7041 matches found
[SECURITY] Fedora 22 Update: opensaml-java-2.5.3-9.fc22
OpenSAML is a set of open source C++ & Java libraries meant to support developers working with the Security Assertion Markup Language SAML. OpenSAML 2, the current version, supports SAML 1.0, 1.1, and 2.0...
[SECURITY] Fedora 21 Update: opensaml-java-2.5.3-9.fc21
OpenSAML is a set of open source C++ & Java libraries meant to support developers working with the Security Assertion Markup Language SAML. OpenSAML 2, the current version, supports SAML 1.0, 1.1, and 2.0...
Scientific Linux Security Update : bind on SL6.x, SL7.x i386/x86_64 (20150729)
A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet. CVE-2015-5477...
BIND TKEY Query Denial of Service
This module sends a malformed TKEY query, which exploits an error in handling TKEY queries on affected BIND9 'named' DNS servers. As a result, a vulnerable named server will exit with a REQUIRE assertion failure. This condition can be exploited in versions of BIND between BIND 9.1.0 through 9.8.x...
Scientific Linux Security Update : bind97 on SL5.x i386/x86_64 (20150729)
A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet. CVE-2015-5477...
bind: TKEY query handling flaw leading to denial of service
A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet...
bind: denial of service
A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet leading to denia...
bind: TKEY query handling flaw leading to denial of service
A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet...
bind: TKEY query handling flaw leading to denial of service
A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet...
Amazon Linux AMI : bind (ALAS-2015-566)
A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND functioning as a DNS resolver with DNSSEC validation enabled resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure. C Tenable Network Security, In...
Important: bind
Issue Overview: A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND functioning as a DNS resolver with DNSSEC validation enabled resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure. Affected...
Scientific Linux Security Update : bind on SL7.x x86_64 (20150720)
A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND functioning as a DNS resolver with DNSSEC validation enabled resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure. CVE-2015-4620 After installing...
Apache Qpid Session.gap Denial of Service - Ver2 (CVE-2015-0203)
A denial of service vulnerability exists in Apache Qpid. The vulnerability is due to an assertion failure prior to session establishment when processing the session.gap control segment. A remote, authenticated attacker could exploit this vulnerability by sending an out of sequence session.gap...
mariadb-clients: denial of service
A heap-based buffer overflow was found in the way PCRE handled certain malformed regular expressions. This issue could cause a crash while parsing malicious regular expressions related to an assertion that allows zero repeats...
Updated subversion packages fix security vulnerabilities
Updated subversion packages fix security vulnerabilities: Subversion HTTP servers with FSFS repositories are vulnerable to a remotely triggerable excessive memory use with certain REPORT requests CVE-2015-0202. Subversion moddavsvn and svnserve are vulnerable to a remotely triggerable assertion D...
Mandriva Linux Security Advisory : tor (MDVSA-2015:205)
Updated tor packages fix security vulnerabilities : disgleirio discovered that a malicious client could trigger an assertion failure in a Tor instance providing a hidden service, thus rendering the service inaccessible CVE-2015-2928. DonnchaC discovered that Tor clients would crash with an...
Debian DLA-207-1 : subversion security update
Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2015-0248 Subversion moddavsvn and svnserve were vulnerable to a remotely triggerable assertion DoS vulnerability for certain...
Red Hat PicketLink SAML Assertion AudienceRestriction Security Bypass Vulnerability
Red Hat PicketLink a unified identity management framework for Java applications. A security bypass vulnerability exists in Red Hat PicketLink that could be exploited by an attacker to bypass security restrictions and perform unauthorized access...
Debian DSA-3231-1 : subversion - security update
Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-0248 Subversion moddavsvn and svnserve were vulnerable to a remotely triggerable assertion DoS vulnerability for certain...
Debian Security Advisory DSA 3231-1 (subversion - security update)
Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-0248 Subversion moddavsvn and svnserve were vulnerable to a remotely triggerable assertion DoS vulnerability for certain...