Fedora 20 : sks-1.1.5-2.fc20 (2014-9344)

Upgrade to 1.1.5 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...

Fedora 19 : jakarta-commons-httpclient-3.1-15.fc19 (2014-9539)

Security fix for CVE-2014-3577, CVE-2012-6153 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Autodesk SketchBook Pro < 6.2.6 Multiple Overflow Vulnerabilities

The version of Autodesk SketchBook Pro installed on the remote Mac OS X host is prior to 6.2.6. It is, therefore, affected by integer and heap-based buffer overflow vulnerabilities. Using a specially crafted PSD or PXD file, an attacker could cause a denial of service or execute arbitrary code. C...

Fedora 19 : transmission-2.84-1.fc19 (2014-8332)

update to 2.84 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...

Fedora 19 : chicken-4.8.0.6-2.fc19 (2014-6553)

Fix for CVE-2014-3776 and bump to 4.8.0.6. Latest upstream release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora 20 : kernel-3.15.7-200.fc20 (2014-9010)

The 3.15.7 stable update contains a number of important fixes throughout the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 20 : cups-1.7.4-3.fc20 (2014-8752)

This update fixes one security flaw as well as broken CGI script handling. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducin...

Juniper Junos SRX Series Web Authentication XSS (JSA10640)

According to its self-reported version number, the remote Junos device is affected by a reflected cross site scripting vulnerability. An attacker can exploit this to steal sensitive information or session credentials from firewall users. Note that this issue only affects devices where Web...

Fedora 20 : xen-4.3.2-6.fc20 (2014-7722)

Hypervisor heap contents leaked to guest, with extra patch to avoid regression Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 20 : lzo-2.08-1.fc20 (2014-7926)

New upstream Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...

Fedora 19 : gnupg2-2.0.24-1.fc19 (2014-7797)

Minor security update from upstream. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...

National Science Foundation Squid Web Proxy 1.0/1.1/2.1 Authentication Failure

No description provided by source. source: http://www.securityfocus.com/bid/741/info There is a vulnerability present in certain versions of the Squid Web Proxy Cache developed by the National Science Foundation. This problem is only in effect when users of the cache are using an external...

QuiXplorer 2.3 - Bugtraq File Upload Vulnerability

No description provided by source. Exploit Title: QuiXplorer 2.3 = Bugtraq File Upload Vulnerability Google Dork: QuiXplorer 2.3 - the QuiX project Date: 13/11/2011 Author: PCA & krhrkrhr and Software Link: http://quixplorer.sourceforge.net/ Version: QuiXplorer 2.3 Tested on: linux ,windows CVE :...

LCDProc 0.4 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1131/info A vulnerability exists in the server portion of version 0.4 of the LCDProc package. Several remote buffer overflows exist that could allow a remote attacker to corrupt memory and execute arbitrary code. As liste...

MS IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal Vulnerability (7)

No description provided by source. !/usr/bin/perl IIS 4.0/5.0 Unicode Exploit Checks for each script that has been posted on the BugTraq Lis Shouts to bighawkthats for help, datagram, Ghost Rider, The Duke, p4, kript0n and others Since It Uses fork, you gotta keep up with whats happening. Or Just...

Axent Raptor 6.0 - Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/736/info It is possible to remotely lock Axent Raptor firewalls by sending them packets with malformed IP options fields. According to an advisory posted to bugtraq by the perdue CERIAS labs, setting the SECURITY and...

PostNuke Module v4bJournal - Remote SQL Injection Vulnerability

No description provided by source. ---------------------------------------- PostNuke Journal ---------------------------------------- DISCOVERED BY :Ali Abbasi Olom Fonon Mazandaran University - Security Research Center, Babol, Iran Greetz For All Y! UnderGround Group Members www.2600.ir Greetz F...

TestLink Test Management and Execution System - Multiple XSS and Injection Vulnerabilities

No description provided by source. Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System 1. Advisory Information Title: Multiple XSS and Injection Vulnerabilities in TestLink...

Oracle e-Business Suite - Multiple Vulnerabilities

No description provided by source. Oracle E-Business Suite is prone to multiple authentication-bypass and HTML-injection vulnerabilities. Attackers could exploit these issues to steal cookie-based authentication credentials, perform unauthorized actions, or bypass certain security restrictions...

Microsoft Windows XP HCP URI Handler Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9621/info The Microsoft Windows XP HCP URI handler has been reported prone to a vulnerability that may provide for arbitrary command execution. The issue is reported to present itself when a specially formatted HCP URI th...