SUSE-SU-2015:0580-1 Recommended update for util-linux

This update for util-linux provides the following fixes: Make blkid8 issue only one READ on faulty devices. bnc859062 Added option -r to fsck8 to dump a few resource statistics after each successful run. bnc761815 Prevent excessive clock drift calculations. bnc871698 Check /etc/adjtime drift...

NSF Awards $15m for New Secure Internet Architecture

The National Science Foundation NSF is awarding $15 million in grants for the development, deployment and testing of future Internet architectures that are designed to enhance security, respond to emerging service challenges, and increase scalability. In 2010, the NSF Directorate for Computer and...

prevent crashing when running out of database connections

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-33522. panel One common total crash for Confluence is when it does run out of database connection. Any reliable web application...

[SECURITY] Fedora 20 Update: php-ZendFramework-1.12.5-1.fc20

Extending the art & spirit of PHP, Zend Framework is based on simplicity, object-oriented best practices, corporate friendly licensing, and a rigorou sly tested agile code base. Zend Framework is focused on building more secure, reliable, and modern Web 2.0 applications & web services, and...

[Haveged 1.9.1] A simple entropy daemon

The haveged project is an attempt to provide an easy-to-use, unpredictable random number generator based upon an adaptation of the HAVEGE algorithm. Haveged was created to remedy low-entropy conditions in the Linux random device that can occur under some workloads, especially on headless servers...

[Haveged] A simple Entropy Daemon

The haveged project is an attempt to provide an easy-to-use, unpredictable random number generator based upon an adaptation of the HAVEGE algorithm. Haveged was created to remedy low-entropy conditions in the Linux random device that can occur under some workloads, especially on headless servers...

Description of the update for Lync Server 2010, Web Conferencing Server: January 2012

Describes the update for Lync Server 2010, Web Conferencing Server that is dated January 2012.SummaryThis article describes the update for Microsoft Lync Server 2010, Web Conferencing Server that is dated January 2012. This update improves the reliability, stability and performance of Lync Server...

Description of the update for Lync Server 2010, Core Components: March 2012

Describes the update for Lync Server 2010, Core Components that is dated March 2012.SummaryThis article describes the update for Microsoft Lync Server 2010, Core Components that is dated March 2012.INTRODUCTIONThis update improves the reliability, stability, and performance of Lync Server 2010,...

VMWare Setuid vmware-mount Unsafe popen(3)

VMWare Workstation up to and including 9.0.2 build-1031769 and Player have a setuid executable called vmware-mount that invokes lsbrelease in the PATH with popen3. Since PATH is user-controlled, and the default system shell on Debian-derived distributions does not drop privs, we can put an...

20 Years On, the Open Web Faces Challenges

For people of a certain age in the technology industry, one of the ways of establishing a connection with someone is by asking some version of the following question: How long have you been online? Depending upon how you define “online”, the answer can vary from 15 to 25 or even 30 years. But...

WinRM Script Exec Remote Code Execution

This module uses valid credentials to login to the WinRM service and execute a payload. It has two available methods for payload delivery: Powershell 2 and above and VBS CmdStager. The module will check if Powershell is available, and if so uses that method. Otherwise it falls back to the VBS...

Kaspersky Lab Developing Secure Operating System for SCADA

Eugene Kaspersky is working with his engineers at Russian security firm Kaspersky Lab to create a secure-by-design OS for ICS. In an interview Kaspersky said " It's true no one else ever tried to make a secure operating system. This may sound weird because of the many efforts Microsoft, Apple and...

Debian: Security Advisory (DSA-2491-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2012-1245 · Microsoft · Windows Server +1

Name of the Vulnerable Software and Affected Versions: Reliability Analysis Metrics Calculation Engine RACEng affected versions not specified Description: The issue is related to an elevation of privilege vulnerability in the Reliability Analysis Metrics Calculation Engine RACEng due to inadequat...

Debian DSA-2491-1 : postgresql-8.4 - several vulnerabilities

Two vulnerabilities were discovered in PostgreSQL, a SQL database server : - CVE-2012-2143 The crypttext, text function in the pgcrypto contrib module did not handle certain passwords correctly when producing traditional DES-based hashes. Characters after the first 0x80 byte were ignored. -...

Twitter Denies Hacktivists Behind Severe Outage

Twitter officials say it was a “cascading bug” and not the handiwork of hacktivists that brought down the microblogging site today in two separate outages. “This wasn’t due to a hack or our new office or Euro 2012 or GIF avatars, as some have speculated today,” Mazen Rawashdeh, the company’s vice...

DSA-2491-1 postgresql-8.4 - several

Bulletin has no description...

FlexNet License Server Manager lmgrd Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'FlexNet License Server Manager lmgrd...

Moderate: Red Hat Security Advisory: Red Hat Enterprise MRG Messaging 2.1 security and enhancement update

Updated Messaging packages that resolve one security issue, fix multiple bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.1 for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common...

Moderate: Red Hat Security Advisory: Red Hat Enterprise MRG Messaging 2.1 security and enhancement update

Updated Messaging packages that resolve one security issue, fix multiple bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.1 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common...