SUSE SLED11 / SLES11 Security Update : mozilla-nss (SUSE-SU-2016:0189-1) (SLOTH)

This update contains mozilla-nss 3.19.2.2 and fixes the following security issue : - CVE-2015-7575: MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature bsc959888 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE securi...

SUSE SLED11 / SLES11 Security Update : libksba (SUSE-SU-2016:0008-1)

The libksba package was updated to fix the following security issues : - Fixed an integer overflow, an out of bounds read and a stack overflow issues bsc926826. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

SUSE SLED11 / SLES11 Security Update : bind (SUSE-SU-2015:2340-1)

This update fixes the following security issue : - CVE-2015-8000: Fix remote denial of service by misparsing incoming responses bsc958861. It also fixes a bug : - Fix a regression in caching entries with a TTL of 0 bsc923281. Note that Tenable Network Security has extracted the preceding...

abrt (Centos 7.1 / Fedora 22) - Local Privilege Escalation

!/usr/bin/python CVE-2015-5273 + CVE-2015-5287 CENTOS 7.1/Fedora22 local root probably works on SL and older versions too abrt-hook-ccpp insecure open usage + abrt-action-install-debuginfo insecure temp directory usage rebel 09/2015 ---------------------------------------- user@localhost $ id...

abrt (Centos 7.1 Fedora 22) - Local Privilege Escalation

abrt Centos 7.1 Fedora 22 - Local Privilege Escalation !/usr/bin/python CVE-2015-5273 + CVE-2015-5287 CENTOS 7.1/Fedora22 local root probably works on SL and older versions too abrt-hook-ccpp insecure open usage + abrt-action-install-debuginfo insecure temp directory usage rebel 09/2015...

Amazon Linux: Security Advisory (ALAS-2015-468)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2015-548)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2015-495)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2015-464)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the OpenSUSE operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libxml2-debuginfo-32bit package on the OpenSUSE operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

The vulnerability of the OpenSUSE operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libxml2-debuginfo package in the OpenSUSE operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libpng-debuginfo-1.2.49 package for the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libxml2-debuginfo-2.6.26 package for the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the gnutls-debuginfo-1.4.1 package for the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

The vulnerability of the OpenSUSE operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libxml2-tools-debuginfo package in the OpenSUSE operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the openssl-debuginfo-0.9.8e package for the Red Hat Enterprise Linux operating system can lead to violations of the confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

abrt: missing process environment sanitizaton in abrt-action-install-debuginfo-to-abrt-cache

It was discovered that the abrt-action-install-debuginfo-to-abrt-cache helper program did not properly filter the process environment before invoking abrt-action-install-debuginfo. A local attacker could use this flaw to escalate their privileges on the system...

The vulnerability of the Red Hat Enterprise Linux operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the kernel-debuginfo-common-2.6.18 package in the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited locally...

The vulnerability of the Red Hat Enterprise Linux operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the kernel-PAE-debuginfo-2.6.18 package of the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. The vulnerability can be exploited locally...

Vulnerabilities of the Red Hat Enterprise Linux operating system that allow attackers to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities of the libvirt-debuginfo-0.10.2 package for the Red Hat Enterprise Linux operating system may lead to breaches of confidentiality, integrity, and accessibility of protected information...