7640 matches found
Webmin < 1.690 Multiple XSS
According to its self-reported version, the Webmin install hosted on the remote host is prior to version 1.690. It is, therefore, affected by multiple cross-site scripting vulnerabilities : - The application is affected by multiple unspecified cross-site scripting vulnerabilities. CVE-2014-3885 -...
unbreakable enterprise kernel security bug fix update
2.6.39-400.215.10 - auditsc: auditkrule mask accesses need bounds checking Andy Lutomirski Orabug: 19590597 CVE-2014-3917 2.6.39-400.215.9 - oracleasm: Add support for new error return codes from block/SCSI Martin K. Petersen Orabug: 18438934 2.6.39-400.215.8 - ibipoib: CSUM support in connected...
Unbreakable Enterprise kernel security update
3.8.13-44.1.1 - auditsc: auditkrule mask accesses need bounds checking Andy Lutomirski Orabug: 19590596 CVE-2014-3917...
unbreakable enterprise kernel security update
kernel-uek 2.6.32-400.36.8uek - auditsc: auditkrule mask accesses need bounds checking Andy Lutomirski Orabug: 19590638 CVE-2014-3917 - futex: Fix errors in nested key ref-counting Darren Hart Orabug: 19590443 CVE-2014-0205...
[20140902] - Core - Unauthorised Logins
Inadequate checking allowed unauthorised logins via LDAP authentication...
PHP 5.3.x < 5.3.29 Multiple Vulnerabilities
According to its banner, the version of PHP installed on the remote host is 5.3.x prior to 5.3.29. It is, therefore, affected by the following vulnerabilities : - A heap-based buffer overflow error exists in the file 'ext/date/lib/parseisointervals.c' related to handling DateInterval objects that...
SAMHAIN v3.1.2 - File Integrity Checker / Host-Based Intrusion Detection System
The Samhain host-based intrusion detection system HIDS provides file integrity checking and log file monitoring/analysis , as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. Samhain been designed to monitor multiple hosts with potentially...
Debian DSA-2993-1 : tor - security update
Several issues have been discovered in Tor, a connection-based low-latency anonymous communication system, resulting in information leaks. - Relay-early cells could be used by colluding relays on the network to tag user circuits and so deploy traffic confirmation attacks CVE-2014-5117. The update...
[SECURITY] [DSA 2993-1] tor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2993-1 [email protected] http://www.debian.org/security/ Peter Palfrader July 31, 2014 http://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-2993-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2015:1011-1 Security update for CUPS
This update fixes various issues in CUPS. CVE-2014-3537 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031: Various insufficient symbolic link checking could have lead to privilege escalation from the lp user to root. Security Issues: CVE-2014-3537 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031...
Medium: python27
Issue Overview: It was reported http://bugs.python.org/issue21529 that Python built-in json module have a flaw insufficient bounds checking, which allows a local user to read current process' arbitrary memory. Quoting the upstream bug report: The sole prerequisites of this attack are that the...
CVE-2014-3886
Cross-site scripting XSS vulnerability in Webmin before 1.690, when referrer checking is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924...
Cross site scripting
Cross-site scripting XSS vulnerability in Webmin before 1.690, when referrer checking is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924...
PHP Multiple Vulnerabilities - 01 (Jul 2014)
PHP is prone to multiple vulnerabilities. This VT has been deprecated and merged into the VTs SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Mandriva Linux Security Advisory : python (MDVSA-2014:135)
Updated python and python-simplejson package fixes security vulnerability Python are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the json module caused by insufficient bounds checking. The bug is caused by allowing the user to supply a negative value tha...
Medium: openssh
Issue Overview: sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshdconfig, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character. The verifyhostkey function in sshconnect.c in the...
Low: python-simplejson
Issue Overview: It was reported http://bugs.python.org/issue21529 that Python built-in json module have a flaw insufficient bounds checking, which allows a local user to read current process' arbitrary memory. Quoting the upstream bug report: The sole prerequisites of this attack are that the...
Updated python-simplejson package fixes security vulnerability
Python 2 and 3 are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the json module caused by insufficient bounds checking. The bug is caused by allowing the user to supply a negative value that is used as an array index, causing the scanstring function to...
MGASA-2014-0286 Updated python-simplejson package fixes security vulnerability
Python 2 and 3 are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the json module caused by insufficient bounds checking. The bug is caused by allowing the user to supply a negative value that is used as an array index, causing the scanstring function to...