52 matches found
CVE-2016-10739
In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the...
ACR/SR Behavior Change with Receiver for Windows 4.7
This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. ACR/SR is enabled out-of-the-box after users upgrade XenApp/XenDesktop to 7.13 or newer along with...
CVE-2017-3204
The Go SSH library x/crypto/ssh by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey verification mechanism...
DEBIAN-CVE-2017-3204
The Go SSH library x/crypto/ssh by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey verification mechanism...
CVE-2016-1531
Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perlstartup argument...
Little Change in Online Behavior Following Snowden Revelations
Some 30 percent of American adults say they have altered their digital behavior in the wake of Edward Snowden’s NSA spying revelations in order to hide information from the government. In Spring 2013, Snowden, a then NSA contractor working for Booz Allen Hamilton, remotely accessed the NSA’s Ft...
FreeBSD : rssh -- configuration restrictions bypass (a4598875-ec91-11e1-8bd8-0022156e8794)
Derek Martin rssh maintainer reports : John Barber reported a problem where, if the system administrator misconfigures rssh by providing too few access bits in the configuration file, the user will be given default permissions scp to the entire system, potentially circumventing any configured...
[SECURITY] [DSA-2154-1] exim4 security update
------------------------------------------------------------------------ Debian Security Advisory DSA-2154-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 30, 2011 http://www.debian.org/security/faq -...
rssh -- configuration restrictions bypass
Derek Martin rssh maintainer reports: John Barber reported a problem where, if the system administrator misconfigures rssh by providing too few access bits in the configuration file, the user will be given default permissions scp to the entire system, potentially circumventing any configured...
perl security update
4:5.8.8-32.el5.1 - third version of patch fix change of behaviour of rmtree for common user - Resolves: rhbz597203 4:5.8.8-32.el5 - rhbz595416 change documentation of File::Path - Related: rhbz591167 4:5.8.8-31.el5 - remove previous fix - Related: rhbz591167 4:5.8.8-30.el5 - change config to file...
Study: Women more affected by ID fraud
From CNet Elinor Mills Women are more affected by identity fraud then men are, according to a new survey that also found that it takes women longer to restore their identities but they also tend to change their behavior afterward. In a survey of 808 U.S. households, half of which reported fraud, ...
Fedora Core 5 : gnupg-1.4.7-1 (2007-316)
This updates GnuPG to version 1.4.7, changing the default behavior so that gnupg now flags message streams which contain multiple plaintexts as an error. This prevents errors which would occur when applications which called gnupg assumed that this was already the default behavior. Note that Tenab...