7853 matches found
Debian: Security Advisory (DSA-2324-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Directory traversal
Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. dot dot in the formname parameter to 1 contrib/acog/printform.php; or 2 loadform.php, 3 viewform.php, or 4 trendform.php in interface/patientfile/encounter...
Best Practice For Setting Up nWorks Collection for Failover and Disaster Recovery
Purpose Additional information given about how collectors work within nWorks and guidelines on how to set up collectors for disaster situations. Solution The Best Practice for Setting Up nWorks Collection for Failover and Disaster Recovery To get started with monitoring through the nWorks...
kernel security and bug fix update
2.6.32-220.4.1.el6 - fs Revert 'proc: enable writing to /proc/pid/mem' Johannes Weiner 782649 782650 CVE-2012-0056 2.6.32-220.3.1.el6 - kernel Remove 'WARNING: at kernel/sched.c:5915' Larry Woodman 768288 766051 - x86 kernel: Fix memory corruption in module load Prarit Bhargava 769595 767140 -...
Important: Red Hat Security Advisory: mod_cluster-native security update
An update for the Native components for JBoss Enterprise Web Platform 5.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS bas...
Important: Red Hat Security Advisory: mod_cluster-native security update
An updated modcluster-native package that fixes one security issue is now available for JBoss Enterprise Web Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System...
Important: Red Hat Security Advisory: mod_cluster-native security update
An update for the Native components for JBoss Enterprise Application Platform 5.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System...
Important: Red Hat Security Advisory: mod_cluster-native security update
An updated modcluster-native package that fixes one security issue is now available for JBoss Enterprise Application Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scorin...
Important: Red Hat Security Advisory: mod_cluster-native security update
An update for the modcluster native component for JBoss Enterprise Web Server 1.0.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System...
Researcher Releases New Version of P0f Fingerprinting Tool
Security researcher Michal Zalewski has released a new version of a passive fingerprinting tool called P0f that has the ability to diagnose a wide range of components in an Internet connection, even uncovering clients that are trying to forge some part of their identity in the connection. P0f is ...
Microsoft SharePoint Office Document Load Balancer SOAP Vulnerability
Added: 11/23/2011 CVE: CVE-2010-3964 BID: 45264 OSVDB: 69817 Background Microsoft SharePoint is a web application platform that provides web content management and document management as an aid to collaboration among users. SharePoint's multi-purpose design allows for managing and provisioning of...
Microsoft SharePoint Office Document Load Balancer SOAP Vulnerability
Added: 11/23/2011 CVE: CVE-2010-3964 BID: 45264 OSVDB: 69817 Background Microsoft SharePoint is a web application platform that provides web content management and document management as an aid to collaboration among users. SharePoint's multi-purpose design allows for managing and provisioning of...
glibc LD_AUDIT arbitrary DSO load Privilege Escalation
Exploit for linux platform in category local exploits !/bin/sh I Can't Read and I Won't Race You Either by zx2c4 This is an exploit for CVE-2010-3856. A while back, Tavis showed us three ways to exploit flaws in glibc's dynamic linker involving LDAUDIT. 1 2 The first way involved opening a file...
hbase-master-info NSE Script
Retrieves information from an Apache HBase Hadoop database master HTTP status page. Information gathered: Hbase version Hbase compile date Hbase root directory Hadoop version Hadoop compile date Average load Zookeeper quorum server Associated region servers Script Arguments slaxml.debug See the...
Debian DSA-2339-1 : nss - several vulnerabilities
This update to the NSS cryptographic libraries revokes the trust in the'DigiCert Sdn. Bhd' certificate authority. More information can be found in the Mozilla Security Blog. This update also fixes an insecure load path for pkcs11.txt configuration file CVE-2011-3640 . %NASLMINLEVEL 70300 C Tenabl...
CVE-2011-1367
Unspecified vulnerability in the File Load feature in IBM Rational AppScan Standard and Express 7.8.x, 7.9.x, and 8.0.x before 8.0.0.3 allows remote attackers to execute arbitrary commands via a crafted .scan file...
Design/Logic Flaw
Unspecified vulnerability in the File Load feature in IBM Rational AppScan Standard and Express 7.8.x, 7.9.x, and 8.0.x before 8.0.0.3 allows remote attackers to execute arbitrary commands via a crafted .scan file...
CVE-2011-1367
Unspecified vulnerability in the File Load feature in IBM Rational AppScan Standard and Express 7.8.x, 7.9.x, and 8.0.x before 8.0.0.3 allows remote attackers to execute arbitrary commands via a crafted .scan file...
FFFTP may insecurely load executable files
Overview FFFTP may use unsafe methods for determining how to load executables .exe FFFTP loads certain executables when using certain functions. FFFTP contains an issue with the file search path, which may insecurely load executables. Makoto Shiotsuki reported this vulnerability to IPA. JPCERT/CC...
Debian DSA-2324-1 : wireshark - programming error
The Microsoft Vulnerability Research group discovered that insecure load path handling could lead to execution of arbitrary Lua script code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...