Advisories - SecurityLab

•

About the security content of Mac OS X Server v10.6.5 (10H575)

•

About the security content of Mac OS X v10.6.5 and Security Update 2010-007

•

About Security Update 2010-006

CERT Coordination Center

•

Adobe Reader browser plug-in cross domain violation

•

Apple QuickTime and iTunes RTSP buffer overflow

•

Mozilla Updates for Multiple Vulnerabilities

•

Cisco Security Advisory: Cisco Security Agent Remote Code Execution Vulnerabilities

•

Cisco Security Advisory: Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras

•

Cisco Security Advisory: Cisco Unified Contact Center Express Directory Traversal Vulnerability

•

[DSA-1964-1] New PostgreSQL packages fix several vulnerabilities

•

[DSA-1953-2] New expat packages fix regression

•

[DSA 1958-1] New libtool packages fix privilege escalation

•

Fedora 14 Update: openldap-2.4.23-10.fc14

•

Fedora 11 Update: ImageMagick-6.5.1.2-2.fc11

•

Fedora 12 Update: pdns-recursor-3.1.7.2-1.fc12

•

FreeBSD-SA-11:10.pam: pam_start() does not validate service names

•

FreeBSD-SA-11:09.pam_ssh: pam_ssh improperly grants access when user account has unencrypted SSH private keys

•

FreeBSD-SA-11:08.telnetd: telnetd code execution vulnerability

•

[ GLSA 201012-01 ] Chromium: Multiple vulnerabilities

•

[ GLSA 201011-01 ] GNU C library: Multiple vulnerabilities

•

[ GLSA 201010-01 ] Libpng: Multiple vulnerabilities

HEWLETT-PACKARD

•

HPSBGN02569 SSRT100200 rev.1 - HP MagCloud iPad App, Remote Unauthorized Access to Data

•

HPSBMA02563 SSRT100165 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code

•

HPSBUX02543 SSRT100152 rev.1 - HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS)

IBM Global Services

•

IO13282: proxy server crash cleaning up paged search on backend

•

Potential issue with security inheritance on folders after migrating a FileNet Content Manager system from 3.x to 4.x

•

ToolTalk rpc.ttdbserver Database Parser Vulnerability

•

Macromedia Security Bulletin -- MPSB05-07 Flash Player 7 Improper Memory Access Vulnerability

•

MPSB04-03 Potential Security Risk with Macromedia E-Licensing Client Activation Code

•

MPSB05-05 - Security Patch available for JRun 4.0 token collision

•

[ MDVSA-2008:215 ] wireshark

•

[ MDVA-2008:158 ] urpmi

•

[ MDVA-2008:156-1 ] kdebase4-workspace

•

MS12-007: Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664)

•

MS12-006: Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)

•

MS12-005: Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2584146)

•

NetBSD Security Advisory 2011-003: Exhausting kernel memory from user controlled value

•

NetBSD Security Advisory 2010-010: Buffer Length Handling Errors in netsmb

•

NetBSD Security Advisory 2010-009: Privilege Handling Errors In larn

•

Potential Security Vulnerability with Apache on NetWare 6.5 after installing OES2 Linux Server

•

Cross-Site Scripting vulnerability in the User Application

•

Security Vulnerability - XSS Cross Site Scripting in iMonitor error messages

•

[OpenBSD] -- VGA driver may allow local privilege escalation via agp_ioctl()

•

[OpenBSD] -- Multiple fixes for OpenBSD, November 2006

•

[OpenBSD] -- Fix 2 security bugs found in OpenSSH

•

[ OpenPKG-SA-2007.023 ] OpenPKG Security Advisory (perl)

•

[ OpenPKG-SA-2007.022 ] OpenPKG Security Advisory (bind)

•

[ OpenPKG-SA-2007.021 ] OpenPKG Security Advisory (wordpress)

•

Oracle Critical Patch Update Advisory - January 2012

•

Oracle Critical Patch Update Advisory - October 2011

•

Oracle Critical Patch Update Advisory - April 2011

•

[RHSA-2010:1003-01] Moderate: git security update

•

[RHSA-2010:1002-01] Moderate: mod_auth_mysql security update

•

[RHSA-2010:1000-01] Important: bind security update

Santa Cruz Operation

•

Sendmail Arbitrary Code Execution Vulnerability

•

[SCO] -- GhostScript Insecure Temporary File Creation Vulnerability

•

SCOSA-2006.22 X Server Arbitrary Code Execution Vulnerability

Silicon Graphics

•

20061101-01-P SGI Advanced Linux Environment 3 Security Update #66

•

20061002-01.P SGI Advanced Linux Environment 3 Security Update #65

•

20061001-01-P SGI Advanced Linux Environment 3 Security Update #64

Slackware Linux

•

2010-12-23 - [slackware-security] php (SSA:2010-357-01)

•

2010-12-23 - [slackware-security] proftpd (SSA:2010-357-02)

•

2010-12-16 - [slackware-security] bind (SSA:2010-350-01)

Sun Microsystems

•

This Alert covers CVE-2010-0896 for the mail component of the Sun Convergence product

•

This Alert Covers CVE-2010-0893 for the Mail Component of the Sun Convergence Product

•

SunOS 5.10_x86: ucode driver patch

•

SUSE Security Summary Report: SUSE-SR:2010:024

•

SUSE Security Announcement: IBM Java 1.4.2 (SUSE-SA:2010:061)

•

SUSE Security Announcement: Linux kernel (SUSE-SA:2010:060)

•

SYM10-012: Security Advisories Relating to Symantec Products - PGP Desktop Unsigned Data Insertion

•

SYM10-009: Multi-Vendor Autonomy KeyView Filter Multiple Security Issues

•

SYM10-001: Security Advisories Relating to Symantec Products - Symantec Altiris Notification Server 6.x Static Encryption Key

•

TSLSA-2007-0027 - multi

•

TSLSA-2007-0028 - multi

•

TSLSA-2007-0025 - multi

Cisco Security Advisory: Cisco Security Agent Remote Code Execution Vulnerabilities

Cisco Security Agent is affected by vulnerabilities that could allow an unauthenticated attacker to ...

27 october, 2011

Cisco Security Advisory: Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras

A denial of service (DoS) vulnerability exists in the Cisco Video Surveillance IP Cameras 24 ...

27 october, 2011

Cisco Security Advisory: Cisco Unified Contact Center Express Directory Traversal Vulnerability

Cisco Unified Contact Center Express (UCCX or Unified CCX) and Cisco Unified IP Interactive ...

27 october, 2011

MS12-007: Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664)

This security update resolves one privately reported vulnerability in the Microsoft Anti-Cross Site ...

10 january, 2012

MS12-006: Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)

This security update resolves a publicly disclosed vulnerability in SSL 3.0 and TLS 1.0.

10 january, 2012

MS12-005: Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2584146)

This security update resolves a privately reported vulnerability in Microsoft Windows.

10 january, 2012

Sun Microsystems

This Alert covers CVE-2010-0896 for the mail component of the Sun Convergence product

This Sun Alert covers CVE-2010-0896 for the mail component of the Sun Convergence product.

14 april, 2010

This Alert Covers CVE-2010-0893 for the Mail Component of the Sun Convergence Product

This Alert covers CVE-2010-0893 for the mail component of the Sun Convergence product.

14 april, 2010

SunOS 5.10_x86: ucode driver patch

6905530 processor microcode code can panic when retrieving microcode revision.

02 february, 2010

[RHSA-2010:1003-01] Moderate: git security update

Red Hat Security Advisory - Moderate: git security update

21 december, 2010

[RHSA-2010:1002-01] Moderate: mod_auth_mysql security update

Red Hat Security Advisory - Moderate: mod_auth_mysql security update

21 december, 2010

[RHSA-2010:1000-01] Important: bind security update

Red Hat Security Advisory - Important: bind security update

20 december, 2010