fulldisclosure-logo-20
left-icon-16x16-20
right-icon-16x16-20

Full Disclosure: Sitecore Directory Traversal Vulnerability

Full Disclosure mailing list archives   By Date           By Thread         Sitecore Directory Traversal Vulnerability From: Chris Date: Mon, 23 Apr 2018 17:16:38 -0400 Sitecore Directory Traversal Vulnerability CVE-2018-7669 (reserved) An issue was discovered in Sitecore CMS that affects at least ‘Sitecore.NET 8.1’ rev. 151207 Hotfix 141178-1 and above. The ‘Log Viewer’ application is vulnerable to a directory traversal attack, …

Paramiko CVE-2018-7750 Authentication Bypass Vulnerability

Vulnerable: Ubuntu Ubuntu Linux 17.10Ubuntu Ubuntu Linux 16.04 LTSUbuntu Ubuntu Linux 14.04 LTSUbuntu Ubuntu Linux 12.04 ESMRedhat Satellite 6Redhat RHEV-M 4.0Redhat OpenStack Platform 12Redhat OpenStack Platform 11Redhat OpenStack Platform 10Redhat OpenShift Enterprise 3.0Redhat Gluster Storage 3.0Redhat Enterprise Linux Server 7Redhat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7Redhat Enterprise Linux for Power, little endian 7Redhat Enterprise Linux for Power …

HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability

HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability Bugtraq ID: 94411 Class: Unknown CVE: CVE-2016-4331 Remote: No Local: Yes Published: Nov 18 2016 12:00AM Updated: Apr 24 2018 11:00AM Credit: Cisco Talos. Vulnerable: SuSE Package Hub for SUSE Linux Enterprise 12openSUSE Leap 42.3HDF5 HDF5 1.8.16Gentoo Linux Debian Linux 6.0 sparcDebian Linux 6.0 s/390Debian Linux 6.0 powerpcDebian Linux 6.0 mipsDebian Linux 6.0 …

fulldisclosure-logo-19
left-icon-16x16-19
right-icon-16x16-19

Reflected Cross-Site Scripting in multiple Zyxel ZyWALL products

Full Disclosure mailing list archives SEC Consult SA-20180424-0 :: Reflected Cross-Site Scripting in multiple Zyxel ZyWALL products From: SEC Consult Vulnerability Lab Date: Tue, 24 Apr 2018 16:04:09 +0200 SEC Consult Vulnerability Lab Security Advisory < 20180424-0 > ======================================================================= title: Reflected Cross-Site Scripting product: Zyxel ZyWALL: see “Vulnerable / tested version” vulnerable version: ZLD 4.30 and before fixed version: ZLD …

fulldisclosure-logo-18
left-icon-16x16-18
right-icon-16x16-18

Multiple Stored XSS Vulnerabilities in WSO2 Carbon and Dashboard Server

Full Disclosure mailing list archives SEC Consult SA-20180423-0 :: Multiple Stored XSS Vulnerabilities in WSO2 Carbon and Dashboard Server From: SEC Consult Vulnerability Lab Date: Tue, 24 Apr 2018 12:56:23 +0200 SEC Consult Vulnerability Lab Security Advisory < 20180423-0 > ======================================================================= title: Multiple Stored XSS Vulnerabilities product: WSO2 Carbon, WSO2 Dashboard Server vulnerable version: WSO2 Identity Server 5.3.0 fixed version: …

typo3-v920-released

The well-known “TYPO3 Admin Panel” provides a deeper insight into the internal processes of TYPO3 at run-time. Once activated, TYPO3 integrators and site administrators can access performance and cache statistics, settings of a specific page, etc. They can also simulate certain frontend access situations. It is for example possible to impersonate a specific user group or simulate a timestamp, which …

Introducing the TYPO3 Communication Coordination Committee

The Association, Company, and community should work as one to promote TYPO3, and the Communication Coordination Committee (or T3C3) is here to facilitate creation and distribution of content for the TYPO3 community as a whole. If you have previously published news at typo3.org, you may lose your immediate access to do so, but the committee and our process are not here …

Supervisory Board report 4th quarter of 2017

TYPO3 Inc Development: The company is generating a profit, and the results of the TYPO3 Inc are in accordance with our expectations. Our revenue is now shifting more to our new products, as the ELTS programm has main cyles, which are related to the LTS releases. 85% the revenue has been generated by the ELTS program, and 15% by various activities, …

TYPO3Camp Venlo 2018; for a lot of inspiration

Growing TYPO3 CMS adoption, scale, deal sizes, and community! – Tracy Evans “Who is your audience and how do you solve their problems,” Tracy asks the public. “TYPO3 has a lot of solutions. Eighty percent of all the the core values of other programs we have also. Only we don’t talk about it.” That must change. That is the reason …

Introducing strategic TYPO3 development initiatives

More transparency and predictability With initiatives, we are providing a bigger picture plan for future development  of TYPO3 enabling the wider community to give feedback, contribute and collaborate. As each initiative contains a defined set of goals and steps to achieve them, contributing gets easier. In the past we often had discussions about why certain decisions were taken or regarded …