[SECURITY] Fedora 18 Update: mantis-1.2.12-1.fc18

Mantis is a free popular web-based issue tracking system. It is written in the PHP scripting language and works with MySQL, MS SQL, and PostgreSQL databases and a web server. Almost any web browser should be able to function as a client. Documentation can be found in: /usr/share/doc/mantis-1.2.12...

[ISME v0.7] IP Phone Scanning Made Easy

ISME is a small framework to test IP phones from several editors. It can gather information from IP phone infrastructures, test their web servers for default login/password combinations, and also implement attacks against the systems. ISME has been written in perl with a perl/Tk interface to...

(RHSA-2012:1438) Low: Red Hat Enterprise Virtualization 2 End of Life Extension

Red Hat has updated the support life cycle for Red Hat Enterprise Virtualization version 2, extending the end of life for version 2 from November 3rd 2012 until March 1st 2013. During this period customers are recommended to upgrade their existing Red Hat Enterprise Virtualization RHEV 2.x...

[SECURITY] Fedora 17 Update: dokuwiki-0-0.14.20121013.fc17

DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at crea ting documentation of any kind. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...

FreeBSD : django -- multiple vulnerabilities (5f326d75-1db9-11e2-bc8f-d0df9acfd7e5)

The Django Project reports : - Host header poisoning Some parts of Django -- independent of end-user-written applications -- make use of full URLs, including domain name, which are generated from the HTTP Host header. Some attacks against this are beyond Django's ability to control, and require t...

[SECURITY] Fedora 18 Update: dokuwiki-0-0.14.20121013.fc18

DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at crea ting documentation of any kind. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...

Inactive users still receiving emails from "Send email" function

The JIRA documentation for deactivating users says, bq. Will not receive any email notifications from JIRA, even if they continue to remain the assignee, reporter, or watchers of issues. However, when users have been marked as inactive they are not excluded from emails sent to groups via the 'Sen...

Design/Logic Flaw

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Siebel Documentation...

CVE-2012-3229

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Siebel Documentation...

CVE-2012-5304

Static code injection vulnerability in administration/install.php in YVS Image Gallery allows remote attackers to inject arbitrary PHP code into functions/dbconnect.php via unspecified vectors. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the...

Code injection

Static code injection vulnerability in administration/install.php in YVS Image Gallery allows remote attackers to inject arbitrary PHP code into functions/dbconnect.php via unspecified vectors. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the...

CVE-2012-5304

Summary: CVE-2012-5304 refers to a static code injection vulnerability in the YVS Image Gallery, specifically in administration/install.php, allowing remote attackers to inject arbitrary PHP code into functions/db_connect.php via unspecified vectors. The vulnerability is noted to occur when admin...

CVE-2012-6151

creationtimestamp| type| source ---|---|--- 2012-09-05 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38854...

CVE-2012-4747

Bugzilla 2.x and 3.x through 3.6.11, 3.7.x and 4.0.x before 4.0.8, 4.1.x and 4.2.x before 4.2.3, and 4.3.x before 4.3.3 stores potentially sensitive information under the web root with insufficient access control, which allows remote attackers to read 1 template aka .tmpl files, 2 other custom...

CVE-2012-4747

Bugzilla 2.x and 3.x through 3.6.11, 3.7.x and 4.0.x before 4.0.8, 4.1.x and 4.2.x before 4.2.3, and 4.3.x before 4.3.3 stores potentially sensitive information under the web root with insufficient access control, which allows remote attackers to read 1 template aka .tmpl files, 2 other custom...

Fedora Update for dokuwiki FEDORA-2012-6588

Check for the Version of dokuwiki OpenVAS Vulnerability Test Fedora Update for dokuwiki FEDORA-2012-6588 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for python-docs FEDORA-2012-5892

Check for the Version of python-docs OpenVAS Vulnerability Test Fedora Update for python-docs FEDORA-2012-5892 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Fedora Update for wireshark FEDORA-2012-12091

Check for the Version of wireshark OpenVAS Vulnerability Test Fedora Update for wireshark FEDORA-2012-12091 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Fedora Update for postgresql FEDORA-2012-12165

Check for the Version of postgresql OpenVAS Vulnerability Test Fedora Update for postgresql FEDORA-2012-12165 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

[SECURITY] Fedora 17 Update: wireshark-1.6.10-1.fc17

Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...