Debian Security Advisory DSA 563-2 (cyrus-sasl)

The remote host is missing an update to cyrus-sasl announced via advisory DSA 563-2. OpenVAS Vulnerability Test $Id: deb5632.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 563-2 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

DSA-1465-2 apt-listchanges - arbitrary code execution

Bulletin has no description...

Debian Security Advisory DSA 789-1 (php4)

The remote host is missing an update to php4 announced via advisory DSA 789-1. Several security related problems have been found in PHP4, the server-side, HTML-embedded scripting language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-1751 Eric Roman...

Debian: Security Advisory (DSA-1379-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 8 Update: postgresql-8.2.6-1.fc8

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

Multiple security vulnerabilities in different Exif libraries (libexif, exiv2, exiftags)

Multiple DoS conditions, integer overflows, buffer overflows on parsing JPEG/TIFF/RIFF EXIF data...

SuSE 10 Security Update : Samba (ZYPP Patch Number 1961)

Fix pam config file parsing in pamwinbind; bso 3916. - Prevent potential crash in winbindd's credential cache handling; 184450. - Fix memory exhaustion DoS; CVE-2006-3403; 190468. - Fix the munlock call, samba.org svn rev r16755 from Volker. - Change the kerberos principal for LDAP authentication...

SuSE 10 Security Update : mozilla-nss,mozilla-nss-devel (ZYPP Patch Number 2067)

A security problem in the SSL handling of the NSS libraries was found : If an RSA key with exponent 3 is used it may be possible to forge a PKCS verify the certificate if they are not checking for excess data in the RSA exponentiation result of the signature. This bug is tracked by the Mitre CVE ...

[SECURITY] Fedora 7 Update: ruby-gnome2-0.16.0-18.fc7

This is a set of bindings for the GNOME-2.x libraries for use from Ruby...

[SECURITY] Fedora 7 Update: zaptel-1.4.6-1.fc7

Tools and libraries for using/configuring/monitoring Zapata telephony interfaces...

[SECURITY] Fedora 7 Update: openldap-2.3.34-4.fc7

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

openSUSE 10 Security Update : tomboy (tomboy-4698)

The tomboy mediaplayer used LDLIBRARYPATH unsafely by allowing empty LDLIBRARYPATH components. This would enable the player to load its shared libraries of the current directory which might contain user-supplied shared libraries, potentially supplied from the network by an attacker. CVE-2005-4790...

[SECURITY] Fedora Core 6 Update: openldap-2.3.30-3.fc6

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

Cross site request forgery (csrf)

The 1 Net::ftptls, 2 Net::telnets, 3 Net::imap, 4 Net::pop, and 5 Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName CN field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL...

CVE-2007-5770

The 1 Net::ftptls, 2 Net::telnets, 3 Net::imap, 4 Net::pop, and 5 Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName CN field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL...

net:: * modules

The 1 Net::ftptls, 2 Net::telnets, 3 Net::imap, 4 Net::pop, and 5 Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName CN field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL...

net:: * modules

The 1 Net::ftptls, 2 Net::telnets, 3 Net::imap, 4 Net::pop, and 5 Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName CN field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL...

[SECURITY] Fedora 7 Update: kdelibs-3.5.8-7.fc7

Libraries for the K Desktop Environment: KDE Libraries included: kdecore KDE core library, kdeui user interface, kfm file manager, khtmlw HTML widget, kio Input/Output, networking, kspell spelling checker, jscript javascript, kab addressbook, kimgio image manipulation...

[SECURITY] Fedora 7 Update: kdegames-3.5.8-3.fc7

Games and gaming libraries for the K Desktop Environment. Included with this package are: kenolaba, kasteroids, kblackbox, kmahjongg, kmines, konquest, kpat, kpoker, kreversi, ksame, kshisen, ksmiletris, ksnake, ksirtet, katomic, kjumpingcube, ktuberling...

[SECURITY] Fedora 7 Update: mono-1.2.3-5.fc7

The Mono runtime implements a JIT engine for the ECMA CLI virtual machine as well as a byte code interpreter, the class loader, the garbage collector, threading system and metadata access libraries...