Fedora 19 : kernel-3.10.3-300.fc19 (2013-13663)

Linux v 3.10.3 stable update contains a very large number of fixes across the tree Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Drupal Hostmaster (Aegir) 模块安全绕过漏洞

Bugtraq ID:61327 CNCAN ID：CNCAN-2013071902 Drupal是使用PHP语言编写的开源内容管理框架，它由内容管理系统和PHP开发框架共同构成 Drupal Hostmaster在运行任务时没有进行正确的授权，允许攻击者利用漏洞绕过限制访问其他受限功能 0 Drupal Hostmaster Aegir Module 6.x 厂商解决方案 Drupal Hostmaster Aegir Module 6.x-1.10已经修复此漏洞，建议用户下载更新： http://community.aegirproject.org/1.10...

Mozilla Firefox ESR Multiple Vulnerabilities - August12 (Windows)

This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillafirefoxesrmultvulnaug12win.nasl 6079 2017-05-08 09:03:33Z teissa $ Mozilla Firefox ESR Multiple Vulnerabilities - August12 Windows Authors: Arun Kallavi Copyright:...

Fedora 17 : 389-ds-base-1.2.11.21-1.fc17 (2013-5349)

Here is where you give an explanation of your update. This release fixes 7 critical bugs including one security bug. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format...

Fedora 17 : clamav-0.97.8-2.fc17 (2013-10980)

Fix 963920 Update to 0.97.8 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

Fedora 18 : fail2ban-0.8.10-1.fc18 (2013-10806)

Fail2Ban 0.8.10 addresses a possible remote denial of service attack when using the supplied apache- filters. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as...

Fedora 18 : haproxy-1.4.24-1.fc18 (2013-11212)

Update to upstream stable release 1.4.24. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVE...

Fedora 17 : mingw-gnutls-2.12.23-2.fc17 (2013-9774)

Fix for CVE-2013-2116. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

Fedora 19 : clamav-0.97.8-2.fc19 (2013-10853)

Fix 963920 Update to 0.97.8 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

Mozilla Thunderbird Security Bypass Vulnerabilities - Oct 12 (Mac OS X)

The host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdsecbypassvulnoct12macosx.nasl 6086 2017-05-09 09:03:30Z teissa $ Mozilla Thunderbird Security Bypass Vulnerabilities - Oct 12 Mac OS X Authors: Arun Kallavi...

Microsoft Internet Explorer内存破坏漏洞(CVE-2013-3163)

BUGTRAQ ID: 60975 CVECAN ID: CVE-2013-3163 Windows Internet Explorer，简称MSIE，是微软公司推出的一款网页浏览器。 Microsoft Internet Explorer 9, 10不正确地访问内存中的对象时，存在远程执行代码漏洞。这些漏洞可能以一种攻击者可以在当前用户的上下文中执行任意代码的方式损坏内存。 0 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 临时解决方法： 将 Internet 和本地 Intranet...

Microsoft Windows Media Runtime 'wmvdecod.dll'远程代码执行漏洞(CVE-2013-3127)

BUGTRAQ ID: 60980 CVECAN ID: CVE-2013-3127 MediaPlayer是一个全功能的网络多媒体播放软件。 Windows Media Format Runtime 处理某些媒体文件的方式中存在一个远程执行代码漏洞。如果攻击者成功诱使用户打开特制的媒体文件，此漏洞可能允许攻击者执行任意代码。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。 0 Microsoft Media Player 12 Microsoft Media Player 11 Microsoft Media Format Runtime 9.5...

Drupal Login安全模块安全绕过漏洞

Bugtraq ID:60683 Drupal是一个基于PHP语言编写的开发型CMF（内容管理框架），Drupal Login Security是一个用于Drupal的登录安全模块 Drupal Login Security模块在禁用'soft blocking'时存在安全漏洞，由于模块不正确使用字符串过滤，可导致模块忽略所有检查 0 Drupal Login Security 6.x-1.x Drupal Login Security 7.x-1.x 厂商解决方案 Drupal Login Security 6.x-1.3和7.x-1.3已经修复此漏洞，建议用户下载更新：...

ImageMagick Integer Overflow Vulnerability - 03 June (Windows)

The host is installed with ImageMagick and is prone to integer overflow Vulnerability. OpenVAS Vulnerability Test $Id: gbimagemagickintegeroverflowvuln03jun13win.nasl 8173 2017-12-19 11:45:56Z cfischer $ ImageMagick Integer Overflow Vulnerability - 03 June Windows Authors: Thanga Prakash S...

Linux Kernel 'dispatch_discard_io()'安全绕过漏洞

Bugtraq ID:60414 CVE ID:CVE-2013-2140 Linux是一款开源的操作系统。 由于不充分的检查BLKIFOPDISCARD权限，如果系统管理员提供一个只读权限的磁盘，允许特权Guest用户利用该漏洞绕过限制破坏磁盘上的数据。 0 Linux Kernel 厂商解决方案 用户可参考如下第三方的补丁以修复此漏洞： http://seclists.org/oss-sec/2013/q2/att-488/0001-xen-blkback-Check-device-permissions-before-allowing.patch...

Microsoft Windows Kernel本地信息泄露漏洞(CVE-2013-3136)(MS13-048)

BUGTRAQ ID: 60357 CVECAN ID: CVE-2013-3136 Microsoft Windows是微软公司推出的一系列操作系统。 如果 Windows 内核不正确地处理内存中的对象，则存在一个信息泄露漏洞。成功利用此漏洞的攻击者可能泄露内核地址中的信息。攻击者必须拥有有效的登录凭据并能本地登录才能利用此漏洞。 0 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Storage Server 2003 Microsoft Windows Server 2008 Microsoft...

Microsoft Internet Explorer 内存破坏漏洞(CVE-2013-3112)(MS13-047)

BUGTRAQ ID: 60382 CVECAN ID: CVE-2013-3112 Windows Internet Explorer，简称MSIE，是微软公司推出的一款网页浏览器。 Microsoft Internet Explorer 6、7、8、9、10存在安全漏洞，可使远程攻击者通过特制的网站利用此漏洞执行任意代码或造成拒绝服务。 0 Microsoft Internet Explorer 9 Microsoft Internet Explorer 8 Microsoft Internet Explorer 7 Microsoft Internet Explorer 6.0...

Cisco WebEx Meetings Server 信息泄漏漏洞(CVE-2013-1205)

Bugtraq ID:60373 CVE ID:CVE-2013-1205 Cisco WebEx是一款网络会议解决方案 Cisco WebEx Meetings Server事件中心模块存在一个安全漏洞，由于不正确处理特制的请求，允许远程攻击者利用漏洞提交特制的URL获取事件密码和主机KEY 0 Cisco WebEx Meetings Server 1.0 厂商解决方案 用户可联系厂商获取相应的升级程序或补丁： http://www.cisco.com...

Ubuntu 12.04 LTS / 12.10 / 13.04 : libxinerama vulnerability (USN-1860-1)

Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding...

Solaris 10 (sparc) : 150383-19 (deprecated)

SunOS 5.10: wanboot patch. Date this patch was last updated by Sun : Aug/13/17 This plugin has been deprecated and either replaced with individual 150383 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2018/03/1...