5302 matches found
AIX 6.1 TL 4 : bind9 (IV01118)
The security status of an NS RRset is not properly determined during a DNSKEY algorithm rollover which can allow a remote attacker to cause a denial of service. Signed negative responses and corresponding RRSIG records in the cache are not properly handled which can allow a remote attacker to cau...
USN-1704-1: Linux kernel (Quantal HWE) vulnerabilities
Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. CVE-2012-0957 Jon Howell reported a flaw in the Linux kernel's KVM Kernel-based virtual machine subsystem's handling of the XSAVE feature. On hosts,...
CVE-2013-0176
The publickeyfromprivatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service NULL pointer dereference and crash via a "Client: Diffie-Hellman Key Exchange Init" packet...
Fedora Update for gnupg FEDORA-2013-0477
Check for the Version of gnupg OpenVAS Vulnerability Test Fedora Update for gnupg FEDORA-2013-0477 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
[SECURITY] Fedora 17 Update: gnupg-1.4.13-2.fc17
GnuPG GNU Privacy Guard is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with...
anwsion the latest version of any upload-vulnerability warning-the black bar safety net
Upload attachments where not properly handle the file suffix problem: ! Judgment is the file header does not determine the suffix problem。。。。。。。。 Vulnerability to prove: http://wenda.anwsion.com/uploads/questions/20121126/e826a3e05a4beb6c24373ba014fe39f8.phppass Merge pictures word Trojan...
[SECURITY] Fedora 18 Update: gnupg-1.4.13-2.fc18
GnuPG GNU Privacy Guard is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with...
PT-2013-1562 · Apache · Apache Cxf
Name of the Vulnerable Software and Affected Versions: Apache CXF versions 2.4.5 through 2.4.7 Apache CXF versions 2.5.1 through 2.5.3 Apache CXF versions 2.6.x before 2.6.1 Description: The issue allows remote attackers to bypass certain policies, including AlgorithmSuite, SignedParts,...
kernel security, bug fix and enhancement update
2.6.32-279.19.1.el6 - drm i915: dont clobber the pipe param in sanitizemodesetting Frantisek Hrbata 876549 857792 - drm i915: Sanitize BIOS debugging bits from PIPECONF Frantisek Hrbata 876549 857792 - net fix divide by zero in tcp algorithm illinois Flavio Leitner 871920 866514 CVE-2012-4565 - f...
apache-cxf: Certain child policies of WS-SecurityPolicy 1.1 SupportingToken policy not applied on the client side
Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the 1 AlgorithmSuite, 2 SignedParts, 3 SignedElements, 4...
apache-cxf: Certain child policies of WS-SecurityPolicy 1.1 SupportingToken policy not applied on the client side
Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the 1 AlgorithmSuite, 2 SignedParts, 3 SignedElements, 4...
apache-cxf: Certain child policies of WS-SecurityPolicy 1.1 SupportingToken policy not applied on the client side
Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the 1 AlgorithmSuite, 2 SignedParts, 3 SignedElements, 4...
Ubuntu Update for linux-ec2 USN-1653-1
Ubuntu Update for Linux kernel vulnerabilities USN-1653-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16531.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux-ec2 USN-1653-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Th...
Six Security Flaws Fixed in BIND 9.9.2
A new version of the BIND DNS server software is available, fixing six security vulnerabilities and a long list of other bugs. BIND 9.9.2-P1 is mainly a security update and most of the issues it fixes are crashes and not remote code execution flaws. BIND is the overwhelming leader in market share...
Oracle Java SE 'MurmurHash' Algorithm Hash Collision DoS Vulnerability (Windows)
This host is installed with Oracle Java SE and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gboraclejavasemurmurhashdosvulnwin.nasl 7699 2017-11-08 12:10:34Z santu $ Oracle Java SE 'MurmurHash' Algorithm Hash Collision DoS Vulnerability Windows Authors: Sharath S...
Ubuntu Update for linux USN-1646-1
Ubuntu Update for Linux kernel vulnerabilities USN-1646-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16461.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux USN-1646-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu Update for linux-lts-backport-oneiric USN-1652-1
Ubuntu Update for Linux kernel vulnerabilities USN-1652-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16521.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux-lts-backport-oneiric USN-1652-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH,...
Ubuntu Update for linux USN-1650-1
Ubuntu Update for Linux kernel vulnerabilities USN-1650-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16501.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux USN-1650-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...
Oracle Java SE 'MurmurHash' Algorithm Hash Collision DoS Vulnerability - Windows
Oracle Java SE is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MurmurHash algorythm vulnerabilities
It's easy to predict collisions...