715 matches found
DLA-729-1 tomcat7 - security update
Bulletin has no description...
Debian DSA-3720-1 : tomcat8 - security update
Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in possible timing attacks to determine valid user names, bypass of the SecurityManager, disclosure of system properties, unrestricted access to global resources, arbitrary file overwrite...
Debian DSA-3721-1 : tomcat7 - security update
Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in possible timing attacks to determine valid user names, bypass of the SecurityManager, disclosure of system properties, unrestricted access to global resources, arbitrary file overwrite...
[SECURITY] [DSA 3721-1] tomcat7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3721-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 21, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3721-1] tomcat7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3721-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 21, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3720-1] tomcat8 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3720-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 21, 2016 https://www.debian.org/security/faq -...
DSA-3720-1 tomcat8 - security update
Bulletin has no description...
Debian Security Advisory DSA 3720-1 (tomcat8 - security update)
Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in possible timing attacks to determine valid user names, bypass of the SecurityManager, disclosure of system properties, unrestricted access to global resources, arbitrary file overwrite...
Debian Security Advisory DSA 3721-1 (tomcat7 - security update)
Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in possible timing attacks to determine valid user names, bypass of the SecurityManager, disclosure of system properties, unrestricted access to global resources, arbitrary file overwrite...
DSA-3721-1 tomcat7 - security update
Bulletin has no description...
Debian: Security Advisory (DSA-3720-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-3721-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-9077
Canvas allows the use of the "feDisplacementMap" filter on images loaded cross-origin. The rendering by the filter is variable depending on the input pixel, allowing for timing attacks when the images are loaded from third party locations. This vulnerability affects Firefox 50...
Mozilla Patches 29 Vulnerabilities, Prevents MIME Confusion Attacks, in Firefox 50
Mozilla addressed 29 vulnerabilities, three rated critical, when it released the latest iteration of its flagship browser, Firefox 50 and Firefox ESR 45.5, on Tuesday. Firefox developers said this week that it might take some effort, but at least two of the critical bugs could be exploited to run...
Mozilla Firefox Security Advisories (MFSA2016-89, MFSA2016-90) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
Mozilla Firefox Security Advisories (MFSA2016-89, MFSA2016-90) - Mac OS X
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
Timing Attack
Overview Affected versions of cookie-signature are vulnerable to timing attacks as a result of using a fail-early comparison instead of a constant-time comparison. Timing attacks remove the exponential increase in entropy gained from increased secret length, by providing per-character feedback on...
Stress Test Anti Malware System: al-khaser
Stress Test Anti Malware System al-khaser is a PoC malware with good intentions that aims to stress your anti-malware system. It performs a bunch of nowadays malwares tricks and the goal is to see if you catch them all. Some of the common use are: You are making an anti-debug plugin and you want ...
SUSE-SU-2016:1471-1 Security update for ntp
This update for ntp fixes the following issues: - Separate the creation of ntp.keys and key 1 in it to avoid problems when upgrading installations that have the file, but no key 1, which is needed e.g. by 'rcntp addserver'. - Update to 4.2.8p7 bsc977446: CVE-2016-1547, bsc977459: Validate...
openSUSE Security Update : ntp (openSUSE-2016-649)
This update for ntp fixes the following issues : - Update to 4.2.8p7 boo977446 : - CVE-2016-1547, boo977459: Validate crypto-NAKs, AKA: CRYPTO-NAK DoS. - CVE-2016-1548, boo977461: Interleave-pivot - CVE-2016-1549, boo977451: Sybil vulnerability: ephemeral association attack. - CVE-2016-1550,...