The admin web interface in Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance (WSA) devices allows remote authenticated users to obtain root privileges via crafted certificate-generation arguments, aka Bug ID CSCus83445.
Monthly Archives: November 2015
CVE-2015-6316 (mobility_services_engine)
The default configuration of sshd_config in Cisco Mobility Services Engine (MSE) through 8.0.120.7 allows logins by the oracle account, which makes it easier for remote attackers to obtain access by entering this account’s hardcoded password in an SSH session, aka Bug ID CSCuv40501.
CVE-2015-7770 (sonicwall_totalsecure_tz_100_firmware)
Dell SonicWall TotalSecure TZ 100 devices with firmware before 5.9.1.0-22o allow remote attackers to cause a denial of service via a crafted packet.
Avira, time2win and eSports … it’s time to win!
I believe we’ve mentioned a couple of times that we have some very compassionate gamers here at Avira, which is why we started Avira Gaming – as you well know. Now we are going one step further and are happy to announce our partnership with time2win, a brand new eSports platform.
The post Avira, time2win and eSports … it’s time to win! appeared first on Avira Blog.
Bugtraq: NXFilter v3.0.3 CSRF
NXFilter v3.0.3 CSRF
Bugtraq: NXFilter v3.0.3 Persistent / Reflected XSS
NXFilter v3.0.3 Persistent / Reflected XSS
Bugtraq: CVE-2015-5619
CVE-2015-5619
Bugtraq: CVE-2015-5378
CVE-2015-5378
RHBA-2015:1990-1: atomic bug fix update
Red Hat Enterprise Linux: Updated atomic packages that fix one bug are now available for Red Hat
Enterprise Linux 7 Extras.
RHBA-2015:1989-1: python-docker-py bug fix update
Red Hat Enterprise Linux: Updated python-docker-py packages that fix one bug are now available for Red Hat
Enterprise Linux 7 Extras.