CVE-2016-8564

SQL injection vulnerability in Siemens Automation License Manager ALM before 5.3 SP3 Update 1 allows remote attackers to execute arbitrary SQL commands via crafted traffic to TCP port 4410...

CVE-2016-8564

Siemens Automation License Manager (ALM) is affected by CVE-2016-8564 through SQL injection in ALM before 5.3 SP3 Update 1. an attacker can send crafted traffic to port 4410/TCP to execute arbitrary SQL commands that may read or modify configuration data. The issue stems from improper handling of...

Siemens Automation License Manager Vulnerabilities

OVERVIEW Siemens has identified vulnerabilities in Siemen’s Automation License Manager ALM. These vulnerabilities were reported directly to Siemens by Sergey Temnikov and Vladimir Dashchenko from Critical Infrastructure Defence Team, Kaspersky Lab. Siemens has produced a new version to mitigate...

CVE-2015-8564

CVE-2015-8564 affects Joomla! 3.4.x prior to 3.4.6, where a directory traversal flaw exists in the XML install file within extension archives. The root cause is improper sanitization of directory paths, enabling remote attackers to read arbitrary files. Affected software is Joomla! 3.4.x up to 3....

Joomla! < 3.4.6 Multiple Vulnerabilities

According to its self-reported version number, the Joomla! installation running on the remote web server is prior to 3.4.6. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists due to improper sanitization of session values. An unauthenticated,...

Oracle: Security Advisory (ELSA-2014-1846)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : gnutls (SUSE-SU-2014:1628-1)

gnutls was updated to fix one security issue. - Fixed parsing problem in elliptic curve blobs over TLS that could lead to remote crashes CVE-2014-8564. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted ...

Mandriva Linux Security Advisory : gnutls (MDVSA-2015:072)

Updated gnutls packages fix security vulnerabilities : Suman Jana reported a vulnerability that affects the certificate verification functions of gnutls 3.1.x and gnutls 3.2.x. A version 1 intermediate certificate will be considered as a CA certificate by default something that deviates from the...

SOL15970 - GnuTLS 3.x vulnerability CVE-2014-8564

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

Mandriva Linux Security Advisory : gnutls (MDVSA-2014:215)

Updated gnutls package fix security vulnerability : An out-of-bounds memory write flaw was found in the way GnuTLS parsed certain ECC Elliptic Curve Cryptography certificates or certificate signing requests CSR. A malicious user could create a specially crafted ECC certificate or a certificate...

Fedora 21 : gnutls-3.3.10-1.fc21 (2014-14734)

new upstream release, Security fix for CVE-2014-8564 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Updated gnutls package fix security vulnerability

An out-of-bounds memory write flaw was found in the way GnuTLS parsed certain ECC Elliptic Curve Cryptography certificates or certificate signing requests CSR. A malicious user could create a specially crafted ECC certificate or a certificate signing request that, when processed by an application...

Fedora 20 : gnutls-3.1.28-1.fc20 (2014-14760)

Security fix for CVE-2014-8564 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

Fedora Update for gnutls FEDORA-2014-14760

Check the version of gnutls SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868484";...

CVE-2014-8564

CVE-2014-8564 : GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 contains a flaw in the _gnutls_ecc_ansi_x963_export function of gnutls_ecc.c that allows remote attackers to cause a denial of service via a crafted ECC certificate or certificate signing request (CSR), related...

Oracle Linux 7 : gnutls (ELSA-2014-1846)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-1846 advisory. 3.1.18-10 - Applied fix for CVE-2014-8564 1161472 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Scientific Linux Security Update : gnutls on SL7.x x86_64 (20141112)

An out-of-bounds memory write flaw was found in the way GnuTLS parsed certain ECC Elliptic Curve Cryptography certificates or certificate signing requests CSR. A malicious user could create a specially crafted ECC certificate or a certificate signing request that, when processed by an application...

CentOS 7 : gnutls (CESA-2014:1846)

Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from...

CentOS Update for gnutls CESA-2014:1846 centos7

Check the version of gnutls SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882080";...

Ubuntu: Security Advisory (USN-2403-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...