[SECURITY] Fedora 14 Update: dracut-006-5.fc14

Dracut contains tools to create a bootable initramfs for 2.6 Linux kernels. Unlike existing implementations, dracut does hard-code as little as possible into the initramfs. Dracut contains various modules which are driven by the event-based udev. Having root on MD, DM, LVM2, LUKS is supported as...

CentOS 5 : pam (CESA-2010:0819)

Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Fedora Update for pam FEDORA-2010-17133

Check for the Version of pam OpenVAS Vulnerability Test Fedora Update for pam FEDORA-2010-17133 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Fedora 13 : systemtap-1.3-3.fc13 (2010-17873)

This refresh corrects two important security bugs in the /usr/bin/staprun program of the systemtap-runtime package. CVE-2010-4171 Ability to remove unused modules by unprivileged user CVE-2010-4170 Insecure loading of modules We would like to thank Tavis Ormandy for reporting this issue. Note tha...

CORE-2010-1018 - Landesk OS command injection

Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ Landesk OS command injection 1. Advisory Information Title: Landesk OS command injection Advisory Id: CORE-2010-1018 Advisory URL: http://www.coresecurity.com/content/landesk-os-command-injection-vulnerability Date...

[SECURITY] Fedora 12 Update: pam-1.1.1-6.fc12

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

Systemtap: Ability to remove unused modules by unprivileged user

The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service unloading of arbitrary kernel modules...

Moderate: Red Hat Security Advisory: pam security update

Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Fedora Update for pam FEDORA-2010-17112

Check for the Version of pam OpenVAS Vulnerability Test Fedora Update for pam FEDORA-2010-17112 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

RedHat Update for pam RHSA-2010:0819-01

Check for the Version of pam OpenVAS Vulnerability Test RedHat Update for pam RHSA-2010:0819-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

RedHat Update for pam RHSA-2010:0819-01

Check for the Version of pam OpenVAS Vulnerability Test RedHat Update for pam RHSA-2010:0819-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Fedora 12 : proftpd-1.3.3c-1.fc12 (2010-17220)

This is an update to the current upstream maintenance release, which addresses two security issues that can be exploited by malicious users to manipulate certain data and compromise a vulnerable system. - A logic error in the code for processing user input containing the Telnet IAC Interpret As...

Injecting Fake Updates: Evilgrade

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries agents, a working default configuration for fast pentests, and has it’s own WebServer and DNSServer modules. Easy to set up new...

Metasploit Web Crawler

This auxiliary module is a modular web crawler, to be used in conjunction with wmap someday or standalone. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Web Crawler. Author: Efrain Torres et at metasploit.com 2010...

[SECURITY] Fedora 13 Update: pam-1.1.1-6.fc13

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

CVE-2010-4155

Multiple cross-site scripting XSS vulnerabilities in eXV2 CMS 2.10 allow remote attackers to inject arbitrary web script or HTML via the 1 rssfeedURL parameter to manual/caferss/example.php and the sumb parameter to 2 modules/news/archive.php, 3 modules/news/topics.php, and 4...

[SECURITY] Fedora 14 Update: perl-libwww-perl-5.837-2.fc14

The libwww-perl collection is a set of Perl modules which provides a simple and consistent application programming interface to the World-Wide Web. The ma in focus of the library is to provide classes and functions that allow you to write WWW clients. The library also contain modules that are of...

pam security update

CentOS Errata and Security Advisory CESA-2010:0819 Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base score...

pam: pam_env and pam_mail accessing users' file with root privileges

The 1 pamenv and 2 pammail modules in Linux-PAM aka pam before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a...

Moderate: Red Hat Security Advisory: pam security update

Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...