170 matches found
openSUSE Security Update : PackageKit (openSUSE-SU-2013:0381-1)
PackageKit was fixed to add a patch to forbid update to downgrade bnc804983 As the update operation is allowed for logged in regular users, they could install old package versions which might have been still affected by already fixed security problems. %NASLMINLEVEL 70300 C Tenable Network...
Atmail Webmail < 6.3.5 Multiple XSS Vulnerabilities
According to its version, the Atmail Webmail install on the remote host is a version prior to 6.3.5. It is, therefore, potentially affected by the following vulnerabilities : - An input validation error exists related to log search functionality and the 'range' and 'index' parameters. - An input...
SA-CONTRIB-2014-010 - Services - Access Bypass and Privilege Escalation
The Services module enables you to expose an API to third party systems using REST, XML-RPC or other protocols. User update access bypass vulnerability An authenticated user is able to assign additional roles to themselves, which means they can escalate their privileges by assigning an...
PHP-Nuke 8. x <= "chng_uid" blind defect and repair-vulnerability warning-the black bar safety net
Affected version: PHP-Nuke 8. x = Vulnerability description: PHP-Nuke is a Web Portal System or content management system. The goal of PHP-Nuke is to have an automated web site to distribute news and articles with users system. Each user can submit comments to discuss the articles. Main features...
Invision Power Board Currency Mod 1.3 - edit SQL Injection
Invision Power Board Currency Mod 1.3 - edit SQL Injection Exploit Title: Invision Power Board Currency Modedit SQL injection Date: 17/04/2007 Author: Pr0T3cT10n Software Link: www.invisionpower.com Version: 1.3 Tested on: 1.3 CVE: Code: !/usr/bin/perl Invision Power Board Currency Modedit SQL...
Important: Red Hat Security Advisory: gpdf security update
An updated gpdf package that fixes two security issues is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. GPdf is a viewer for Portable Document Format PDF files for GNOME. A buffer overflow flaw was found in the Gfx::doImage...
[SECURITY] [DSA 523-1] New www-sql packages fix buffer overflow
-------------------------------------------------------------------------- Debian Security Advisory DSA 523-1 [email protected] http://www.debian.org/security/ Matt Zimmerman June 19th, 2004 http://www.debian.org/security/faq -...
Important: Red Hat Security Advisory: lha security update
An updated LHA package that fixes several security vulnerabilities is now available. LHA is an archiving and compression utility for LHarc format archives. Ulf Harnhammar discovered two stack buffer overflows and two directory traversal flaws in LHA. An attacker could exploit the buffer overflows...
Critical: Red Hat Security Advisory: : Updated OpenSSH packages fix potential vulnerabilities
Updated OpenSSH packages are now available that fix bugs that may be remotely exploitable. Updated 17 Sep 2003 Updated packages are now available to fix additional buffer manipulation problems which were fixed in OpenSSH 3.7.1. The Common Vulnerabilities and Exposures project cve.mitre.org has...
Moderate: Red Hat Security Advisory: : New util-linux packages available to fix vipw permissions problems
New util-linux packages are available for Red Hat Linux 7.1. These packages fix a problem where vipw would leave the /etc/shadow file world-readable after editing it. It is recommended that all users update to the fixed packages. Also, if you have used vipw on Red Hat Linux 7.1 before, make sure ...