Amazon Linux AMI : mysql51 (ALAS-2012-141)

This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages, listed below. - http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.htmlAppendixMSQL April 2012 -...

Debian Security Advisory DSA 2739-1 (cacti - several vulnerabilities)

Two security issues SQL injection and command line injection via SNMP settings were found in Cacti, a web interface for graphing of monitoring systems. OpenVAS Vulnerability Test $Id: deb2739.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from advisory DSA 2739-1 using nvtgen 1.0 Script...

Fedora Update for mantis FEDORA-2013-5801

Check for the Version of mantis OpenVAS Vulnerability Test Fedora Update for mantis FEDORA-2013-5801 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Updated phpmyadmin packages fix security vulnerabilities

Using a crafted SQL query, it was possible to produce an XSS on the SQL query form PMASA-2013-8CVE-2013-4995. In the setup/index.php, using a crafted hash with a Javascript event, untrusted JS code could be executed. In the Display chart view, a chart title containing HTML code was rendered...

USN-1909-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.70 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.04 have been updated to MySQL 5.5.32. In addition to security fixes, the...

Oracle Linux 5 : mod_auth_mysql (ELSA-2009-0259)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2009-0259 advisory. 3.0.0-3.2 - add security fix for CVE-2008-2384 480613 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

Oracle MySQL Server Geometry Query Integer Overflow (CVE-2013-1861)

A heap buffer overflow vulnerability has been reported in MySQL database server...

Beta Bot Trojan Emerges as New Type of Banking Malware

A new strain of banking malware, Beta Bot, has been refined over the last few months to target ecommerce and comes complete with an array of features to help prevent it from being caught by usual security measures. According to research conducted by RSA Security’s Limor Kessem, the bot started ou...

PT-2013-4644 · Mysql Server +2 · Mysql Server +2

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.5.30 and earlier MySQL Server versions 5.6.10 and earlier Description: The issue affects the availability of the system, allowing remote authenticated users to impact it via unknown vectors related to Prepared...

Alienvault Open Source SIEM (OSSIM) 4.1.2 - Multiple SQL Injections

RunRunLevel Web Security Research - AlienVault OSSIM multiple SQL Injection vulnerabilities Vendor Website : http://www.alienvault.com INDEX --------------------------------------- 1. Background 2. Description 3. Affected Products 4. Vulnerabilities 5. Solution 6. Credit 7. Disclosure Timeline 1...

Alienvault Open Source SIEM (OSSIM) 4.1.2 - Multiple SQL Injections

Alienvault Open Source SIEM OSSIM 4.1.2 - Multiple SQL Injections RunRunLevel Web Security Research - AlienVault OSSIM multiple SQL Injection vulnerabilities Vendor Website : http://www.alienvault.com INDEX --------------------------------------- 1. Background 2. Description 3. Affected Products ...

DSA-2667-1 mysql-5.5 - several

Bulletin has no description...

AlienVault OSSIM 4.1.2 SQL Injection Vulnerability

AlienVault OSSIM versions 4.1.2 and below suffer from remote SQL injection vulnerabilities. RunRunLevel Web Security Research - AlienVault OSSIM multiple SQL Injection vulnerabilities Vendor Website : http://www.alienvault.com INDEX --------------------------------------- 1. Background 2...

AlienVault OSSIM 4.1.2 SQL Injection

RunRunLevel Web Security Research - AlienVault OSSIM multiple SQL Injection vulnerabilities Vendor Website : http://www.alienvault.com INDEX --------------------------------------- 1. Background 2. Description 3. Affected Products 4. Vulnerabilities 5. Solution 6. Credit 7. Disclosure Timeline 1...

RedHat Update for mysql RHSA-2013:0772-01

Check for the Version of mysql OpenVAS Vulnerability Test RedHat Update for mysql RHSA-2013:0772-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

Important: mysql55

Issue Overview: This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found in the References section. Affected Packages: mysql55 Issue Correction: Run yum update mysql55 or yum update --advisory ALAS-2013-187 to update your system. New...

CVE-2013-3221

The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attack...

CVE-2013-3221

The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attack...

MySQL 5.5 < 5.5.30 yaSSL Buffer Overflow

The version of MySQL 5.5 installed on the remote host is earlier than 5.5.30 and is, therefore, affected a buffer overflow related to 'yaSSL'. This error could possibly allow arbitrary code execution. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65734;...

LCG Disk Pool Manager SQL Injection

Name: Multiple SQL Injection vulnerabilities in Disk Pool Manager DPM Author: Adam Zabrocki Date: November 27, 2009 Yes, it's very old bug ;P Description: LCG Disk Pool Manager DPM has been developed as part of the LCG project to provide a light-weight implementation of an SRM compliant Storage...