Full Disclosure

Data Source: Scopus CMS – SQL Injection Web Vulnerability

February 26, 2015 007admin

Posted by Vulnerability Lab on Feb 26

Document Title:
===============
Data Source: Scopus CMS – SQL Injection Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1436

Release Date:
=============
2015-02-25

Vulnerability Laboratory ID (VL-ID):
====================================
1436

Common Vulnerability Scoring System:
====================================
8.9

Abstract Advisory Information:…

Full Disclosure

DSS TFTP 1.0 Server – Path Traversal Vulnerability

February 26, 2015 007admin

Posted by Vulnerability Lab on Feb 26

Document Title:
===============
DSS TFTP 1.0 Server – Path Traversal Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1440

Release Date:
=============
2015-02-26

Vulnerability Laboratory ID (VL-ID):
====================================
1440

Common Vulnerability Scoring System:
====================================
6.2

Product & Service Introduction:
===============================…

ESET

Lenovo website hacked, Lizard Squad claims responsibility

February 26, 2015 007admin

Chinese computer manufacturer Lenovo has been victim to a website hack, with Lizard Squad claiming responsibility.

The post Lenovo website hacked, Lizard Squad claims responsibility appeared first on We Live Security.

Fedora

Fedora 20 Security Update: echoping-6.1-0.beta.r434svn.1.fc20

February 25, 2015 007admin

Resolved Bugs
705174 – echoping: boundary error in SSL-related functions can lead to buffer overflow [fedora-all]
1007031 – echoping segfaults all the time
460557 – echoping : Package and software are in a desolate state
1032547 – echoping doesn’t seem to work (cannot open shared object file)<br
Updated to latest SVN, fixing various bugs

Fedora

Fedora 21 Security Update: libjpeg-turbo-1.3.1-5.fc21

February 25, 2015 007admin

Resolved Bugs
1169845 – CVE-2014-9092 libjpeg-turbo: denial of service via specially-crafted JPEG file
1169850 – CVE-2014-9092 libjpeg-turbo: denial of service via specially-crafted JPEG file [fedora-all]<br
Security fix for CVE-2014-9092

Fedora

Fedora 20 Security Update: libjpeg-turbo-1.3.1-3.fc20

February 25, 2015 007admin

Fedora

Fedora 21 Security Update: echoping-6.1-0.beta.r434svn.1.fc21

February 25, 2015 007admin

NVD

CVE-2015-0633

February 25, 2015 007admin

The Integrated Management Controller (IMC) in Cisco Unified Computing System (UCS) 1.4(7h) and earlier on C-Series servers allows remote attackers to bypass intended access restrictions by sending crafted DHCP response packets on the local network, aka Bug ID CSCuf52876.

Debian

DSA-3176 request-tracker4 – security update

February 25, 2015 007admin

Multiple vulnerabilities have been discovered in Request Tracker, an
extensible trouble-ticket tracking system. The Common Vulnerabilities
and Exposures project identifies the following problems:

Security Focus

Vuln: AdaptCMS Arbitrary File Upload Vulnerability

February 25, 2015 007admin

AdaptCMS Arbitrary File Upload Vulnerability

007 Software

Monthly Archives: February 2015

Data Source: Scopus CMS – SQL Injection Web Vulnerability

DSS TFTP 1.0 Server – Path Traversal Vulnerability

Lenovo website hacked, Lizard Squad claims responsibility

Fedora 20 Security Update: echoping-6.1-0.beta.r434svn.1.fc20

Fedora 21 Security Update: libjpeg-turbo-1.3.1-5.fc21

Fedora 20 Security Update: libjpeg-turbo-1.3.1-3.fc20

Fedora 21 Security Update: echoping-6.1-0.beta.r434svn.1.fc21

CVE-2015-0633

DSA-3176 request-tracker4 – security update

Vuln: AdaptCMS Arbitrary File Upload Vulnerability

Software and Security Information