Red Hat Enterprise Linux: Updated policycoreutils packages that fix one bug are now available for Red Hat
Enterprise Linux 6.
Monthly Archives: October 2014
RHBA-2014:1624-1: ipmitool bug fix update
Red Hat Enterprise Linux: Updated ipmitool packages that fix one bug are now available for Red Hat
Enterprise Linux 6.
RHBA-2014:1623-1: 389-ds-base bug fix update
Red Hat Enterprise Linux: Updated 389-ds-base packages that fix one bug are now available for Red Hat
Enterprise Linux 6.
RHBA-2014:1622-1: pki-core bug fix update
Red Hat Enterprise Linux: Updated pki-core packages that fix one bug are now available for Red Hat
Enterprise Linux 6.
RHBA-2014:1374-1: libvirt bug fix and enhancement update
Red Hat Enterprise Linux: Updated libvirt packages that fix numerous bugs and add various enhancements are
now available for Red Hat Enterprise Linux 6.
Microsoft Releases October 2014 Security Bulletin
Original release date: October 14, 2014
Microsoft has released updates to address vulnerabilities in Windows, Office, Office Services and Web Apps, Developer Tools, .NET Framework, and Internet Explorer as part of the Microsoft Security Bulletin Summary for October 2014. These vulnerabilities could allow remote code execution, elevation of privilege, or security feature bypass.
US-CERT encourages users and administrators to review the bulletin and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
$50 Anonabox provides portable privacy via Tor
A portable network device that sits between computer and router to offer anonymized browsing from any computer via the Tor network has smashed its Kickstarter fundraising goal just days after hitting the crowdfunding platform.
The post $50 Anonabox provides portable privacy via Tor appeared first on We Live Security.
200,000 Snapchat images leaked
After Celebgate, the leaking of private photos and videos of Hollywood actresses and models such as Jennifer Lawrence, now users of Snapchat have seen the security of their files compromised.
Snapchat is a mobile app for sending images and messages that are automatically deleted between one and ten seconds after being read.
Although Snapchat does not store users’ images, another app, Snapsave, which is available for Android and iOS, does store them. This is what has enabled 200,000 photos to be stolen, according to Snapchat.
According to The Guardian (UK), these include some 100 MB of nude images. It is as yet unknown whether these might include images of children, and it is important to point out that downloading of nude images of children under 16 is a jailable offense under child pornography legislation.
Images from ‘The Snappening’, as this leak has been dubbed, are already available on some Internet portals.
The post 200,000 Snapchat images leaked appeared first on MediaCenter Panda Security.
Re: CVE-2014-2021 – vBulletin 5.x/4.x – persistent XSS in AdminCP/ApiLog via xmlrpc API (post-auth)
Posted by oststrom (public) on Oct 14
Hash: SHA1
CVE-2013-2021 – vBulletin 5.x/4.x – persistent XSS in AdminCP/ApiLog via
xmlrpc API (post-auth)
============================================================================
====================
Overview
——–
date : 10/12/2014
cvss : 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P) base
cwe : 79
vendor : vBulletin Solutions
product : vBulletin 4
versions affected : latest 4.x and 5.x (to date);…
Fwd: Re: CSP Bypass on Android prior to 4.4
Posted by Vitor Ventura on Oct 14
———- Mensagem encaminhada ———-
De: “Vitor Ventura” <ventura.vitor () gmail com>
Data: 14/10/2014 12:32
Assunto: Re: [FD] CSP Bypass on Android prior to 4.4
Para: “E Boogie” <evanjjohns () gmail com>
Cc:
Hello,
My testing was done on BQ aquaris 5 HD with android 4.2.1 using chrome.
It wasn’t vulnerable.
Regards
VV
Em 14/10/2014 00:12, “E Boogie” <evanjjohns () gmail com>…