Säkerhet

Servision HVG Hardcoded Credentials

Packet storm - tors, 2016-02-11 18:53
Servision HVG with firmware below version 2.2.26a100 suffers from a hard-coded backdoor password vulnerability.
Kategorier: Säkerhet

D-Link DSL-2750B Remote Command Execution

Packet storm - tors, 2016-02-11 18:49
D-Link DSL-2750B firmware versions 1.01 through 1.03 suffer from an unauthenticated remote code execution vulnerability.
Kategorier: Säkerhet

Apache Sling Framework 2.3.6 Information Disclosure

Packet storm - tors, 2016-02-11 16:44
Apache Sling Framework version 2.3.6 suffers from an information disclosure vulnerability.
Kategorier: Säkerhet

Debian: 3467-1: tiff: Summary

Linux Security - tors, 2016-02-11 11:18
Kategorier: Säkerhet

Fedora 22 salt-2015.5.9-2.fc22

Linux Security - tors, 2016-02-11 11:18
Kategorier: Säkerhet

Fedora 23 webkitgtk4-2.10.7-1.fc23

Linux Security - tors, 2016-02-11 11:18
Kategorier: Säkerhet

Fedora 23 nettle-3.2-1.fc23

Linux Security - tors, 2016-02-11 11:18
Kategorier: Säkerhet

Debian: 3466-1: krb5: Summary

Linux Security - tors, 2016-02-11 11:18
Kategorier: Säkerhet

D-Link DCS-930L Authenticated Remote Command Execution

Packet storm - ons, 2016-02-10 06:17
The D-Link DCS-930L Network Video Camera is vulnerable to OS Command Injection via the web interface. The vulnerability exists at /setSystemCommand, which is accessible with credentials. This vulnerability was present in firmware version 2.01 and fixed by 2.12.
Kategorier: Säkerhet

360-FAAR Firewall Analysis Audit And Repair 0.5.6

Packet storm - ons, 2016-02-10 06:14
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
Kategorier: Säkerhet

GNU Transport Layer Security Library 3.4.9

Packet storm - ons, 2016-02-10 06:12
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability. This is the current stable release.
Kategorier: Säkerhet

GNU Transport Layer Security Library 3.3.21

Packet storm - ons, 2016-02-10 06:11
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability. This is the previous stable release.
Kategorier: Säkerhet

Slackware Security Advisory - curl Updates

Packet storm - ons, 2016-02-10 05:57
Slackware Security Advisory - New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.
Kategorier: Säkerhet

Slackware Security Advisory - libsndfile Updates

Packet storm - ons, 2016-02-10 05:57
Slackware Security Advisory - New libsndfile packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix security issues.
Kategorier: Säkerhet

Debian Security Advisory 3472-1

Packet storm - ons, 2016-02-10 05:57
Debian Linux Security Advisory 3472-1 - Two vulnerabilities were discovered in wordpress, a web blogging tool.
Kategorier: Säkerhet

Debian Security Advisory 3470-1

Packet storm - ons, 2016-02-10 05:57
Debian Linux Security Advisory 3470-1 - Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware.
Kategorier: Säkerhet

Debian Security Advisory 3469-1

Packet storm - ons, 2016-02-10 05:56
Debian Linux Security Advisory 3469-1 - Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware.
Kategorier: Säkerhet

Debian Security Advisory 3471-1

Packet storm - ons, 2016-02-10 05:56
Debian Linux Security Advisory 3471-1 - Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware.
Kategorier: Säkerhet

Red Hat Security Advisory 2016-0158-01

Packet storm - ons, 2016-02-10 05:56
Red Hat Security Advisory 2016-0158-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. An information-exposure flaw was found in the Django date filter. If an application allowed users to provide non-validated date formats, a malicious end user could expose application-settings data by providing the relevant applications-settings key instead of a valid date format.
Kategorier: Säkerhet