Javier García

27 septiembre, 2019

Apache Traffic Control vulnerability CVE-2019-12405

Apache Traffic Control vulnerability CVE-2019-12405 Security Advisory Security Advisory Description Improper authentication is possible in Apache Traffic Control versions 3.0.0 and 3.0.1 if LDAP ... More info: https://support.f5.com/csp/article/K84141859

27 septiembre, 2019

8 WordPress Security Infographics to Download & Share

https://ithemes.com/wordpress-security-infographics/Love infographics? We do, too! From WordPress security basics to how to secure your website, we have 8 WordPress security infographics for you to download and share. 1. Five Ways to Secure Your WordPress Website It feels like every week there’s another security breach in the news. It can cause panic, especially when we think […] More info: https://ithemes.com/wordpress-security-infographics/

27 septiembre, 2019

Linux kernel vulnerability CVE-2011-5327

Linux kernel vulnerability CVE-2011-5327 Security Advisory Security Advisory Description In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_ ... More info: https://support.f5.com/csp/article/K42315210

27 septiembre, 2019

DSA-4532 spip – security update

It was discovered that SPIP, a website engine for publishing, wouldallow unauthenticated users to modify published content and write tothe database, perform cross-site request forgeries, and enumerateregistered users. More info: https://www.debian.org/security/2019/dsa-4532

27 septiembre, 2019

Samba vulnerability CVE-2019-10197

Samba vulnerability CVE-2019-10197 Security Advisory Security Advisory Description A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3 ... More info: https://support.f5.com/csp/article/K69511801

27 septiembre, 2019

Linux kernel vulnerability CVE-2017-18509

Linux kernel vulnerability CVE-2017-18509 Security Advisory Security Advisory Description An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket ... More info: https://support.f5.com/csp/article/K41582535

27 septiembre, 2019

Podcast Episode 46: Zero Day Vulnerability in Rich Reviews Plugin Exploited In The Wild

https://www.wordfence.com/blog/2019/09/podcast-episode-46-zero-day-vulnerability-in-rich-reviews-plugin-exploited-in-the-wild/ We chat with Mikey Veenstra to talk about the Wordfence Threat Intelligence team’s work tracking a series of active attacks on an unpatched vulnerability in the Rich Reviews plugin for WordPress. With an estimated 16,000 installations, attackers are targeting unauthenticated plugin option updates, which can be used to deliver stored cross-site scripting (XSS) More info: https://www.wordfence.com/blog/2019/09/podcast-episode-46-zero-day-vulnerability-in-rich-reviews-plugin-exploited-in-the-wild/

26 septiembre, 2019

DELUCKS SEO <= 2.1.7 – Unauthenticated Options Update

https://wpvulndb.com/vulnerabilities/9886 More info: https://wpvulndb.com/vulnerabilities/9886

26 septiembre, 2019

REST Framework vulnerability CVE-2019-6651

REST Framework vulnerability CVE-2019-6651 Security Advisory Security Advisory Description The BIG-IP/BIG-IQ Configuration utility login page may not follow best security practices when handling a ... More info: https://support.f5.com/csp/article/K89509323

26 septiembre, 2019

Rich Reviews <= 1.7.4 – Unauthenticated Plugin Options Update

https://wpvulndb.com/vulnerabilities/9885 More info: https://wpvulndb.com/vulnerabilities/9885