what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 278 RSS Feed

Files

Gentoo Linux Security Advisory 201405-17
Posted May 19, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201405-17 - Multiple vulnerabilities have been discovered in Munin which may lead to symlink attacks, file creation, or bypass of security restrictions. Versions less than 2.0.8-r2 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2012-2103, CVE-2012-3512, CVE-2012-3513
SHA-256 | e8a15c8218cf86576ef0bd53943c4b2c178ec574c17b3e1179293adad2af8a1c
Gentoo Linux Security Advisory 201405-16
Posted May 19, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201405-16 - A hash collision vulnerability in Mono allows remote attackers to cause a Denial of Service condition. Versions less than 2.10.9-r2 are affected.

tags | advisory, remote, denial of service
systems | linux, gentoo
advisories | CVE-2012-3543
SHA-256 | a742d154eb1c548813339e241342a15d6d0ab91189889a419b39fd703bbd1f16
Gentoo Linux Security Advisory 201405-15
Posted May 19, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201405-15 - Multiple vulnerabilities have been found in util-linux, the worst of which may lead to Denial of Service. Versions less than 2.22.2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2011-1675, CVE-2011-1676, CVE-2011-1677, CVE-2013-0157
SHA-256 | e0ed3a80466dfc802963426b3390093d7a6a0ed6d538f5a0df5d687d677017eb
Gentoo Linux Security Advisory 201405-14
Posted May 19, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201405-14 - A vulnerability in Ruby OpenID may lead to Denial of Service. Versions less than 2.2.2 are affected.

tags | advisory, denial of service, ruby
systems | linux, gentoo
advisories | CVE-2013-1812
SHA-256 | e3ac40b0ce019ba22c3669de47fc663b85ac2df4ef70c01ef287083f1859631e
Gentoo Linux Security Advisory 201405-13
Posted May 19, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201405-13 - Multiple vulnerabilities have been found in Pango, the worst of which allow execution of arbitrary code or Denial of Service. Versions less than 1.28.3-r1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2009-1194, CVE-2009-2468, CVE-2011-0020, CVE-2011-0064
SHA-256 | faf4b69f963cc7630668de445423879ab7dcf832430345ee6548d09a12472865
Gentoo Linux Security Advisory 201405-12
Posted May 19, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201405-12 - Multiple vulnerabilities have been found in Ettercap, the worst of which may allow execution of arbitrary code. Versions less than 0.7.5.2 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-3843, CVE-2010-3844, CVE-2013-0722
SHA-256 | f2c794cb8b84d0b36f0156af5b36d5e9d5b6be2526f4114068471247a559552c
Gentoo Linux Security Advisory 201405-11
Posted May 19, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201405-11 - A vulnerability in Bacula may allow remote attackers to obtain sensitive information. Versions less than 5.2.12 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2012-4430
SHA-256 | 76cf66128f37533b55fda0ee8640a6ca34fd157cff55fdd1fad7a1636f5f9164
Gentoo Linux Security Advisory 201405-10
Posted May 19, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201405-10 - Multiple vulnerabilities have been found in Rack, the worst of which allow execution of arbitrary code. Versions less than 1.4.5 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-6109, CVE-2013-0183, CVE-2013-0184, CVE-2013-0262, CVE-2013-0263
SHA-256 | 8eb7b04a7ff4141bc295620249608014b58fc83e4fff415b3d7a5d1f8a316361
Gentoo Linux Security Advisory 201405-09
Posted May 19, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201405-9 - Multiple vulnerabilities have been discovered in ImageMagick, the worst of which could lead to arbitrary code execution. Versions less than 6.8.8.10 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2012-1185, CVE-2012-1186, CVE-2013-4298, CVE-2014-1947, CVE-2014-2030
SHA-256 | 6e641e70ac29905d8c4d3526df68964e6c184cfc1eace5b729fbbefd0bdb8e69
Gentoo Linux Security Advisory 201405-08
Posted May 19, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201405-8 - Multiple vulnerabilities have been found in ClamAV, the worst of which could lead to arbitrary code execution. Versions less than 0.98 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2013-2020, CVE-2013-2021, CVE-2013-7087, CVE-2013-7088, CVE-2013-7089
SHA-256 | ca4bbc6bfc70c0a007ce852addec82b460b849ba6619d6a1566c5cc794ad74fc
Mandriva Linux Security Advisory 2014-104
Posted May 19, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-104 - eGroupWare before 1.8.007 allows logged in users with administrative privileges to remotely execute arbitrary commands on the server. It is also vulnerable to a cross site request forgery vulnerability that allows creating new administrative users.

tags | advisory, arbitrary, csrf
systems | linux, mandriva
SHA-256 | 163816366349375cb802d0b3bf5aef0485911fb9c176c1929c1d3f52e8c8ef99
Mandriva Linux Security Advisory 2014-101
Posted May 19, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-101 - Owncloud versions 5.0.16 and 6.0.3 fix several unspecified security vulnerabilities, as well as many other bugs.

tags | advisory, vulnerability
systems | linux, mandriva
SHA-256 | bdf9b2bd496204828ef8370a8b35d1424c6743cfd4e0f4cdb1f5eaa2978d08cb
Mandriva Linux Security Advisory 2014-089
Posted May 19, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-089 - Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a denial of service via a long message to cmd.cgi.

tags | advisory, remote, denial of service, overflow, cgi
systems | linux, mandriva
advisories | CVE-2014-1878
SHA-256 | f67293a2e15a040d53df4ef35b036e78deb4104e3fc23548eb9b8e45f179064e
Mandriva Linux Security Advisory 2014-093
Posted May 19, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-093 - Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a denial of service via the count parameter to /_uuids.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2014-2668
SHA-256 | 2ca19ad759d5e98ce336dd74c86a72f5722a73b71befbd76c33ff2ef385f6bcd
Mandriva Linux Security Advisory 2014-099
Posted May 19, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-099 - Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service via an incomplete SSL/TLS handshake for an IMAP/POP3 connection. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, imap
systems | linux, mandriva
advisories | CVE-2014-3430
SHA-256 | b82ca56efd8853684a23112efde2dd54f66c4a5430e065066c7fe0aae9e7b563
Mandriva Linux Security Advisory 2014-097
Posted May 19, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-097 - The LXC driver in libvirt 1.0.1 through 1.2.1 allows local users to delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; via the virDomainDeviceAttach API and a symlink attack on /dev in the container; and cause a denial of service (shutdown or reboot host OS) via the virDomainReboot API and a symlink attack on /dev/initctl in the container, related to paths under /proc//root and the virInitctlSetRunLevel function. libvirt was patched to prevent expansion of entities when parsing XML files. This vulnerability allowed malicious users to read arbitrary files or cause a denial of service. The updated packages have been upgraded to the 1.1.3.5 version and patched to correct these issues.

tags | advisory, denial of service, arbitrary, local, root
systems | linux, mandriva
advisories | CVE-2013-6456, CVE-2014-0179
SHA-256 | ed55160db0091a2f3521eb28085c1855960ad5f1a486378894808978a59d4533
Mandriva Linux Security Advisory 2014-091
Posted May 19, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-091 - Cross-site scripting vulnerability in scheduler/client.c in Common Unix Printing System before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function.

tags | advisory, remote, web, arbitrary, xss
systems | linux, unix, mandriva
advisories | CVE-2014-2856
SHA-256 | 30e6eecea2171318dfc6d73daaf29f6095de61cbaccd933c3e50786079a68415
Mandriva Linux Security Advisory 2014-103
Posted May 19, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-103 - Multiple vulnerabilities have been discovered and corrected in WordPress before 3.7.2 and 3.8.x before 3.8.2 allows remote authenticated users to publish posts by leveraging the Contributor role, related to wp-admin/includes/post.php and wp-admin/includes/class-wp-posts-list-table.php. The wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.x before 3.8.2 does not properly determine the validity of authentication cookies, which makes it easier for remote attackers to obtain access via a forged cookie. The updated packages have been patched to correct these issues.

tags | advisory, remote, php, vulnerability
systems | linux, mandriva
advisories | CVE-2014-0165, CVE-2014-0166
SHA-256 | 773c10cb4bddf7528da15b0bd9bf90cf62273a774208b5c3484fe51844eb4a8e
Mandriva Linux Security Advisory 2014-100
Posted May 19, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-100 - An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to trigger Java Virtual Machine memory corruption and possibly bypass Java sandbox restrictions. Various other issues have also been addressed.

tags | advisory, java, remote, arbitrary
systems | linux, mandriva
advisories | CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0454, CVE-2014-0455, CVE-2014-0456, CVE-2014-0457, CVE-2014-0458, CVE-2014-0459, CVE-2014-0460, CVE-2014-0461, CVE-2014-1876, CVE-2014-2397, CVE-2014-2398, CVE-2014-2402, CVE-2014-2403, CVE-2014-2412, CVE-2014-2413, CVE-2014-2414, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427
SHA-256 | 91824bad36582882c00f6a76ee8ba050b4a1bf940847bce7892c312648b1fe08
Mandriva Linux Security Advisory 2014-102
Posted May 19, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-102 - Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML. Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition. Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema. Various other issues have also been addressed.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2014-0384, CVE-2014-2419, CVE-2014-2430, CVE-2014-2431, CVE-2014-2432, CVE-2014-2436, CVE-2014-2438, CVE-2014-2440
SHA-256 | 4c3dfa2c00c7ae25a2d3271ee36d0ae6c4fd0f53e51568e7335f6d0bed64486a
Mandriva Linux Security Advisory 2014-096
Posted May 19, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-096 - Jinja2, a template engine written in pure python, was found to use /tmp as a default directory for jinja2.bccache.FileSystemBytecodeCache, which is insecure because the /tmp directory is world-writable and the filenames used like 'FileSystemBytecodeCache' are often predictable. A malicious user could exploit this bug to execute arbitrary code as another user.

tags | advisory, arbitrary, python
systems | linux, mandriva
advisories | CVE-2014-1402
SHA-256 | 44d1301723529558867f49387a9bf314f26c0cfebb92615d2c4d9e985a3c2f81
Mandriva Linux Security Advisory 2014-094
Posted May 19, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-094 - rxvt-unicode before 9.20 is vulnerable to a user-assisted arbitrary commands execution issue. This can be exploited by the unprocessed display of certain escape sequences in a crafted text file or program output. Arbitrary command sequences can be constructed using this, and unintentionally executed if used in conjunction with various other escape sequences.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2014-3121
SHA-256 | 3ab5b4ea6dca904ee4bbf52975e6d8a34be2beacaff2afa7fd590b36b72824b3
Debian Security Advisory 2929-1
Posted May 19, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2929-1 - Several vulnerabilities were discovered in Action Pack, a compononent of Ruby o Rails.

tags | advisory, vulnerability, ruby
systems | linux, debian
advisories | CVE-2014-0081, CVE-2014-0082, CVE-2014-0130
SHA-256 | af39a9956c8de838906f574b472beb2680000be1fb5d3647cb1766914be729a0
Apple Security Advisory 2014-05-15-2
Posted May 17, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-05-15-2 - iTunes 11.2 is now available and addresses a credential interception issue. Set-Cookie HTTP headers would be processed even if the connection closed before the header line was complete. An attacker could strip security settings from the cookie by forcing the connection to close before the security settings were sent, and then obtain the value of the unprotected cookie. This issue was addressed by ignoring incomplete HTTP header lines.

tags | advisory, web
systems | apple
advisories | CVE-2014-1296
SHA-256 | 61a6ffe4d28038e15d2ed5fb6190c43e5f79c5aed85e8922f69a2ec5931e12cb
Apple Security Advisory 2014-0515-1
Posted May 16, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-05-15-1 - OS X Mavericks version 10.9.3 is now available and includes the content of Security Update 2014-002.

tags | advisory
systems | apple, osx
SHA-256 | 1ea1527df8b7e4fbdca824c34281912605d0db4a3f9a839a23c7fc2a5fb77005
Page 5 of 12
Back34567Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close