[SECURITY] Fedora 18 Update: haproxy-1.4.22-1.fc18

HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread the load among several servers while assuring server persistence through the use of HTTP cookies - switch t...

Thomson Wireless VoIP Cable Modem - Authentication Bypass

Exploit Title: Thomson Wireless VoIP Cable Modem Auth Bypass Date: February 22, 2011 Authors: Glafkos Charalambous, George Nicolaou Product: TWG850-4 Wireless VoIP Cable Modem Software Version: ST9A.01.06 Severity: High Other Vulnerabilities: Unauthenticated Backup File Access, Plaintext Protocol...

Fedora Update for python-tornado FEDORA-2012-8194

Check for the Version of python-tornado OpenVAS Vulnerability Test Fedora Update for python-tornado FEDORA-2012-8194 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

squidGuard 1.4 Denial Of Service

We're using squidGuard 1.4 and discovered a possible denial of service. When a user is accessing a very long URL, a internal buffer is too small and squidguard is entering emergency mode. In this mode, no blocking is done anymore. The URL for reference:...

Alpha Networks ADSL22+ Wireless Router ASL-26555 - Password Disclosure

Alpha Networks ADSL22+ Wireless Router ASL-26555 - Password Disclosure - Title: Alpha Networks ADSL2/2+ Wireless Router ASL-26555 Remote Administration Password Disclosure - Author: Alberto Ortega @a0rtega [email protected] - Version: Tested on firmware version v2.0.0.30BES. Laboratory subject:...

Alpha Networks ADSL2/2+ Wireless Router ASL-26555 - Password Disclosure

Title: Alpha Networks ADSL2/2+ Wireless Router ASL-26555 Remote Administration Password Disclosure - Author: Alberto Ortega @a0rtega [email protected] - Version: Tested on firmware version v2.0.0.30BES. Laboratory subject: http://a0rtega.pentbox.net/files/asl-26555-zombie.jpg - Summary: Alpha...

Alpha Networks ADSL2/2+ Wireless Router ASL-26555 Information Disclosure Vulnerability - Active Check

Alpha Networks ADSL2/2+ ASL-26555 wireless router is prone to an information disclosure vulnerability. Copyright C 2012 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Alpha Networks ADSL2/2+ Wireless Router ASL-26555 Password Disclosure

Title: Alpha Networks ADSL2/2+ Wireless Router ASL-26555 Remote Administration Password Disclosure - Author: Alberto Ortega @a0rtega [email protected] - Version: Tested on firmware version v2.0.0.30BES. Laboratory subject: http://a0rtega.pentbox.net/files/asl-26555-zombie.jpg - Summary: Alpha...

SA-CONTRIB-2012-123 - Shibboleth authentication - Access Bypass

The Shibboleth authentication module provides user authentication with Shibboleth single sign-on systems both v1.3 and v2.0 as well as some authorization features automatic role assignment based on Shibboleth attributes. The module doesn't sufficiently confirm the user's active status in Drupal...

CVE-2011-4592

The command-line cron implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly interact with IP blocking, which might allow remote attackers to bypass intended IP address restrictions by leveraging a configuration in which IP blocking was disabled to restore cron...

Command injection

The command-line cron implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly interact with IP blocking, which might allow remote attackers to bypass intended IP address restrictions by leveraging a configuration in which IP blocking was disabled to restore cron...

CVE-2011-4592

The command-line cron implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly interact with IP blocking, which might allow remote attackers to bypass intended IP address restrictions by leveraging a configuration in which IP blocking was disabled to restore cron...

CVE-2011-4592

The CVE-2011-4592 issue affects Moodle’s command-line cron on Moodle 2.0.x (before 2.0.6) and 2.1.x (before 2.1.3). The root cause is improper interaction with IP blocking, which could allow remote attackers to bypass IP restrictions by exploiting a configuration where IP blocking was disabled to...

PT-2012-1924 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 2.0.x through 2.0.5 Moodle versions 2.1.x through 2.1.2 Description: The issue is related to the command-line cron implementation, which does not properly interact with IP blocking. This might allow remote attackers to bypass...

Microsoft IE属性移除远程代码执行漏洞 (MS12-044)

CVE ID: CVE-2012-1524 Microsoft Internet Explorer是微软公司推出的一款网页浏览器。 Internet Explorer访问已经删除的对象时存在安全漏洞，可通过执行任意代码破坏内存。 0 Microsoft Internet Explorer 临时解决方法： 如果您不能立刻安装补丁或者升级，NSFOCUS建议您采取以下措施以降低威胁： 将互联网和本地内联网安全区域设置为“高”阻止这些区域中的ActiveX控件和活动脚本。 将IE配置为运行活动脚本之前提示或禁止。 厂商补丁： Microsoft ---------...

Pages can prevent navigation to a target page, spoofing the address field – Opera Security Advisories

When a user types a new URL for the browser to load, the currently active page may detect when the new page is about to load and prevent the navigation, while still leaving the new URL displayed in the address bar. This can then be used to spoof the URL of the target page. The malicious page woul...

SeaMonkey 2.x < 2.10 Multiple Vulnerabilities

Binary data 6496.prm...

SeaMonkey < 2.10.0 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.10.0. Such versions are potentially affected by the following security issues : - An error exists in the ASN.1 decoder when handling zero length items that can lead to application crashes. CVE-2012-0441 - Multiple memory corruption errors exist...

Thunderbird 10.0.x < 10.0.5 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird 10.0.x is potentially affected by the following security issues : - An error exists in the ASN.1 decoder when handling zero length items that can lead to application crashes. CVE-2012-0441 - Multiple memory corruption errors exist. CVE-2012-1937, CVE-2012-1939...

Mozilla Thunderbird < 13.0 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 13.0 and thus, is potentially affected by the following security issues : - An error exists in the ASN.1 decoder when handling zero length items that can lead to application crashes. CVE-2012-0441 - Multiple memory corruption errors exist...