may be important. Version affected: 3.0.0 to 3.0.5 2.5.0 to 2.5.6.SEC02 (community releases) 2.5.0 to 2.5.7.SR01 (subscription customers) Earlier, unsupported version

Disassembling .NET Client Challenge

Hi all, We are proud to present a new free hacking challenge! It's all about .NET disassembling! This time, we will provide a target sample application to hack plus a step-by-step description for novice and intermediate users. Increase your knowledge about client security and most importantly, enj

28C3: CFP for 28th Chaos Communication Congress

28C3: CALL FOR PARTICIPATION FOR 28TH CHAOS COMMUNICATION CONGRESS 27|28|29|30 December 2011, bcc, Berlin, Germany THE EVENT The Chaos Communication Congress the annual four-day conference organized by the Chaos Computer Club (CCC) in Berlin, Germany. First held in 1984, it has since established

[security bulletin] HPSBUX02702 SSRT100606 rev.2 - HP-UX Apache Web Server, Remote Denial of Service (DoS)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02997184 Version: 2 HPSBUX02702 SSRT100606 rev.2 - HP-UX Apache Web Server, Remote Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as po

[SECURITY] [DSA 2303-1] linux-2.6 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA-2303-1secur...@debian.org http://www.debian.org/security/ Moritz Muehlenhoff, Dann Frazier September 8, 2011 h