Debian Linux Security Advisory 3787-1 – It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop.
Monthly Archives: February 2017
Debian Security Advisory 3788-1
Debian Linux Security Advisory 3788-1 – It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop.
Gentoo Linux Security Advisory 201702-07
Gentoo Linux Security Advisory 201702-7 – Multiple vulnerabilities have been found in OpenSSL, the worst of which might allow attackers to access sensitive information. Versions less than 1.0.2k are affected.
Gentoo Linux Security Advisory 201702-08
Gentoo Linux Security Advisory 201702-8 – Multiple vulnerabilities have been found in VirtualBox, the worst of which might allow unauthorized changes to some critical or all accessible data. Versions less than 5.0.32 are affected.
Debian Security Advisory 3786-1
Debian Linux Security Advisory 3786-1 – Editor spell files passed to the vim (Vi IMproved) editor may result in an integer overflow in memory allocation and a resulting buffer overflow which potentially could result in the execution of arbitrary code or denial of service.
ShadeYouVPN.com Client For Windows 2.0.1.11 Privilege Escalation
ShadeYouVPN.com client for Windows version 2.0.1.11 suffers from a local privilege escalation vulnerability due to executing any file path sent through a socket without verification as the SYSTEM user.
Avast's HTTPS scanner receives A* rating
Websites using HTTPS can increase privacy, as the connection between the browser and the website’s server is encrypted. This means that the browser and the web server are the only points that see your browsing activity and the data you enter. Today, anyone who owns a URL can obtain a TLS/SSL certificate, needed to encrypt the web traffic, and create a HTTPS website. This, of course, includes cybercriminals. Because of this, back in 2014, Avast introduced a way to scan HTTPS URLs for malicious activity in order to protect our users from being infected via malware transmitted over HTTPS sites.
Riverbed RiOS Insecure Cryptographic Storage
Riverbed RiOS suffers from an insecure cryptographic storage vulnerability.
DEF CON 25 Wall Of Sheep Call For Presentations
The Wall of Sheep would like to announce a call for presentations at DEF CON 25 at the Caesars Palace in Las Vegas, NV from Thursday, July 27th to Sunday, July 30th. This will be the 5th anniversary of their Speaker Workshops. The Wall of Sheep’s workshops goal is to deliver talks that increase security awareness and provide skills that can be immediately applied after the conference. Their audience ranges from those who are new to security to the most seasoned practitioners in the security industry. Introductory talks are welcome.
WordPress Easy Table 1.6 Cross Site Scripting
WordPress Easy Table plugin version 1.6 suffers from persistent cross site scripting vulnerabilities.