Red Hat Security Advisory 2016-2035-01 – Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss Fuse 6.3 is a minor product release that updates Red Hat JBoss Fuse 6.2.1, and includes several bug fixes and enhancements.
Monthly Archives: October 2016
Red Hat Security Advisory 2016-2036-01
Red Hat Security Advisory 2016-2036-01 – Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards-compliant messaging system that is tailored for use in mission critical applications. Red Hat JBoss A-MQ 6.3 is a minor product release that updates Red Hat JBoss A-MQ 6.2.1, and includes several bug fixes and enhancements.
Gentoo Linux Security Advisory 201610-02
Gentoo Linux Security Advisory 201610-2 – Multiple vulnerabilities have been found in Apache, the worst of which could allow HTTP request smuggling attacks or a Denial of Service condition. Versions less than 2.4.23 are affected.
Debian Security Advisory 3688-1
Debian Linux Security Advisory 3688-1 – Several vulnerabilities were discovered in NSS, the cryptography library developed by the Mozilla project.
Gentoo Linux Security Advisory 201610-01
Gentoo Linux Security Advisory 201610-1 – Groovy is vulnerable to a remote execution of arbitrary code when java serialization is used. Versions less than 2.4.5 are affected.
Cybersecurity: SMBs At Greater Risk [infographic]
In Part 3 of our exploration of the state of cybersecurity — Part 1 examined the basics of business security, including the core functions (Identify, Protect, Detect, Respond and Recover), while Part 2 addressed the growing and evolving threat environment — we find that the size of your organization doesn’t matter when it comes to risks. The ugly truth is that all organizations are vulnerable, particularly small and medium businesses, which do not offer the financial potential of larger organizations, but also have neither the skills nor resources of wealthier targets.
Web-Based Keylogger Used to Steal Credit Card Data from Popular Sites
Researchers estimate thousands of ecommerce sites are under attack by a single threat actor that has infected servers with a web-based keylogger.
Billion Router 7700NR4 Remote Root Command Execution
Billion Router 7700NR4 remote root command execution exploit.
[KIS-2016-12] Magento <= 1.9.2.2 (RSS Feed) Information Disclosure Vulnerability
Posted by Egidio Romano on Oct 06
————————————————————————————
Symantec Web Gateway <= 5.2.2 (new_whitelist.php) OS Command Injection
Vulnerability
————————————————————————————
[-] Software Link:
[-] Affected Versions:
Version 5.1.1.24, 5.2.1.80 and 5.2.2.118. Other versions might be affected.
[-] Vulnerability Description:
The…
MLM Unilevel Plan Script 1.0.2 SQL Injection
MLM Unilevel Plan Script version 1.0.2 suffers from a remote SQL injection vulnerability.