102 matches found
Fedora 16 : 389-ds-base-1.2.10.24-1.fc16 (2012-20156)
Here is where you give an explanation of your update. Here is where you give an explanation of your update. cleanallruv support - Change on SLAPIMODRDNNEWSUPERIOR is not evaluated in ACL ACL rules bypass possible Note that Tenable Network Security has extracted the preceding description block...
CVE-2011-2486
nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mode and allow remote attackers to bypass intended access restrictions, as demonstrated using Flash...
CVE-2012-4516
librdmacm 1.0.16, when ibacm.port is not specified, connects to port 6125, which allows remote attackers to specify the address resolution information for the application via a malicious ibacm service...
CVE-2012-2102
MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service assertion failure and mysqld abort by deleting a record and using HANDLER READ NEXT...
CVE-2012-2749
MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service mysqld crash via vectors related to incorrect calculation and a sort order index...
CVE-2012-1113
Multiple cross-site scripting XSS vulnerabilities in the administration subsystem in Gallery 2 before 2.3.2 and 3 before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-1139
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid stack read operation and memory corruption or possibly execute arbitrary code via crafted glyph data in a BDF font...
Fedora 14 : openswan-2.6.33-3.fc14 (2011-15127)
Fixes for CVE-2011-4073. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
CVE-2011-2705
The SecureRandom.randombytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an...
CVE-2011-2718
Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to 1...
CVE-2011-2697
foomatic-rip-hplip in HP Linux Imaging and Printing HPLIP 3.11.5 allows remote attackers to execute arbitrary code via a crafted FoomaticRIPCommandLine field in a .ppd file...
Fedora 15 : jabberd-2.2.14-1.fc15 (2011-7801)
This update fixes an important security issue CVE-2011-1755, for more information, please see https://bugzilla.redhat.com/showbug.cgi?id=700390. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
CVE-2011-1175
tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before 1.6.1.23, 1.6.2.x before 1.6.2.17.1, and 1.8.x before 1.8.3.1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash by establishing many short TCP sessions to services that use a certain...
CVE-2011-1154
The shredfile function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name...
CVE-2010-3854
Multiple cross-site scripting XSS vulnerabilities in the web administration interface aka Futon in Apache CouchDB 0.8.0 through 1.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-3880
net/ipv4/inetdiag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INETDIAG bytecode, which allows local users to cause a denial of service kernel infinite loop via crafted INETDIAGREQBYTECODE instructions in a netlink message that contains multiple attribute elements, as...
CVE-2010-4172
Multiple cross-site scripting XSS vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 orderBy or 2 sort parameter to sessionsList.jsp, or unspecified input to 3...
Fedora 12 : pidgin-2.7.5-1.fc12 (2010-17130)
New release 2.7.5 Full Upstream ChangeLog : - http://developer.pidgin.im/wiki/ChangeLogversion2.7.410 202010 - http://developer.pidgin.im/wiki/ChangeLogversion2.7.5 10312010 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...
CVE-2010-2943
The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assign...
Fedora 12 : nano-2.0.9-7.fc12 (2010-13157)
CVE-2010-1160 CVE-2010-1161 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...