Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update

An updated Red Hat JBoss Enterprise Application Platform 6.4.3 package that fixes a security issue, several bugs and adds various enhancements is now available for Red Hat Enterprise Linux 6. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss...

Updated bash packages fix CVE-2014-6271

Updated bash packages fix security vulnerability: A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote...

Tiki Wiki CMS Groupware vulnerable to SQL injection

Overview Tiki Wiki CMS Groupware Tiki is a content management system CMS. Tiki contains a SQL injection vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary SQL...

PT-2013-1298 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos versions prior to 10.4R13 Junos versions 11.4 before 11.4R7 Junos versions 12.1 before 12.1R5 Junos versions 12.2 before 12.2R3 Junos versions 12.3 before 12.3R1 Description: The issue allows remote authenticated users to execute...

MoinMoin: Multiple vulnerabilities

Background MoinMoin is a Python WikiEngine. Description Multiple vulnerabilities have been discovered in MoinMoin. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to execute arbitrary code with the privileges of the process, overwrite arbitrary...

Important: Red Hat Security Advisory: JBoss Enterprise Portal Platform 5.2.2 security update

An update for the GateIn Portal component in JBoss Enterprise Portal Platform 5.2.2 that fixes two security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System...

Win $13,500 bounty to hack Kim Dotcom's Mega encryption

Kim Dotcom is offering a bounty of €10,000 approx. US$13,580 to the first person who breaks its newly launched file storage service. Mega's launch last month was meet by criticism from multiple security researchers, Kim Dotcom announced a prize to the hackers last week. Kim tweeted,"Mega‘s open...

RHEL 6 : libtasn1 (RHSA-2012:0427)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:0427 advisory. libtasn1 is a library developed for ASN.1 Abstract Syntax Notation One structures management that includes DER Distinguished Encoding Rules encoding...

PT-2012-2538 · Apache · Apache Struts

Name of the Vulnerable Software and Affected Versions: Apache Struts versions prior to 2.3.1.1 Description: The issue allows remote attackers to execute arbitrary commands via unspecified vectors when the DebuggingInterceptor component is used in developer mode. The vendor characterizes this...

RHEL 6 : ipmitool (RHSA-2011:1814)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2011:1814 advisory. The ipmitool package contains a command line utility for interfacing with devices that support the Intelligent Platform Management Interface IPMI...

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 5.1.1 update

Updated JBoss Enterprise Application Platform 5.1.1 packages that fix one security issue and various bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base...

Low: Red Hat Security Advisory: JBoss Enterprise Application Platform 5.1.0 security and bug fix update

Updated JBoss Enterprise Application Platform 5.1 packages that fix one security issue and various bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score,...

PT-2010-1165

Name of the Vulnerable Software and Affected Versions Adobe Reader and Acrobat versions 8.x through 8.2.1 Adobe Reader and Acrobat versions 9.x through 9.3.1 Description The issue is related to an unspecified vulnerability in Adobe Reader and Acrobat, allowing attackers to cause a denial of servi...

CentOS Update for kernel CESA-2008:0167 centos4 x86_64

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2008:0167 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

PT-2008-1556 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.2.x before 2.2.7-dev Description: The issue is related to an unspecified vulnerability in mod proxy balancer for Apache HTTP Server when running on Windows. It allows remote attackers to trigger memory corruption...

PT-2007-3801 · Phpmychat · Phpmychat

Name of the Vulnerable Software and Affected Versions: phpMyChat version 0.14.5 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the ChatPath parameter in the phpMyChat.php3 file. However, it has been disputed by multiple third parties because the $ChatPat...

PT-2006-2922 · Ethereal · Ethereal

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.8.x through 0.10.14 Description: The issue allows remote attackers to cause a denial of service, resulting in a crash due to a null dereference. This can be achieved via the Sniffer capture or the SMB PIPE dissector...

Golden FTP Server Pro 2.52 - Remote Buffer Overflow (2)

/ Golden FTP Server Pro remote stack BOF exploit author : c0d3r "kaveh razavi" [email protected] [email protected] risk : highly critical vender status : no patch released , all targets are vuln package : golden-ftp-server-pro 2.5.0.0 and prior advisory : http://secunia.com/advisories/15156/...

RHEL 3 / 4 : gaim (RHSA-2005:215)

An updated gaim package that fixes various security issues as well as a number of bugs is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Gaim application is a multi-protocol instant messaging client. Two HTML parsing bugs...

TYPO3 'cmw_linklist Extension' 'category_uid' Parameter SQL Injection

The installation of TYPO3 on the remote host is vulnerable to remote SQL injection attacks through the parameter 'categoryuid' used by the third-party cmwlinklist extension. By exploiting this flaw, a remote attacker can uncover sensitive information or even modify existing data. %NASLMINLEVEL...