(RHSA-2011:1090) Moderate: rhev-hypervisor security and bug fix update

The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine KVM hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red...

RedHat Update for bash RHSA-2011:1073-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RHEL 5 : bash (RHSA-2011:1073)

An updated bash package that fixes one security issue, several bugs, and adds one enhancement is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives...

RedHat Update for bash RHSA-2011:1073-01

Check for the Version of bash OpenVAS Vulnerability Test RedHat Update for bash RHSA-2011:1073-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

bash: Insecure temporary file use in aliasconv.sh, aliasconv.bash, cshtobash (symlink attack)

bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb.? temporary file, related to the 1 aliasconv.sh, 2 aliasconv.bash, and 3 cshtobash scripts...

Low: Red Hat Security Advisory: bash security, bug fix, and enhancement update

An updated bash package that fixes one security issue, several bugs, and adds one enhancement is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives...

Meggit - US Military and Law Enforcement equipment supplier hacked for #Antisec

Meggit Database Hacked - US Military and Law Enforcement equipment supplier for Antisec Database of www.meggitttrainingsystems.com a US Military and Law Enforcement equipment supplier has been hacked and exposed by Anonymous The Bash Crew . Hackers said "People of the USA your government puts the...

IP Power 9258+ Authentication Bypass

Exploit for windows platform in category remote exploits | | | | | | | | \ | | | \ | | | \ | | | | | | | | | | | / | / | |,|||/ |,|||,| | \ \ \ | | \ | | | | / / ./ ,||| | |Teach, Learn, Party|Teach, Learn, Party|Teach, Learn, Party| irc.efnet.net unallocatedspace --=+Multiple Remote...

Apache Struts XWork 's:submit' HTML标签跨站脚本漏洞

ugtraq ID: 47784 CVE ID：CVE-2011-1772 Apache Struts是一款建立Java web应用程序的开放源代码架构。 通过使用BASH语法的"s:submit"标签传递的Action或方法名，如果没有进行定义，在用于生成错误页面之前，XWork没有对其进行正确过滤。攻击者可以利用漏洞在目标用户浏览器上执行任意HTML和脚本代码。 成功利用漏洞需要启用Dynamic Method Invocation默认启用。 Apache Software Foundation Struts 2.2.1 1 Apache Software Foundation...

bash security and bug fix update

3.0-27 - Dont include backup files Resolves: 657500 3.0-26 - Fixed bash-3.0-tmpfile.patch Resolves: 657500 3.0-25 - Dont include backup files Resolves: 657500 3.0-24 - Use mktemp for temporary files Resolves: 657500 3.0-23 - bash globbing sometimes ignores locale settings Resolves: 539538 - check...

RedHat Update for bash RHSA-2011:0261-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for bash RHSA-2011:0261-01

Check for the Version of bash OpenVAS Vulnerability Test RedHat Update for bash RHSA-2011:0261-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

RHEL 4 : bash (RHSA-2011:0261)

Updated bash packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

Low: Red Hat Security Advisory: bash security and bug fix update

Updated bash packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

UBUNTU-CVE-2010-4001

DISPUTED GMXRC.bash in Gromacs 4.5.1 and earlier places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: CVE disputes this issue because the GMXLDLIB value is always added to th...

Barracuda Networks Spam And Virus Firewall Configuration Retrieval

!/bin/bash Exploit by ShadowHatesYou [email protected] The resulting output is an SQL dump containing the Barracuda's configuration, which includes goodies such as: The administrative password for the BSFsystempassword MTA LDAP passwordsmtaldapadvancedpassword Password for each configured...

Статические анализаторы php. Мини-обзор

С течение времени мы все чаще и чаще можем видеть появление новых систем управления контентом CMS: форумов, блогов, шопов, социальных сетей, и т.д. и т.п. Многие из них, в силу некомпетентности или недостаточного уровня профессионализма их разработчиков, имеют в коде уязвимые места, позволяющие...

MDVA-2010:012 : kdebase4

In kde4.3 this is not possible to execute a bash script when double clicking on it. This update fixes this issue. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This...

MDVA-2010:173 : gnupg2

The file /etc/profile.d/gpg-agent.sh uses the source statement which is not valid in sh or ksh. The source statement for sh, ksh, and bash should be . rather than source. This update fixes this issue. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not...

FreeBSD : sudo -- Secure path vulnerability (d42e5b66-6ea0-11df-9c8d-00e0815b8da8)

Todd Miller reports : Most versions of the C library function getenv return the first instance of an environment variable to the caller. However, some programs, notably the GNU Bourne Again SHell bash, do their own environment parsing and may choose the last instance of a variable rather than the...