Slackware 13.37 / 14.0 / current : xorg-server (SSA:2013-109-01)

New xorg-server packages are available for Slackware 13.37, 14.0, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-109-01. The text itself is...

xorg-server

New xorg-server packages are available for Slackware 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/xorg-server-1.12.4-i486-1slack14.0.txz: Upgraded. This update fixes an input flush bug with evdev. Under exceptional...

Slackware 13.37 / 14.0 / current : mozilla-thunderbird (SSA:2013-093-02)

New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-093-02. The text itself i...

mozilla-firefox

New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/mozilla-firefox-20.0-i486-1slack14.0.txz: Upgraded. This release contains security fixes and improvements. For more...

Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : bind (SSA:2013-086-01)

New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-086-01. The tex...

Microsoft Internet Explorer GetMarkupPtr Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Internet Explorer CMarkupBehaviorContext Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the handling of...

Microsoft Internet Explorer removeChild Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

packstack: answerfile creation permissions issue

PackStack 2012.2.3 in Red Hat OpenStack Essex and Folsom can create the answer file in insecure directories such as /tmp or the current working directory, which allows local users to modify deployed systems by changing this file...

Slackware 13.1 / 13.37 / 14.0 / current : ruby (SSA:2013-075-01)

New ruby packages are available for Slackware 13.1, 13.37, 14.0, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-075-01. The text itself is copyrig...

ruby

New ruby packages are available for Slackware 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/ruby-1.9.3p392-i486-1slack14.0.txz: Upgraded. This release includes security fixes about bundled JSON and REXML. For more...

seamonkey

New seamonkey packages are available for Slackware 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/seamonkey-2.16.1-i486-1slack14.0.txz: Upgraded. This update contains security fixes and improvements. For more information...

Slackware 13.37 / 14.0 / current : mozilla-thunderbird (SSA:2013-068-02)

New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-068-02. The text itself ...

mozilla-firefox

New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/mozilla-firefox-19.0.2-i486-1slack14.0.txz: Upgraded. This release contains security fixes and improvements. For mor...

CVE-2011-2504

Untrusted search path vulnerability in x11perfcomp in XFree86 x11perf before 1.5.4 allows local users to gain privileges via unspecified Trojan horse code in the current working directory...

PsExec via Current User Token

This module uploads an executable file to the victim system, creates a share containing that executable, creates a remote service on each target system using a UNC path to that file, and finally starts the services. The result is similar to psexec but with the added benefit of using the session's...

DEBIAN-CVE-2011-4355

GNU Project Debugger GDB before 7.5, when .debuggdbscripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts...

CVE-2011-4355

GNU Project Debugger GDB before 7.5, when .debuggdbscripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts...

gdb: object file .debug_gdb_scripts section improper input validation

GNU Project Debugger GDB before 7.5, when .debuggdbscripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts...

x11perfcomp has dot in its path

Untrusted search path vulnerability in x11perfcomp in XFree86 x11perf before 1.5.4 allows local users to gain privileges via unspecified Trojan horse code in the current working directory...