[oss-security] LMS-2014-06-16-2: Linux Kernel LZO

Hello All, A vulnerability has been identified in the Linux kernel implementation of the LZO algorithm. Please find the bug report inline. Best, Don A. Bailey Founder / CEO Lab Mouse Security https://www.securitymouse.com/ Lab Mouse Security Report LMS-2014-06-16-2 Report ID: LMS-2014-06-16-2 CVE...

RHEL 5 / 6 : Red Hat JBoss Web Server 2.0.1 tomcat6 (RHSA-2014:0525)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0525 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the...

Oracle Linux 6 : python-jinja2 (ELSA-2014-0747)

The remote Oracle Linux 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2014-0747 advisory. 2.2.1-2 - Fix CVE-2014-1402 Resolves: rhbz1102889 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

RHEL 6 : curl (RHSA-2014:0561)

Updated curl packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

CentOS 6 : Moderate: / mysql55-mysql (CESA-2014:0537)

The remote CentOS host is missing a security update which has been documented in Red Hat advisory RHSA-2014:0537. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Red Hat Security Advisory RHSA-2014:0537 and CentOS...

CentOS 5 : mysql55-mysql (CESA-2014:0536)

Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

CentOS 6 : Moderate: / ruby193-rubygem-actionpack (CESA-2014:0510)

The remote CentOS host is missing a security update which has been documented in Red Hat advisory RHSA-2014:0510. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Red Hat Security Advisory RHSA-2014:0510 and CentOS...

CentOS 6 : libxml2 (CESA-2014:0513)

Updated libxml2 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Moderate: Red Hat Security Advisory: Red Hat JBoss Operations Network 3.2.1 update

Red Hat JBoss Operations Network 3.2.1, which fixes two security issues and several bugs, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which giv...

CentOS 6 : tomcat6 (CESA-2014:0429)

Updated tomcat6 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Moderate: Red Hat Security Advisory: Apache Commons Fileupload and JBoss Web security update

An update for the Apache Commons Fileupload and JBoss Web components that fixes two security issues is now available from the Red Hat Customer Portal for Red Hat JBoss BRMS 6.0.1 and Red Hat JBoss BPM Suite 6.0.1. The Red Hat Security Response Team has rated this update as having Moderate securit...

RHEL 5 : Red Hat JBoss Enterprise Application Platform 6.2.2 update (Moderate) (RHSA-2014:0343)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0343 advisory. - tomcat: multiple content-length header poisoning flaws CVE-2013-4286 - PicketBox/JBossSX: Unauthorized access to and modification of...

RHEL 5 : sudo (RHSA-2014:0266)

An updated sudo package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Moderate: Red Hat Security Advisory: openswan security update

Updated openswan packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

CentOS 6 : bind (CESA-2014:0043)

"Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CentOS 5 : gnupg (CESA-2014:0016)

An updated gnupg package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 5 / 6 : nss (RHSA-2013:1861)

Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Network Security Services NSS is a set of libraries designed to support the cross-platform...

Oracle Linux 6 : libguestfs (ELSA-2013-1536)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-1536 advisory. - Fix CVE-2013-4419: insecure temporary directory handling for guestfish's network socket resolves: rhbz1019737 - Fix DoS abort due to a double free flaw when...

RHEL 6 : luci (RHSA-2013:1603)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2013:1603 advisory. Luci is a web-based high availability administration application. A flaw was found in the way the luci service was initialized. If a system...

Moderate: Red Hat Security Advisory: nagios security update

Updated nagios packages that fix two security issues are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...