MiracleLinux 4 : rpm-4.8.0-19.1.0.1.AXS4 (AXSA:2012-489:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-489:02 advisory. The RPM Package Manager RPM is a powerful command line driven package management system capable of installing, uninstalling,c verifying, querying, an...

Debian: Security Advisory (DLA-140-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL CORE 5.04 / MAIN 5.04 : rpm Multiple Vulnerabilities (NS-SA-2020-0039)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has rpm packages installed that are affected by multiple vulnerabilities: - RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary...

Oracle: Security Advisory (ELSA-2012-0451)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2012-61)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-140-1 rpm - security update

Bulletin has no description...

RHEL 6 : rhev-hypervisor6 (RHSA-2012:0531)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0531 advisory. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization...

openSUSE Security Update : rpm / rpm-python (openSUSE-SU-2012:0588-1)

specially crafted signature headers could crash rpm %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-259. The text description of this plugin is C SUSE LLC...

Oracle Linux 5 / 6 : rpm (ELSA-2012-0451)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0451 advisory. - Proper region tag validation on package/header read CVE-2012-0060 - Double-check region size against header size CVE-2012-0061 Tenable has...

SuSE 11.2 Security Update : RPM (SAT Patch Number 6191)

Multiple security vulnerabilities were reported in RPM which could have been exploited via specially crafted RPM files to cause a denial of service application crash or potentially allow attackers to execute arbitrary code. Additionally, a non-security issue has been fixed that could have caused ...

Fedora Update for rpm FEDORA-2012-5298

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Update for rpm MDVSA-2012:056 (rpm)

Check for the Version of rpm OpenVAS Vulnerability Test Mandriva Update for rpm MDVSA-2012:056 rpm Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Mandriva Update for rpm MDVSA-2012:056 (rpm)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Scientific Linux Security Update : rpm on SL5.x, SL6.x i386/x86_64 (20120403)

The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially crafted RPM package...

CentOS Update for rpm CESA-2012:0451 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for popt CESA-2012:0451 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

SuSE 10 Security Update : RPM (ZYPP Patch Number 8184)

Multiple security vulnerabilities were reported in RPM which could have been exploited via specially crafted RPM files to cause a denial of service application crash or potentially allow attackers to execute arbitrary code. Additionally, a non-security issue was fixed that could cause a division ...

CVE-2012-0060

RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an invalid region tag in a package header to the 1 headerLoad, 2 rpmReadSignature, or 3 headerVerify function...

BELL-CVE-2012-0060 CVE-2012-0060 does not affect BellSoft software

Bulletin has no description...

CVE-2012-0060

CVE-2012-0060 concerns RPM prior to 4.9.1.3. The root cause is improper validation of region tags in the package header, which can be exploited remotely to cause a denial of service (crash) and potentially execute arbitrary code via an invalid region tag in the headerLoad, rpmReadSignature, or he...