Debian Security Advisory 2924-1
Debian Linux Security Advisory 2924-1 - Multiple security issues have been found in Icedove, Debian's version errors, buffer overflows, missing permission checks, out of bound reads, use-after-frees...
View ArticleUbuntu Security Notice USN-2193-1
Ubuntu Security Notice 2193-1 - Paul McMillan discovered that the Sheepdog backend in OpenStack Glance did not properly handle untrusted input. A remote authenticated attacker exploit this to execute...
View ArticleHP Security Bulletin HPSBGN03010 4
HP Security Bulletin HPSBGN03010 4 - A potential security vulnerability has been identified in HP Software Server Automation running OpenSSL. OpenSSL is a 3rd party product that is embedded with some...
View ArticleRuxcon 2014 Call For Papers
Ruxcon 2014 Call For Papers - Ruxcon is the premier technical computer security conference in the Australia. The conference aims to bring together the individual talents of the best and brightest...
View ArticleSOAPpy 0.12.5 XXE / Denial Of Service
SOAPpy version 0.12.5 suffers from XXE and denial of service vulnerabilities.
View ArticleCMS PUNTOPY SQL Injection
CMS PUNTOPY suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
View ArticleUbuntu Security Notice USN-2197-1
Ubuntu Security Notice 2197-1 - A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or...
View ArticleUbuntu Security Notice USN-2205-1
Ubuntu Security Notice 2205-1 - Pedro Ribeiro discovered that LibTIFF incorrectly handled certain malformed images when using the gif2tiff tool. If a user or automated system were tricked into opening...
View ArticleUbuntu Security Notice USN-2206-1
Ubuntu Security Notice 2206-1 - Cristian Fiorentino discovered that OpenStack Horizon did not properly perform input sanitization for Heat templates. If a user were tricked into using a specially...
View ArticleUbuntu Security Notice USN-2198-1
Ubuntu Security Notice 2198-1 - A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or...
View ArticleRed Hat Security Advisory 2014-0473-01
Red Hat Security Advisory 2014-0473-01 - Red Hat JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise...
View ArticleUbuntu Security Notice USN-2207-1
Ubuntu Security Notice 2207-1 - Samuel Merritt discovered a timing attack vulnerability in OpenStack Swift. If Swift was configured to use the TempURL middleware, an attacker could exploit this to...
View ArticleUbuntu Security Notice USN-2196-1
Ubuntu Security Notice 2196-1 - A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or...
View ArticleUbuntu Security Notice USN-2199-1
Ubuntu Security Notice 2199-1 - A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or...
View ArticleUbuntu Security Notice USN-2200-1
Ubuntu Security Notice 2200-1 - A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or...
View ArticleUbuntu Security Notice USN-2201-1
Ubuntu Security Notice 2201-1 - A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or...
View ArticleUbuntu Security Notice USN-2202-1
Ubuntu Security Notice 2202-1 - A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or...
View ArticleUbuntu Security Notice USN-2203-1
Ubuntu Security Notice 2203-1 - A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or...
View ArticleUbuntu Security Notice USN-2204-1
Ubuntu Security Notice 2204-1 - A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or...
View ArticleNight Lion Security PHP Stress
Night Lion Security proof of concept denial of service / stress tester for PHP websites running with Apache and NGINX systems (PHP-FPM and PHP-CGI). Using a standard cable/DSL connection, this attack...
View ArticleHP Security Bulletin HPSBMU03037
HP Security Bulletin HPSBMU03037 - A potential security vulnerability has been identified with HP Multimedia Service Environment (MSE), formerly known as HP Network Interactive Voice Response (NIVR)....
View ArticleCyberduck 4.4.3 (14140 Windows) X.509 Validation Failure
Cyberduck version 4.4.3 (14140) for Windows fails to properly validate X.509 certificates.
View ArticleCitrix Netscaler Diffie-Hellman Key Exchange Issue
The remote configuration Java applet in Citrix Netscaler versions prior to 10.1-122.17/9.3-66.5 contains a poor implementation of the Diffie-Hellman key exchange algorithm. The random number generator...
View ArticleCitrix Netscaler SSL Certificate Validation
The remote configuration Java applet in Citrix Netscaler versions prior to 10.1-122.17/9.3-66.5 assigns an empty trust manager to its SSL context, causing it to accept any certificate regardless of...
View ArticleIBM AIX Kernel Memory Leak / Denial Of Service
IBM AIX versions 5.3, 6.1 and 7.1 releases VIOS 2.2.* suffer from kernel memory leak and denial of service vulnerabilities. It has been identified that the ptrace() system call can be manipulated by an...
View Article
