Monthly Archives: February 2015
Lynis Auditing Tool 2.0.0
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
Alienware Command Center 2.8.8.0 Local Privilege Escalation
Alienware Command Center version 2.8.8.0 suffers from an unquoted search path issue impacting the service ‘ioloenergybooster’ for Windows. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system.
Red Hat Security Advisory 2015-0269-01
Red Hat Security Advisory 2015-0269-01 – Red Hat JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss Operations Network 3.3.1 release serves as a replacement for JBoss Operations Network 3.3.0, and includes several bug fixes.
Ubuntu Security Notice USN-2505-1
Ubuntu Security Notice 2505-1 – Matthew Noorenberghe discovered that whitelisted Mozilla domains could make UITour API calls from background tabs. If one of these domains were compromised and open in a background tab, an attacker could potentially exploit this to conduct clickjacking attacks. Jan de Mooij discovered an issue that affects content using the Caja Compiler. If web content loads specially crafted code, this could be used to bypass sandboxing security measures provided by Caja. Various other issues were also addressed.
Chicago Police Disappearing Americans At Their Own Black Site
CESA-2015:0266 Important CentOS 5 thunderbirdSecurity Update
CentOS Errata and Security Advisory 2015:0266 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0266.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 03125dc617adf6e21a75514e135e82f08d90178f17f8d3e6c96d3cbc360b78ce thunderbird-31.5.0-1.el5.centos.i386.rpm x86_64: c638b9ceb5e6f217727fd392466c03bd268d668d167687215c87a8cbad9a4bcf thunderbird-31.5.0-1.el5.centos.x86_64.rpm Source: 1985b7f18bb11b6dadb49cdb3a2dd8119767aab93f561789537319b754eb6d51 thunderbird-31.5.0-1.el5.centos.src.rpm
CESA-2015:0266 Important CentOS 6 thunderbirdSecurity Update
CentOS Errata and Security Advisory 2015:0266 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0266.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 10cf2774899a722583ccf83178b5b0c670cdfaa467e7def8038101d0512e89ac thunderbird-31.5.0-1.el6.centos.i686.rpm x86_64: 72d284150fec9a4815ab4358299199052181d31d62bdd0e5a8fe57e925ff6165 thunderbird-31.5.0-1.el6.centos.x86_64.rpm Source: 5568672fb5bb86b79e4824e171f4c973ec6953defd67248f2c58b31ebf5d663b thunderbird-31.5.0-1.el6.centos.src.rpm
Facebook Bug Bounty Submissions Climb in 2014
Facebook released final numbers on 2014 submissions and payouts from its bug bounty program, showing continued growth in both areas.
More than 1 Million WordPress Sites Open to SQL Injection Attacks
More than one million different WordPress sites may be vulnerable to a critical plugin issue that could lead to SQL injections and in turn, total site takeover.