The CBN CH6640E/CG6640E wireless gateway series suffers from information disclosure, cross site request forgery, cross site scripting, and denial of service vulnerabilities.
Monthly Archives: October 2014
Vuln: PHP OpenSSL Extension 'openssl_x509_parse()' Remote Memory Corruption Vulnerability
PHP OpenSSL Extension ‘openssl_x509_parse()’ Remote Memory Corruption Vulnerability
Vuln: PHP CVE-2013-4113 Heap Memory Corruption Vulnerability
PHP CVE-2013-4113 Heap Memory Corruption Vulnerability
Vuln: Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
Debian Security Advisory 3058-1
Debian Linux Security Advisory 3058-1 – Chad Vizino reported a vulnerability in torque, a PBS-derived batch processing queueing system. A non-root user could exploit the flaw in the tm_adopt() library call to kill any process, including root-owned ones on any node in a job.
HP Security Bulletin HPSBST03157
HP Security Bulletin HPSBST03157 – A potential security vulnerability has been identified with HP StoreEver ESL E-series Tape Library and HP Virtual Library System (VLS) running Bash Shell. This is the Bash Shell vulnerability known as “ShellShock” which could be exploited remotely to allow execution of code. Revision 1 of this advisory.
HP Security Bulletin HPSBMU03152
HP Security Bulletin HPSBMU03152 – A potential security vulnerability has been identified with HP Operations Orchestration running SSL. This is the SSLv3 vulnerability known as “POODLE” which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.
Bugtraq: Call for Papers – WorldCIST'15 – Azores, 1 – 3 April 2015
Call for Papers – WorldCIST’15 – Azores, 1 – 3 April 2015
Bugtraq: [SECURITY] [DSA 3056-1] libtasn1-3 security update
[SECURITY] [DSA 3056-1] libtasn1-3 security update
Bugtraq: vulnerabilities in libbfd (CVE-2014-beats-me)
vulnerabilities in libbfd (CVE-2014-beats-me)