Fedora 20 : ReviewBoard-1.7.22-2.fc20 (2014-3446)

New upstream security release 1.7.22 - http://www.reviewboard.org/docs/releasenotes/reviewboa rd/1.7.22/ - Security Fixes : - An XSS vulnerability was found in the Search field's auto-complete. - New Features : - Added support for anonymous access to public Local Sites. - Added support for...

Fedora 19 : ReviewBoard-1.7.22-1.fc19 (2014-3420)

New upstream security release 1.7.22 - http://www.reviewboard.org/docs/releasenotes/reviewboa rd/1.7.22/ - Security Fixes : - An XSS vulnerability was found in the Search field's auto-complete. - New Features : - Added support for anonymous access to public Local Sites. - Added support for...

Kernel: AACRAID Driver compat IOCTL missing capability check

The aaccompatioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAPSYSRAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call...

Security Update for Microsoft Silverlight (KB2932677)

This security update to Silverlight includes fixes outlined in KB 2932677. This update is backward compatible with web applications built using previous versions of Silverlight...

[VNC Password Recovery v2.0] All-in-one VNC Password Decoder Tool

VNC Password Recovery is the FREE software to instantly recover VNC password stored by popular VNC Servers. It automatically detects the encrypted VNC password stored in the file system or registry by various VNC server applications. Then it quickly decrypts it and display the original VNC...

Ubuntu Update for linux USN-2107-1

Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN21071.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for linux USN-2107-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; yo...

MGASA-2014-0071 Updated xbmc package fixes a security vulnerability

Due to flaws in the embedded copy of libDCR, a fork of dcraw.c, in the embedded copy of CxImage, opening a specially crafted photo file could trigger a division by zero, an infinite loop, or a null pointer dereference, resulting in a denial of service CVE-2013-1438. This update fixes those flaws...

Updated xbmc package fixes a security vulnerability

Due to flaws in the embedded copy of libDCR, a fork of dcraw.c, in the embedded copy of CxImage, opening a specially crafted photo file could trigger a division by zero, an infinite loop, or a null pointer dereference, resulting in a denial of service CVE-2013-1438. This update fixes those flaws...

[SECURITY] Fedora 19 Update: zarafa-7.1.8-1.fc19

The Zarafa Collaboration Platform is a Microsoft Exchange replacement. The Open Source Collaboration provides an integration with your existing Linux mail server, native mobile phone support by ActiveSync compatibility and a webaccess with 'Look & Feel' similar to Outlook using Ajax. Including an...

[SECURITY] Fedora 20 Update: python3-3.3.2-9.fc20

Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especi ally how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been remov...

[SECURITY] Fedora 20 Update: imapsync-1.584-1.fc20

imapsync is a tool for facilitating incremental recursive IMAP transfers from one mailbox to another. It is useful for mailbox migration, and reduces the amount of data transferred by only copying messages that are not present on both servers. Read, unread, and deleted flags are preser ved, and t...

[Mail Password Sniffer] Email Password Recovery and Sniffing Software

Mail Password Sniffer is the free Email Password Sniffing and Recovery Software to recover mail account passwords passing through the network. It automatically detects the Email authentication packets passing through network and decodes the passwords for all Mail Protocols including POP3 , IMAP ,...

WiFi Camera Roll 1.2 iOS - Multiple Vulnerabilities

WiFi Camera Roll 1.2 iOS - Multiple Vulnerabilities Document Title: =============== WiFi Camera Roll v1.2 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1192 Release Date: ============= 2014-02-08 Vulnerability...

Fedora 20 : ikiwiki-3.20140125-1.fc20 (2014-1747)

Update to the latest stable version. Changes in ikiwiki 3.20140125 : - inline: Allow overriding the title of the feed. Closes: http://bugs.debian.org/735123 Thanks, Christophe Rhodes - osm: Escape name parameter. Closes: http://bugs.debian.org/731797 Changes in ikiwiki 3.20140102 : - aggregate:...

kernel to 3.11.10 (important)

The Linux Kernel was updated to version 3.11.10, fixing security issues and bugs: - floppy: bail out in open if drive is not responding to block0 read bnc773058. - compatsysrecvmmsg X32 fix bnc860993 CVE-2014-0038. - HID: usbhid: fix sis quirk bnc859804. - hwmon: coretemp Fix truncated name of...

Facebook Conceal Java Crypto LIbrary Open Sourced

Facebook has released to open source its Conceal Java crypto libraries for Android devices. Conceal, according to Facebook, offers developers a lightweight and efficient crypto library. The social media giant developed Conceal to handle encryption of storage on removable SD cards, something that...

[BlackArch] Linux Distribution with 600 Security Tools

BlackArch Linux is a lightweight expansion to Arch Linux for penetration testers and security researchers. The repository contains 630 tools. You can install tools individually or in groups. BlackArch is compatible with existing Arch installs. Tool List: Name | Version | Description | Homepage...

[Subterfuge v1.0] Automated Man-in-the-Middle Attack Framework

Subterfuge , a Framework to take the arcane art of Man-in-the-Middle Attacks and make it as simple as point and shoot. Subterfuge demonstrates vulnerabilities in the ARP Protocol by harvesting credentials that go across the network and even exploiting machines by injecting malicious code directly...

Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20140115)

An input validation flaw was discovered in the font layout engine in the 2D component. A specially crafted font file could trigger Java Virtual Machine memory corruption when processed. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions...

CVE-2014-0259

Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document, aka "Word Memory Corruption Vulnerability."...