Feed aggregator

CVE-2014-5259

News.Debuntu.Org - Fri, 09/12/2014 - 14:55

Cross-site scripting (XSS) vulnerability in cattranslate.php in the CatTranslate JQuery plugin in BlackCat CMS 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Bookmark/Search this post with:
Categories: Network

CVE-2014-4735

News.Debuntu.Org - Fri, 09/12/2014 - 14:55

Cross-site scripting (XSS) vulnerability in MyWebSQL 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the table parameter to index.php.

Bookmark/Search this post with:
Categories: Network

CVE-2014-2009

News.Debuntu.Org - Fri, 09/12/2014 - 14:55

The mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to obtain credentials, the installation path, and other sensitive information via a direct request to api/curllog.log.

Bookmark/Search this post with:
Categories: Network

CVE-2014-2008

News.Debuntu.Org - Fri, 09/12/2014 - 14:55

SQL injection vulnerability in confirm.php in the mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to execute arbitrary SQL commands via the TID parameter.

Bookmark/Search this post with:
Categories: Network

CVE-2012-1556 (diskstation_manager, synology_photo_station)

News.Debuntu.Org - Fri, 09/12/2014 - 14:55

Cross-site scripting (XSS) vulnerability in Synology Photo Station 5 for DiskStation Manager (DSM) 3.2-1955 allows remote attackers to inject arbitrary web script or HTML via the name parameter to photo/photo_one.php.

Bookmark/Search this post with:
Categories: Network

Friday's security updates

News.Debuntu.Org - Fri, 09/12/2014 - 14:46

Debian has updated bind9
(denial of service) and gnupg (key disclosure).

SUSE has updated glibc (SLES10 SP4; SLES11 SP1:
multiple vulnerabilities) and firefox (SLES10 SP3; SLES10 SP4: multiple vulnerabilities).

Ubuntu has updated thunde

Bookmark/Search this post with:

read more

Categories: Network

The Perfect Database Server: Firebird 2.5.3 on FreeBSD 10

News.Debuntu.Org - Fri, 09/12/2014 - 14:19

The Perfect Database Server: Firebird 2.5.3 on FreeBSD 10
Here is the guide on installing Firebird 2.5.3 from FreeBSD 10 Ports and creating your first test database; also we show you how to install Flamerobin GUI (administration tool) and the PHP driver for it. This was tested on fresh FreeBSD 10 on a kvm-linux virtual machine.

Bookmark/Search this post with:
Categories: Network

Analysts predict that Android Wear will beat the Apple Watch

News.Debuntu.Org - Fri, 09/12/2014 - 14:00

 ITworld: While I certainly hope that Android Wear devices do well in the marketplace, I have learned over the years to put little faith in the predictions of analysts

Bookmark/Search this post with:
Categories: Network

Wayland/Weston 1.6 RC2 Released

News.Debuntu.Org - Fri, 09/12/2014 - 13:52

The final release candidate of Wayland 1.6 along with the Weston reference compositor is now available for testing with hopes of officially releasing this quarterly update next week...

The final release candidate of Wayland 1.6 along with the Weston reference compositor is now available for testing with hopes of officially releasing this quarterly update next week...
Read more at Phoronix

Bookmark/Search this post with:
Categories: Network

How to Prepare for Linux Sysadmin Certification

News.Debuntu.Org - Fri, 09/12/2014 - 13:00

Linux.com: The pervasiveness of Linux technology means there’s a world of job possibilities for skilled pros.

Bookmark/Search this post with:
Categories: Network

Beginner’s Guide To Setting Up SSH On Linux And Testing Your Setup

News.Debuntu.Org - Fri, 09/12/2014 - 12:00

MakeUseOff: Arguably one of the most important utilities to learn is SSH.

Bookmark/Search this post with:
Categories: Network

'Open and Libre Office projects should reunite'

News.Debuntu.Org - Fri, 09/12/2014 - 11:00

Open Source Observatory: The software developers working on Apache OpenOffice and LibreOffice - two closely related suites of open source office productivity tools - should overcome their schism and unite to compete

Bookmark/Search this post with:
Categories: Network

Stephen Hawking Talks About the Linux-Based Intel Connected Wheelchair Project

News.Debuntu.Org - Fri, 09/12/2014 - 06:00

 softpedia: Intel has revealed a new, interesting concept called the Connected Wheelchair, which takes data from users and allows people to share that info with the community and is powered by Linux.

Bookmark/Search this post with:
Categories: Network

Q&A with Linus Torvalds at DebConf14 (Debian Developer Conference)

News.Debuntu.Org - Fri, 09/12/2014 - 02:00

 LinuxScoop: Linus Torvalds was invited to a Q&A at DebConf14 (Debian Developer Conference), which took place in Portland, USA.

Bookmark/Search this post with:
Categories: Network

CVE-2014-3363

News.Debuntu.Org - Fri, 09/12/2014 - 01:55

Cross-site scripting (XSS) vulnerability in the web framework in Cisco Unified Communications Manager (UCM) 9.1(2.10000.28) allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuq68443.

Bookmark/Search this post with:
Categories: Network

CVE-2014-3362

News.Debuntu.Org - Fri, 09/12/2014 - 01:55

Memory leak in Cisco TelePresence System Edge MXP Series Software F9.3.3 and earlier allows remote attackers to cause a denial of service (management outage) via multiple TELNET connections, aka Bug ID CSCuo63677.

Bookmark/Search this post with:
Categories: Network

CVE-2014-3342

News.Debuntu.Org - Fri, 09/12/2014 - 01:55

The CLI in Cisco IOS XR allows remote authenticated users to obtain sensitive information via unspecified commands, aka Bug IDs CSCuq42336, CSCuq76853, CSCuq76873, and CSCuq45383.

Bookmark/Search this post with:
Categories: Network

CVE-2014-3092

News.Debuntu.Org - Fri, 09/12/2014 - 01:55

IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3, 4.x before 4.0.7, and 5.x before 5.0.1; and other Rational products, does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

Bookmark/Search this post with:
Categories: Network

CVE-2013-4444

News.Debuntu.Org - Fri, 09/12/2014 - 01:55

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.

Bookmark/Search this post with:
Categories: Network

Red Hat Satellite 6 comes with improved server and cloud management

News.Debuntu.Org - Thu, 09/11/2014 - 22:00

 ZDnet: The new Red Hat Satellite isn't just for Red Hat Enterprise Linux system administrators.

Bookmark/Search this post with:
Categories: Network
Syndicate content