[FD] Humhub insecure password validation and reset design

[+] Humhub insecure password validation and reset design [+] Discovered by: Jos Wetzels [+] Affects: Humhub = 0.10.0-rc.1 Humhub [1] versions 0.10.0-rc.1 and prior suffer from several design flaws, which have now been resolved in cooperation with the vendor [2], in the implementation of its

[FD] Docker 1.3.3 - Security Advisory [11 Dec 2014]

Docker 1.3.3 has been released to address several vulnerabilities and is immediately available for all supported platforms: https://docs.docker.com/installation/ https://docs.docker.com/installation/ This release addresses vulnerabilities which could be exploited by a malicious Dockerfile,

[FD] Rooted CON 2014 talks (dubbed into english) are now online

Hello, Maybe you are interested in take a look to the talks given in the last RootedCON edition, now are avalaible in Youtube :) https://www.youtube.com/playlist?list=PLUOjNfYgonUvwqY2EOzeJlHgZEsQc_Hvh Br, --- RootedCON - www.rootedcon.es @omarbv

[FD] Defense in depth -- the Microsoft way (part 23): two quotes or not to quote...

Hi @ll, some Windows commands/programs fail when (one of) their command line argument(s) is/are enclosed in quotes; for example: %SystemRoot%\System32\FontView.Exe pathname.TTF %SystemRoot%\System32\FONTVIEW.Exe /P filename.TTF %SystemRoot%\System32\RunDLL32.Exe

[FD] CA20141215-01: Security Notice for CA LISA Release Automation

-BEGIN PGP SIGNED MESSAGE- CA20141215-01: Security Notice for CA LISA Release Automation Issued: December 15, 2014 CA Technologies Support is alerting customers to multiple vulnerabilities in CA Release Automation (formerly CA LISA Release Automation, change effective 2014-09-19).

[FD] CVE-2014-5438: Arris TG862G - Cross-site Scripting (XSS)

--- Vendor: --- Arris Interactive, LLC (http://www.arrisi.com/) ISP: Comcast Xfinity - Affected Products/Versions: - HW: Arris Touchstone TG862G/CT (Xfinity branded) SW: Version 7.6.59S.CT (Tested)