[SECURITY] [DLA 575-2] collectd regression update

Package : collectd Version : 5.1.0-3+deb7u2 Debian Bug : 833013 The previous upload of collectd surfaced a problem in the way the network plugin initializes gcrypt preventing the plugin from being loaded when packet signing or encryption is enabled. Previously, this may have led to program crashe...

Debian Security Advisory DSA 3636-1 (collectd - security update)

Emilien Gaspar discovered that collectd, a statistics collection and monitoring daemon, incorrectly processed incoming network packets. This resulted in a heap overflow, allowing a remote attacker to either cause a DoS via application crash, or potentially execute arbitrary code. Additionally,...

Debian: Security Advisory (DSA-3636-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the Android operating system allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the decoder/ih264dapi.c file in the Android operating system’s media server is related to initialization errors in the data structures. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure memory corruption by using a...

CVE-2016-5417

Memory leak in the resvinit function in the IPv6 name server management code in libresolv in GNU C Library aka glibc or libc6 before 2.24 allows remote attackers to cause a denial of service memory consumption by leveraging partial initialization of internal resolver data structures...

Debian DSA-3636-1 : collectd - security update

Emilien Gaspar discovered that collectd, a statistics collection and monitoring daemon, incorrectly processed incoming network packets. This resulted in a heap overflow, allowing a remote attacker to either cause a DoS via application crash, or potentially execute arbitrary code. Additionally,...

[SECURITY] [DSA 3636-1] collectd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3636-1 [email protected] https://www.debian.org/security/ Sebastien Delafond July 30, 2016 https://www.debian.org/security/faq -...

DLA-575-1 collectd - security update

Bulletin has no description...

DSA-3636-1 collectd - security update

Bulletin has no description...

CVE-2016-4639

Login Window in Apple OS X before 10.11.6 does not properly initialize memory, which allows local users to cause a denial of service via unspecified vectors...

Design/Logic Flaw

Login Window in Apple OS X before 10.11.6 does not properly initialize memory, which allows local users to cause a denial of service via unspecified vectors...

CVE-2016-4639

Login Window in Apple OS X before 10.11.6 does not properly initialize memory, which allows local users to cause a denial of service via unspecified vectors...

CVE-2016-4639

CVE-2016-4639: In OS X El Capitan (Login Window), memory initialization flaw allows a local attacker to cause a denial of service. Affected: OS X El Capitan v10.11 and later; remediation: apply OS X 10.11.6 Security Update 2016-004 (patches described by Apple). The Apple advisory clarifies the vu...

Juniper Junos FreeBSD libc db Information Disclosure (JSA10756)

According to its self-reported version number, the remote Juniper Junos device is affected by an information disclosure vulnerability in the underlying FreeBSD operating system libc db interface due to improper initialization of memory for Berkeley DB 1.85 database structures. A local attacker ca...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.1 was updated to 4.1.27 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-4997: A buffer overflow in 32bit compatsetsockopt iptables handling could lead to a local privilege escalation. bsc986362 - CVE-2016-5829: Multiple heap-based...

Microsoft Chakra ArrayBuffer.transfer Uninitialized Buffer Information Leak Vulnerability

This vulnerability allows remote attackers to leak sensitive information on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

The vulnerability of the Linux operating system’s kernel, which allows a hacker to gain access to confidential information

The vulnerability of the skrunfilter function net/core/filter.c in the Linux operating system is related to the lack of checks for the correctness of memory initialization before executing BPFSLDMEM and BPFSLDXMEM instructions. Exploiting this vulnerability can allow a local attacker to access...

Netscaler Instances on SDX show less memory than allocated from within the SVM Console

Question: When I allocate RAM to a Netscaler instance on SDX, the Netscaler reports considerably less memory than is allocated. For instance, if I allocate 16gb, the Netscaler instance shows only 12gb allocated. Answer: This is an expected behavior. When NetScaler is started and is initializing t...

Weakness with cookie encryption

PMASA-2016-29 Announcement-ID: PMASA-2016-29 Date: 2016-07-07 Summary Weakness with cookie encryption Description A pair of vulnerabilities were found affecting the way cookies are stored. The decryption of the username/password is vulnerable to a padding oracle attack. The can allow an attacker...

Foxit Reader Pattern Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PDF...