Debian Linux Security Advisory 3116-1 - It was discovered that a memory leak in parsing X.509 certificates may result in denial of service.
716f00de140643e903111e8a49c5906ac4dc2315c7a5c2ff83b4b5f09bf2b093EMC Replication Manager and EMC AppSync may contain unquoted entries in the Windows registry service path that could potentially be exploited by an attacker to execute malicious programs. EMC Replication Manager versions prior to 5.5.2 and EMC AppSync versions prior to 2.1.0 are affected.
085263f786a21f962439f7e0b2485d5c2b8b4c228b270b346a074cd80a39f6bdRSA BSAFE Micro Edition Suite and SSL-J contain updates designed to prevent Triple Handshake attacks. There is a known potential vulnerability in the TLS protocol where it is possible for a malicious server to impersonate a client to another server using the client's credentials and successfully perform a man-in-the-middle attack on the third handshake.
93be08d4c4e239ceb09c2ed267dbf8165470862f35b663be64f889d55c4e97e5Debian Linux Security Advisory 3115-1 - Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in Python-YAML, a YAML parser and emitter for Python. An attacker able to load specially crafted YAML input into an application using python-yaml could cause the application to crash.
49ad22f3dd836f0d44e1d28a7e4a30bff012d8ec8e5bbb52b850fe99bc1e870bGentoo Linux Security Advisory 201412-53 - A vulnerability has been found in MIT Kerberos 5, possibly resulting in arbitrary code execution or a Denial of Service condition. Versions less than 1.13 are affected.
5cde42d374ab870f36dc359940e34aa0c1990a9800b99bca9fe88696b4e98ae5Debian Linux Security Advisory 3113-1 - Michele Spagnuolo of the Google Security Team discovered that unzip, an extraction utility for archives compressed in .zip format, is affected by heap-based buffer overflows within the CRC32 verification function (CVE-2014-8139), the test_compr_eb() function (CVE-2014-8140) and the getZip64Data() function (CVE-2014-8141), which may lead to the execution of arbitrary code.
c07d19cf6b887fa58bdf1aabe929c435954c16a8c33b34fa65ffa5b22c076cdaDebian Linux Security Advisory 3114-1 - Timothy D. Morgan discovered that run-mailcap, an utility to execute programs via entries in the mailcap file, is prone to shell command injection via shell meta-characters in filenames. In specific scenarios this flaw could allow an attacker to remotely execute arbitrary code.
d0d564ef0b65527a21eee4ab3d08a36dc96badae881dd56d032b2a6b2a4adc01Gentoo Linux Security Advisory 201412-52 - Multiple vulnerabilities have been found in Wireshark which could allow remote attackers to cause Denial of Service. Versions less than 1.12.2 are affected.
f17c19c16fb1c4ac4bc4cbe10a7fa67976348af84d1bb1b7a8aa25a6421db1dbGentoo Linux Security Advisory 201412-51 - Multiple vulnerabilities have been found in Asterisk, the worst of which could lead to Denial of Service, bypass intended ACL restrictions or allow an authenticated user to gain escalated privileges. Versions less than 11.14.2 are affected.
04044181d0958586da94e04aa40876aa0b3112da38bf0c87d7e7ea0eb5d041f0Gentoo Linux Security Advisory 201412-50 - Multiple vulnerabilities have been discovered in getmail, allowing remote attackers to obtain sensitive information. Versions less than 4.46.0 are affected.
6a1e587d9ebd5fb431680886ea0dc60724e6a6c78885dfc8ffca72fb52f56d9fGentoo Linux Security Advisory 201412-49 - Multiple vulnerabilities have been found in fish, the worst of which could result in local privilege escalation or remote arbitrary code execution. Versions less than 2.1.1 are affected.
123e46940ecf6f2469426c6935aec9bd1c6d5353bbbfc158faf0722597cbd198Gentoo Linux Security Advisory 201412-48 - A vulnerability in file could allow a context-dependent attack to create a Denial of Service condition. Versions less than 5.21 are affected.
1cdbea9495a1375e74f8b72f7ea0936bfdb317a6d2b74279856945a6b1734a56Gentoo Linux Security Advisory 201412-47 - Multiple vulnerabilities have been found in TORQUE Resource Manager, possibly resulting in escalation of privileges or remote code execution. Versions less than 4.1.7 are affected.
51a42e443e73a67f0e0416d7e5cd284c78b89ddef4d31e82cd485c179c0087a4Gentoo Linux Security Advisory 201412-46 - Multiple buffer overflow flaws and a parser error in LittleCMS could cause Denial of Service. Versions less than 2.6-r1 are affected.
c9bb33764707bb704d3507f54af051747564581d3d72a23550da0ef47d9d4603Gentoo Linux Security Advisory 201412-45 - An untrusted search path vulnerability in Facter could lead to local privilege escalation. Versions less than 1.7.6 are affected.
2408fdb470e5ca13e3158b05ea08bf735a14aefe460cfdf705aa3ba374e80432Gentoo Linux Security Advisory 201412-44 - A vulnerability in policycoreutils could lead to local privilege escalation. Versions prior to 2.2.5-r4 are affected.
2b706a9b7343eb709884ad81f2c80a0c6680592d90a399a8cb2af12c127d2d2dGentoo Linux Security Advisory 201412-43 - Multiple vulnerabilities have been found in MuPDF, possibly resulting in remote code execution or Denial of Service. Versions less than 1.3_p20140118 are affected.
9db4f8eb533c555a2ab6d7ee94ce631b7188dbc59c13ec335fec084c0af97f33Gentoo Linux Security Advisory 201412-42 - Multiple vulnerabilities have been found in Xen, possibly resulting in Denial of Service. Versions less than 4.4.1-r2 are affected.
2db7505f2e7bc5f6baa362b0b62538e08d79d4290e93c6e8354e4d02ac99eacfGentoo Linux Security Advisory 201412-41 - A vulnerability in OpenVPN could lead to Denial of Service. Versions less than 2.3.6 are affected.
651aa9b76ab89413bece706940ddde61a52f8eba2671728362fc48fbf32b6ebcGentoo Linux Security Advisory 201412-34 - Multiple vulnerabilities have been found in NTP, the worst of which could result in remote execution of arbitrary code. Versions less than 4.2.8 are affected.
5b5deda4695b2395daea389f9d8700e9e35ad23c665aa66ecf1cb7860ddbcc0cGentoo Linux Security Advisory 201412-40 - A buffer overflow vulnerability in FLAC could lead to execution of arbitrary code or Denial of Service. Versions less than 1.3.1-r1 are affected.
485821925f3fd0cb84b9f1acbaf7ca8a023d754581815489e97be7b6c6168913Gentoo Linux Security Advisory 201412-39 - Multiple vulnerabilities have been found in OpenSSL, the worst of which could result in Denial of Service or Man-in-the-Middle attacks. Versions less than 1.0.1j are affected.
a8911a2cd573d9d9b7a21dda6fda6b8c703d63c5dd4ba76095ba2d228441fbaeGentoo Linux Security Advisory 201412-38 - Two vulnerabilities have been found in Icecast, possibly resulting in privilege escalation or disclosure of information. Versions less than 2.4.1 are affected.
45288fcccaac3340b88c071b9f3a08de2a6ec22c780f5e3dc45df0cf3fec6c74Gentoo Linux Security Advisory 201412-37 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in execution of arbitrary code or Denial of Service. Versions less than 2.1.2-r2 are affected.
8461a27f8637726a0c3e92c4a77e4066b61965b4f18b722f6ae0b4b006adcd32Gentoo Linux Security Advisory 201412-36 - Multiple vulnerabilities have been found in libvirt, worst of which allows context-dependent attackers to cause Denial of Service. Versions less than 1.2.10-r3 are affected.
9e5dcc6c41b1732a37708daa02c27ffe7ecd08b0ce8d0bddd364c7c70ba9f917
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed