Security News
ESA-2016-127: EMC ViPR SRM Stored Cross-Site Scripting Vulnerability
Posted by EMC Product Security Response Center on Sep 27
EMC Identifier: ESA-2016-127CVE Identifier: CVE-2016-6647
Severity Rating: CVSS v3 Base Score: 7.6 (AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N)
Affected products:
EMC ViPR SRM versions prior to 4.0.1
Summary:
EMC ViPR SRM 4.0.1 contains a fix for a stored cross-site scripting vulnerability that could potentially be exploited
by malicious users to compromise the affected system.
Details:
EMC ViPR SRM is affected by a stored cross-site...
Bugtraq: [security bulletin] HPSBHF03655 rev.1 - HPE iMC PLAT Network Products running Apache Axis2, Multiple Remote Vulnerabilities
[security bulletin] HPSBHF03655 rev.1 - HPE iMC PLAT Network Products running Apache Axis2, Multiple Remote Vulnerabilities
[SECURITY] [DSA 3679-1] jackrabbit security update
Posted by Florian Weimer on Sep 27
-------------------------------------------------------------------------Debian Security Advisory DSA-3679-1 security () debian org
https://www.debian.org/security/ Florian Weimer
September 27, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : jackrabbit
CVE ID : CVE-2016-6801
Debian Bug :...
Bugtraq: [SECURITY] [DSA 3678-1] python-django security update
[SECURITY] [DSA 3678-1] python-django security update
[security bulletin] HPSBHF03652 rev.1 - HPE iMC PLAT Network Products running Apache Commons FileUpload, Remote Denial of Service (DoS)
Posted by security-alert on Sep 26
Note: the current version of the following document is available here:https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05289840
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05289840
Version: 1
HPSBHF03652 rev.1 - HPE iMC PLAT Network Products running Apache Commons
FileUpload, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date:...
[security bulletin] HPSBHF03654 rev.1 - HPE iMC PLAT Network Products using SSL/TLS, Multiple Remote Vulnerabilities
Posted by security-alert on Sep 26
Note: the current version of the following document is available here:https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05289935
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05289935
Version: 1
HPSBHF03654 rev.1 - HPE iMC PLAT Network Products using SSL/TLS, Multiple
Remote Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2016-09-26
Last...
[security bulletin] HPSBHF03655 rev.1 - HPE iMC PLAT Network Products running Apache Axis2, Multiple Remote Vulnerabilities
Posted by security-alert on Sep 26
Note: the current version of the following document is available here:https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05289984
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05289984
Version: 1
HPSBHF03655 rev.1 - HPE iMC PLAT Network Products running Apache Axis2,
Multiple Remote Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2016-09-26...
[SECURITY] [DSA 3678-1] python-django security update
Posted by Florian Weimer on Sep 26
-------------------------------------------------------------------------Debian Security Advisory DSA-3678-1 security () debian org
https://www.debian.org/security/ Florian Weimer
September 26, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : python-django
CVE ID : CVE-2016-7401
Sergey Bobrov...
[slackware-security] openssl (SSA:2016-270-01)
Posted by Slackware Security Team on Sep 26
[slackware-security] openssl (SSA:2016-270-01)New openssl packages are available for Slackware 14.2 and -current to
fix a security issue.
Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/openssl-1.0.2j-i586-1_slack14.2.txz: Upgraded.
This update fixes a security issue:
Missing CRL sanity check (CVE-2016-7052)
For more information, see:...
Bugtraq: [security bulletin] HPSBGN03648 rev.1 - HPE LoadRunner and Performance Center, Remote Denial of Service (DoS)
[security bulletin] HPSBGN03648 rev.1 - HPE LoadRunner and Performance Center, Remote Denial of Service (DoS)
Bugtraq: OS-S Security Advisory 2016-19: Epson WorkForce multi-function printers do not use signed firmware images and allow unauthorized malicious firmware-updates (CVSS 10)
OS-S Security Advisory 2016-19: Epson WorkForce multi-function printers do not use signed firmware images and allow unauthorized malicious firmware-updates (CVSS 10)
Bugtraq: [slackware-security] php (SSA:2016-267-01)
[slackware-security] php (SSA:2016-267-01)
Bugtraq: ESA-2016-097: RSA Identity Governance and Lifecycle Information Disclosure Vulnerability
ESA-2016-097: RSA Identity Governance and Lifecycle Information Disclosure Vulnerability
Vuln: Mozilla Network Security Services Use After Free CVE-2016-1978 Remote Code Execution Vulnerability
Mozilla Network Security Services Use After Free CVE-2016-1978 Remote Code Execution Vulnerability
Vuln: NTP CVE-2015-8138 Denial of Service Vulnerability
NTP CVE-2015-8138 Denial of Service Vulnerability
Vuln: Network Time Protocol CVE-2015-5300 Man in the Middle Security Bypass Vulnerability
Network Time Protocol CVE-2015-5300 Man in the Middle Security Bypass Vulnerability
Vuln: Symantec Messaging Gateway CVE-2016-5312 Directory Traversal Vulnerability
Symantec Messaging Gateway CVE-2016-5312 Directory Traversal Vulnerability
Vuln: Cisco IOS and Cisco IOS XE Software CVE-2016-1384 Unauthorized Access Vulnerability
Cisco IOS and Cisco IOS XE Software CVE-2016-1384 Unauthorized Access Vulnerability
Vuln: libgd 'gd_webp.c' Integer Overflow Vulnerability
libgd 'gd_webp.c' Integer Overflow Vulnerability
Vuln: LibTIFF CVE-2014-8127 Out of Bounds Read Multiple Remote Denial of Service Vulnerabilities
LibTIFF CVE-2014-8127 Out of Bounds Read Multiple Remote Denial of Service Vulnerabilities
