The Ambassador
The Ambassador is both warrior and diplomat. He listens to the words of those who deserve influence and guides those in his care as he guides himself. He acts not selfishly but for the betterment of all.
[SECURITY] [DSA 2474-1] ikiwiki security update
Posted by Raphael Geissert on May 17
-------------------------------------------------------------------------Debian Security Advisory DSA-2474-1 security () debian org
http://www.debian.org/security/ Raphael Geissert
May 16, 2012 http://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : ikiwiki
Vulnerability : cross-site scripting
Problem type...
DDIVRT-2012-44 Epicor Returns Management SOAP-Based Blind SQL Injection
Posted by ddivulnalert on May 17
Title-----
DDIVRT-2012-44 Epicor Returns Management SOAP-Based Blind SQL Injection
Severity
--------
High
Date Discovered
---------------
April 12, 2012
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Chris Graham and r () b13$
Vulnerability Description
-------------------------
Digital Defense, Inc. (DDI) has discovered a blind SQL injection vulnerability in the Epicor Returns Management
software SOAP...
[security bulletin] HPSBUX02782 SSRT100844 rev.1 - HP-UX Running OpenSSL, Remote Denial of
Posted by security-alert on May 17
Note: the current version of the following document is available here:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03333987
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03333987
Version: 1
HPSBUX02782 SSRT100844 rev.1 - HP-UX Running OpenSSL, Remote Denial of
Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2012-05-17
Last...
[security bulletin] HPSBUX02777 SSRT100854 rev.1 - HP-UX Running Java JRE and JDK, Remote Denial
Posted by security-alert on May 17
Note: the current version of the following document is available here:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03316985
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03316985
Version: 1
HPSBUX02777 SSRT100854 rev.1 - HP-UX Running Java JRE and JDK, Remote Denial
of Service (DoS), Unauthorized Modification and Disclosure of Information
NOTICE: The information in this Security Bulletin should be...
[ MDVSA-2012:078 ] imagemagick
Posted by security on May 17
_______________________________________________________________________Mandriva Linux Security Advisory MDVSA-2012:078
http://www.mandriva.com/security/
_______________________________________________________________________
Package : imagemagick
Date : May 17, 2012
Affected: 2011.
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has...
[ MDVSA-2012:077 ] imagemagick
Posted by security on May 17
_______________________________________________________________________Mandriva Linux Security Advisory MDVSA-2012:077
http://www.mandriva.com/security/
_______________________________________________________________________
Package : imagemagick
Date : May 17, 2012
Affected: 2010.1, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Multiple...
[SECURITY] [DSA 2473-1] openoffice.org security update
Posted by Florian Weimer on May 17
-------------------------------------------------------------------------Debian Security Advisory DSA-2473-1 security () debian org
http://www.debian.org/security/ Florian Weimer
May 16, 2012 http://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : openoffice.org
Vulnerability : buffer overflow
Problem...
FlashPeak SlimBrowser TITLE Denial Of Service Vulnerability
Posted by demonalex on May 16
Title: FlashPeak SlimBrowser TITLE Denial Of Service VulnerabilitySoftware : FlashPeak SlimBrowser
Software Version : 6.0.1.38
Vendor: FlashPeak Inc.(www.flashpeak.com/)
Vulnerability Published : 2012-05-16
Vulnerability Update Time :
Status :
Impact : Medium(CVSS2 Base : 5.0, AV:N/AC:L/Au:N/C:N/I:N/A:P)
Bug Description :
FlashPeak SlimBrowser is a web browser Software for FREE.
FlashPeak SlimBrowser contains one denial of service...
[PRE-SA-2012-03] Linux kernel: Buffer overflow in HFS plus filesystem
Posted by Timo Warns on May 16
PRE-CERT Security Advisory==========================
* Advisory: PRE-SA-2012-03
* Released on: 10 May 2012
* Affected product: Linux Kernel 3.3.x <= 3.3.4
2.6.x <= 2.6.35.13
* Impact: code execution / privilege escalation
* Origin: HFS plus file system
* Credit: Timo Warns (PRESENSE Technologies GmbH)
* CVE Identifier: CVE-2012-2319
Summary
-------
The Linux kernel contains a vulnerability in the driver...
The story of the Linux kernel 3.x...
Posted by pi3 on May 16
The story of the Linux kernel 3.x...In 2005 everybody was exited about possibility of bypass ASLR on all
Linux 2.6 kernels because of the new concept called VDSO (Virtual
Dynamic Shared Object). More information about this story can be found
at the following link:
http://www.trilithium.com/johan/2005/08/linux-gate/
In short, VDSO was mmap'ed by the kernel in the user space memory always
at the same fixed address. Because of that...