USN-930-2: apturl, Epiphany, gecko-sharp, gnome-python-extras, liferea, rhythmbox, totem, ubufox, yelp update

USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2 on Ubuntu 8.04 LTS. Original advisory details: If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a...

USN-930-1: Firefox and Xulrunner vulnerabilities

If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.0...

SeaMonkey < 2.0.5 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.0.5. Such versions are potentially affected by the following security issues : - A memory corruption vulnerability can lead to arbitrary code execution if garbage collection is carefully timed after DOM nodes are moved between documents. MFSA...

Firefox < 3.5.10 Multiple Vulnerabilities

The installed version of Firefox is earlier than 3.5.10. Such versions are potentially affected by the following security issues : - A memory corruption vulnerability can lead to arbitrary code execution if garbage collection is carefully timed after DOM nodes are moved between documents. MFSA...

mozilla: in-session phishing attack

The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote attackers to track a user, or trick a...

Researchers Improve Random-Number Generation with Forced Memory 'Twitching'

A German research team has now developed a true random number generator that uses an extra layer of randomness by making a computer memory element, a flip-flop, twitch randomly between its two states 1 or 0. Immediately prior to the switch, the flip-flop is in a “metastable state” where its...

CentOS 5 : kernel (CESA-2009:1455)

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Updated 23rd February 2010 This update adds references to two KBase articles...

CentOS 5 : kernel (CESA-2007:0376)

Updated kernel packages that fix security issues and bugs in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These n...

kernel security update

CentOS Errata and Security Advisory CESA-2009:1455 Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Updated 23rd February 2010...

RHEL 5 : kernel (RHSA-2009:1455)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2009:1455 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fix: a NULL pointer dereference flaw was found in the...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Updated 23rd February 2010 This update adds references to two KBase articles...

PT-2009-5592 · Qnap · Qnap Ts-639 Pro +1

Name of the Vulnerable Software and Affected Versions: QNAP TS-239 Pro and TS-639 Pro versions 2.1.7 0613, 3.1.0 0627, 3.1.1 0815 Description: The issue allows local users to determine a certain recovery key via a brute-force attack because the rand library function is used to generate this key...

Random number generator and input name linebreaks can be used to send custom data to other sites

Input names can contain line breaks when data is sent using POST. Suitable use of the random number generator can reveal predictable boundaries that will be used when sending the POST data. These can be combined to add extra boundaries into the data, containing payloads that may confuse the...

Random number generator and input name linebreaks can be used to send custom data to other sites – Opera Security Advisories

Random number generator and input name linebreaks can be used to send custom data to other sites – Opera Security Advisories OPCOM Team | June 10, 2009 Severity Moderately severe Problem description Input names can contain line breaks when data is sent using POST. Suitable use of the random numbe...

CentOS 4 : kernel (CESA-2007:0939)

Updated kernel packages that fix various security issues in the Red Hat Enterprise Linux 4 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel is the core of the operating system. These updated kernel...

Mandriva Update for kernel MDKSA-2007:171 (kernel)

Check for the Version of kernel OpenVAS Vulnerability Test Mandriva Update for kernel MDKSA-2007:171 kernel Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Ubuntu Update for linux-source-2.6.17 vulnerabilities USN-486-1

Ubuntu Update for Linux kernel vulnerabilities USN-486-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4861.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for linux-source-2.6.17 vulnerabilities USN-486-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu Update for linux-source-2.6.20 vulnerabilities USN-470-1

Ubuntu Update for Linux kernel vulnerabilities USN-470-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4701.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for linux-source-2.6.20 vulnerabilities USN-470-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu Update for linux-source-2.6.15 vulnerability USN-489-1

Ubuntu Update for Linux kernel vulnerabilities USN-489-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4891.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for linux-source-2.6.15 vulnerability USN-489-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-508-1

Ubuntu Update for Linux kernel vulnerabilities USN-508-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5081.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-508-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...