26 matches found
Debian: Security Advisory (DLA-140-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:1697-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:0107-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in rpm affect IBM Flex System Manager (FSM): (CVE-2013-6435, CVE-2014-8118)
Summary Vulnerabilities have been found in the rpm package included in IBM Flex System Manager FSM. Vulnerability Details Abstract Vulnerabilities have been found in the rpm package included in IBM Flex System Manager FSM. Content Vulnerability Details: CVE-ID: CVE-2013-6435 Description: RPM...
SUSE: Security Advisory for rpm (SUSE-SU-2015:0107-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2014-1976)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DLA-140-1 rpm - security update
Bulletin has no description...
Ubuntu: Security Advisory (USN-2479-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : RPM vulnerabilities (USN-2479-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2479-1 advisory. Florian Weimer discovered that RPM incorrectly handled temporary files. A local attacker could use this issue to execute arbitrary code. CVE-2013-6435...
Debian DSA-3129-1 : rpm - security update
Two vulnerabilities have been discovered in the RPM package manager. - CVE-2013-6435 Florian Weimer discovered a race condition in package signature validation. - CVE-2014-8118 Florian Weimer discovered an integer overflow in parsing CPIO headers which might result in the execution of arbitrary...
[SECURITY] [DSA 3129-1] rpm security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3129-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 15, 2015 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3129-1 (rpm - security update)
Two vulnerabilities have been discovered in the RPM package manager. CVE-2013-6435 Florian Weimer discovered a race condition in package signature validation. CVE-2014-8118 Florian Weimer discovered an integer overflow in parsing CPIO headers which might result in the execution of arbitrary code...
Debian: Security Advisory (DSA-3129-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for rpm FEDORA-2014-16838
Check the version of rpm SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868639";...
Fedora 20 : rpm-4.11.3-2.fc20 (2014-16838)
Add check against malicious CPIO file name size - Fix race condidition where unchecked data is exposed in the file system Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...
openSUSE Security Update : python3-rpm / rpm / rpm-python (openSUSE-SU-2014:1716-1)
This rpm update fixes the following security and non security issues : - honor --noglob in install mode bnc892431 - check for bad invalid name sizes bnc908128 CVE-2014-8118 - create files with mode 0 bnc906803 CVE-2013-6435 This update also includes version updates of rpm-python and python3-rpm...
SuSE 11.3 Security Update : popt (SAT Patch Number 10097)
This rpm update fixes the following security and non security issues. - check for bad invalid name sizes. CVE-2014-8118. bnc908128 - create files with mode 0. CVE-2013-6435. bnc906803 - honor --noglob in install mode. bnc892431 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
[ MDVSA-2014:251 ] rpm
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:251 http://www.mandriva.com/en/support/security/ Package : rpm Date : December 14, 2014 Affected: Business Server 1.0 Problem Description: Updated rpm packages fix security vulnerabilities: It was found that...
CVE-2014-8118
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow...
CVE-2014-8118
The CVE-2014-8118 issue concerns the RPM package manager (RPM) with an integer overflow while parsing a crafted CPIO header in the payload of an RPM file, leading to a stack-based buffer overflow and remote arbitrary-code execution. Documented in multiple sources (IBM FSM bulletin; Debian/DSA adv...