VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates

The remote ESXi is missing one or more security related Updates from VMSA-2010-0009. Summary ESXi update for ntp and ESX Console OS COS updates for COS kernel, openssl, krb5, gcc, bind, gzip, sudo. Relevant releases VMware ESXi 4.0.0 without patch ESXi400-201005401-SG VMware ESX 4.0.0 without...

FTC Privacy Framework Pushes for Do Not Track, Closer Inspection of Data Brokers

The Federal Trade Commission has issued a new report on consumer privacy and online tracking and among the recommendations the commission makes is that data brokers make themselves known to consumers and be open and transparent about the data they collect on consumers. The FTC also says that...

Spotify 0.8.2.610 - search func Memory Exhaustion

Spotify 0.8.2.610 - search func Memory Exhaustion !/usr/local/bin/perl Spotify 0.8.2.610 search func Memory Exhaustion Exploit Vendor: Spotify Ltd Product web page: http://www.spotify.com Affected version: 0.8.2.610.g090a06f8 Summary: Think of Spotify as your new music collection. Your library...

Spotify 0.8.2.610 Memory Exhaustion

!/usr/local/bin/perl Spotify 0.8.2.610 search func Memory Exhaustion Exploit Vendor: Spotify Ltd Product web page: http://www.spotify.com Affected version: 0.8.2.610.g090a06f8 Summary: Think of Spotify as your new music collection. Your library. Only this time your collection is vast: millions of...

Security holes in Android with apps Advertisements

Security holes in Android with apps Advertisements Researchers at North Carolina State University have found privacy and security holes in Android apps because of in-application advertisements. They study the popular Android platform and collect 100,000 apps from the official Android Market in...

CVE-2012-0464

Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to execute arbitrary code...

Design/Logic Flaw

Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to execute arbitrary code...

CVE-2012-0464

Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to execute arbitrary code...

Mozilla: Miscellaneous memory safety hazards (rv:11.0/ rv:10.0.3 / rv:1.9.2.28) (MFSA 2012-19)

Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to execute arbitrary code...

CVE-2012-0464

Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to execute arbitrary code...

FreeBSD : portaudit -- auditfile remote code execution (6d329b64-6bbb-11e1-9166-001e4f0fb9b1)

Michael Gmelin and Jorg Scheinert has reported a remote command execution vulnerability in portaudit. An attacker who can get the user to use a specially crafted audit file will be able to run commands on the users system, with the privileges of the user running running portaudit often root. The...

portaudit -- auditfile remote code execution

Michael Gmelin and Jörg Scheinert has reported a remote command execution vulnerability in portaudit. An attacker who can get the user to use a specially crafted audit file will be able to run commands on the users system, with the privileges of the user running running portaudit often root. The...

How to disable monitoring of Virtual Machines with nworks MP

Purpose In some environments, there is no need to monitor certain or any virtual machines. With nworks MP, it is possible to: - Disable discovery of all virtual machines, and - Disable discovery of specific virtual machines workaround available since 5.6. Solution Disable discovery of virtual...

GCC 4.6.3 Released with 70 bug-fixes

GCC 4.6.3 Released with 70 bug-fixes The GNU Compiler Collection version 4.6.3 has been released. Jakub Jelinek of Red Hat announced the release this morning of GCC 4.6.3. Over GCC 4.6.2 there's over 70 bug-fixes and other work. However, all of the exciting work meanwhile is going into what will...

[SECURITY] Fedora 17 Update: systemtap-1.7-2.fc17

SystemTap is an instrumentation system for systems running Linux. Developers can write instrumentation scripts to collect data on the operation of the system. The base systemtap package contains/requires the components needed to locally develop and execute systemtap scripts...

[SECURITY] Fedora 15 Update: systemtap-1.7-2.fc15

SystemTap is an instrumentation system for systems running Linux. Developers can write instrumentation scripts to collect data on the operation of the system. The base systemtap package contains/requires the components needed to locally develop and execute systemtap scripts...

[SECURITY] Fedora 16 Update: systemtap-1.7-2.fc16

SystemTap is an instrumentation system for systems running Linux. Developers can write instrumentation scripts to collect data on the operation of the system. The base systemtap package contains/requires the components needed to locally develop and execute systemtap scripts...

Apple, Google and Others Agree to Provide Privacy Policy Option for Mobile Developers

This has turned out to be an interesting week for privacy. Just a few days after the White House laid out is privacy agenda, the California attorney general has announced an agreement with several major mobile platform providers, including Apple and Google, that will have the companies provide...

RHEL 5 : boost (RHSA-2012:0305)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0305 advisory. The boost packages provide free, peer-reviewed, portable C++ source libraries with emphasis on libraries which work well with the C++ Standa...

Service Detection : SMTP Server on a Well-Known Port

This plugin attempts to collect the banner from services listening on well-known SMTP ports. It is not expected to report anything. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid57914; scriptversion"$Revision: 2.4 $"; scriptcvsdate"$Date: 2013/02/17 01:24:57 $";...