Ubuntu: Security Advisory (USN-3163-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3163-1: NSS vulnerabilities

It was discovered that NSS incorrectly handled certain invalid Diffie-Hellman keys. A remote attacker could possibly use this flaw to cause NSS to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-5285 Hubert Kari...

idb - iOS App Security Assessment Tool

idb is a tool to simplify some common tasks for iOS app security assessments and research. Please see the Documentation for a more detailed summary of each function. Features Assessment Setup SSH port forwarding Installation of helper utilities App Information Bundle information Registered URL...

Mozilla Firefox SVG animation nsSMILTimeContainer use-after-free vulnerability

Overview Mozilla Firefox contains a use-after-free vulnerability in the SVG animation functionality, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Mozilla Firefox supports SVG animation through the use of SMIL. The...

HellRaiser - Vulnerability Scanner

Install Install ruby, bundler and rails. https://gorails.com/setup/ubuntu/16.04 Install redis-server and nmap. sudo apt-get update sudo apt-get install redis-server nmap Clone HellRaiser repository, change to hellraiser web app directory and run bundle install. git clone...

java-1.7.0-openjdk security update

1:1.7.0.111-2.6.7.1.0.1 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Oracle Linux' 1:1.7.0.111-2.6.7.1 - Bump to jdk7u111 b01 to fix TCK regressions 7081817 & 8162344 - Resolves: rhbz1350038 1:1.7.0.111-2.6.7.0 - Bump to 2.6.7 and u111b00. - Update SystemTap bundle with fix for...

Ubuntu 14.04 LTS / 16.04 LTS : NSS vulnerability (USN-3029-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3029-1 advisory. Tyson Smith and Jed Davis discovered that NSS incorrectly handled memory. A remote attacker could use this issue to cause NSS to crash, resulting in a...

USN-3029-1 nss vulnerability

Tyson Smith and Jed Davis discovered that NSS incorrectly handled memory. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. This update refreshes the NSS package to version 3.23 which includes the latest CA...

CVE-2015-5723

Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local...

CVE-2015-5723

Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local...

CVE-2015-5723

Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local...

CVE-2015-5723

Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local...

CVE-2015-5723

CVE-2015-5723 affects multiple Doctrine projects (Annotations <1.2.7; Cache <1.3.2 and 1.4.x <1.4.2; Common <2.4.3 and 2.5.x <2.5.1; ORM <2.4.8 or 2.5.x <2.5.1; MongoDB ODM <1.0.2; MongoDB ODM Bundle

XenMobile POC Cheat Sheet

The purpose of this cheat sheet is to provide a detailed POC checklist to assist with the implementation of On-Premise POC implementations. This checklist includes a detailed diagram of your XenMobile POC implementation populated from the information included in the filled out checklist. Addition...

Debian DLA-469-1 : libgwenhywfar security update

It was discovered that libgwenhywfar an OS abstraction layer that allows porting of software to different operating systems like Linux, BSD, Windows etc. used an outdated CA certificate bundle. For Debian 7 'Wheezy', this issue has been fixed in libgwenhywfar version 4.3.3-1+deb7u1 by utilising t...

PhotoDirector - Bundle Version - Customized SSL, Dynamic Code Loading, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application PhotoDirector - Bundle Version published at the 'play' market has multiple vulnerabilities...

openSUSE Security Update : exim (openSUSE-2016-326)

This update to exim 4.86.2 fixes the following issues : - CVE-2016-1531: local privilege escalation for set-uid root exim when using 'perlstartup' boo968844 Important: Exim now cleans the complete execution environment by default. This affects Exim and subprocesses such as transports calling othe...

WordPress Email Encoder Bundle 1.4.3 Cross Site Scripting

================================================================================ WordPress Email Encoder Bundle 1.4.3 - Stored Cross Site Scripting ================================================================================ Author: Ehsan Hosseini Vendor Homepage:...

Security update for exim (important)

This update to exim 4.86.2 fixes the following issues: CVE-2016-1531: local privilege escalation for set-uid root exim when using 'perlstartup' boo968844 Important: Exim now cleans the complete execution environment by default. This affects Exim and subprocesses such as transports calling other...

USN-2913-3 openssl update

USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the OpenSSL package to properly handle the removal. Original advisory details: The ca-certificates package contained outdated CA certificates. This update...