Oracle Linux 5 : Moderate: / php (ELSA-2007-0890)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0890 advisory. 5.1.6-15.el5 - improve fix for CVE-2007-3997 278411 5.1.6-14.el5 - fix backport for CVE-2007-3996 278411 5.1.6-13.el5 - add security fixes for...

Oracle Linux 5 : Moderate: / vim (ELSA-2007-0346)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2007-0346 advisory. 7.0.109-3.3 - use gzip -9n to avoid multilib fileconflicts 7.0.109-3.2 - Let 'modeline' default to off for root - Resolves: bz238259 7.0.109-3.1 - fix modeline...

Oracle Linux 3 : vsftpd (ELSA-2008-0579)

From Red Hat Security Advisory 2008:0579 : An updated vsftpd package that fixes a security issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. vsftpd Very Secure File Transfer Protocol FTP daemon is a secure FTP server for...

Oracle Linux 3 / 4 : libgsf (ELSA-2007-0011)

From Red Hat Security Advisory 2007:0011 : Updated libgsf packages that fix a buffer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNOME Structured File Library is a utility library for reading and writing...

Oracle Linux 5 : Moderate: / postgresql (ELSA-2008-0038)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-0038 advisory. 7.4.19-1.el46.1 - Update to PostgreSQL 7.4.19 to fix CVE-2007-4769, CVE-2007-4772, CVE-2007-6067, CVE-2007-6600, CVE-2007-6601 Resolves: 427135 Tenable...

Oracle Linux 5 : Moderate: / gdm (ELSA-2007-0777)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2007-0777 advisory. 2.16.0-31.0.1 - CVE-2007-3381 Resolves: 247659 2.16.0-31 - change 200d character to 200c character in ml.po Tenable has extracted the preceding description bloc...

Oracle Linux 5 : gcc / and / gcc4 (ELSA-2010-0039)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2010-0039 advisory. 4.1.2-46.el54.2 - fix libjava to avoid opening .la/dlopening .so files from current working directory or subdirectories thereof 545672, CVE-2009-3736 Tenable ha...

Oracle Linux 4 : httpd (ELSA-2007-0534)

From Red Hat Security Advisory 2007:0534 : Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web...

Oracle Linux 5 : Moderate: / tomcat (ELSA-2007-0871)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0871 advisory. 5.5.23-0jpp.3.0.2 - Patch for CVE-2007-3382 and CVE-2007-3385 Resolves: rhbz254155 5.5.23-0jpp.3.0.1 - Patch for CVE-2007-3386 Resolves: rhbz254155...

Oracle Linux 5 : Moderate: / squid (ELSA-2007-1130)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2007-1130 advisory. 2.5.STABLE3-8.3E - fix for 410181 - CVE-2007-6239 Squid DoS in cache updates 2.5.STABLE3-7 - resolves: 238103: 'forwardedfor off' in squid.conf does not work...

Oracle Linux 6 : nspr / nss / nss-util (ELSA-2012-0973)

From Red Hat Security Advisory 2012:0973 : Updated nss, nss-util, and nspr packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact...

Xorbin Digital Flash Clock 1.0 For WordPress XSS

==================================================================== Xorbin Digital Flash Clock 1.0 Plugin for Wordpress Flash-based XSS ==================================================================== Description: This plugin displays digital flash clock on your website. It's easy to use and...

Xorbin Analog Flash Clock 1.0 For Joomla XSS

==================================================================== Xorbin Analog Flash Clock 1.0 Extension for Joomla Flash-based XSS ==================================================================== Description: This plugin displays analog flash clock on your website. It's easy to use and...

CentOS 3 / 4 / 5 : wget (CESA-2009:1549)

An updated wget package that fixes a security issue is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU Wget is a file retrieval utility that can use HTTP, HTTPS, and FTP. Daniel Stenbe...

CentOS 5 : systemtap (CESA-2011:0841)

Updated systemtap packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CentOS 4 : httpd (CESA-2009:1580)

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the way the TLS/SSL...

CentOS 4 : bluez-utils (CESA-2007:0065)

Updated bluez-utils packages that fix a security flaw are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The bluez-utils package contains Bluetooth daemons and utilities. A flaw was found in the...

JBoss AS Administrative Console Password Disclosure

Product: Embedded Jopr - JBoss AS Administration Console Vendor: Red Hat Middleware, LLC Version: JBoss AS Resources Datasources 2. Select Datasource 3. View page source 4. Find input type="password" 5. "value=" will contain the database password. 6. Dump database. Vendor Notified: Yes Vendor...

RHEL 6 : qemu-kvm (RHSA-2013:0896)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0896 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for...

Moderate: Red Hat Security Advisory: openssl security update

An update for the OpenSSL component for JBoss Enterprise Web Platform 5.2.0 for Solaris and Microsoft Windows that fixes two security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. Common...