4420 matches found
openSUSE Security Update : dbus-1 (openSUSE-SU-2014:1228-1)
DBUS-1 was upgraded to upstream release 1.8. This brings the version of dbus to the latest stable release from an unstable snapshot 1.7.4 that is know to have several regressions - Upstream changes since 1.7.4 : + Security fixes : - Do not accept an extra fd in the padding of a cmsg message, whic...
[SECURITY] Fedora 19 Update: net-snmp-5.7.2-15.fc19
SNMP Simple Network Management Protocol is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the...
[SECURITY] Fedora 20 Update: net-snmp-5.7.2-18.fc20
SNMP Simple Network Management Protocol is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the...
[SECURITY] Fedora 20 Update: python-pillow-2.2.1-5.fc20
Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are five subpackages: tk tk interface, qt PIL image wrapper for Qt , sane scanning...
[SECURITY] Fedora 19 Update: python-pillow-2.0.0-14.gitd1c6db8.fc19
Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are five subpackages: tk tk interface, qt PIL image wrapper for Qt , sane scanning...
ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerabilities
ESA-2014-071.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerabilities EMC Identifier: ESA-2014-071 CVE Identifier: CVE-2014-2517, CVE-2014-2505, CVE-2014-0640, CVE-2014-0641 Severity Rating: CVSS v2 Base Score: See below for individual scor...
[SECURITY] Fedora 19 Update: iodine-0.7.0-1.fc19
iodine lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where internet access is firewalled, but DNS queries a re allowed. It runs on Linux, Mac OS X, FreeBSD, NetBSD, OpenBSD and Windows and needs a TUN/TAP device. The bandwidth is asymmetrical with...
[SECURITY] Fedora 20 Update: iodine-0.7.0-1.fc20
iodine lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where internet access is firewalled, but DNS queries a re allowed. It runs on Linux, Mac OS X, FreeBSD, NetBSD, OpenBSD and Windows and needs a TUN/TAP device. The bandwidth is asymmetrical with...
openSUSE Security Update : exim (openSUSE-SU-2014:0983-1)
"Changes in exim : - Silence static checkers; beo1506. - update to 4.83 This release of Exim includes one incompatible fix : + the behavior of expansion of arguments to math comparison functions , was unexpected, expanding the values twice; CVE-2014-2972; bnc888520 This release contains the...
[SECURITY] Fedora 20 Update: wireshark-1.10.9-1.fc20
Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...
RedHat Update for kernel RHSA-2014:0981-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 6 : kernel (RHSA-2014:0981)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0981 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the...
JVN#94791545: FuelPHP vulnerable to remote code execution
FuelPHP is a PHP web framework for creating web applications. FuelPHP applications contain an issue in the RequestCurl class, which may result in arbitrary code execution. Impact When specially crafted input is processed, arbitrary files may be deleted or arbitrary code may be executed on the...
Tinba Banker Trojan Source Code Posted
The source code for Tinba, known as the smallest banker Trojan in circulation, has been posted on an underground forum. Researchers say that the files turned out to be the source code for version one of Tinba, which was identified in 2012, and is the original, privately sold version of the...
ShoutPro <= 1.5.2 (shout.php) Remote Code Injection Exploit
No description provided by source. ?/ File: shoutbox.php Affects: ShoutPro 1.5.2 may affect earlier versions Date: 17th April 2007 Issue Description: =========================================================================== ShoutPro 1.5.2 fails to fully sanitize user input $shout that it writes...
EMC ApplicationXtender (KeyWorks) ActiveX Control Buffer Overflow
No description provided by source. $Id: emcappextenderkeyworks.rb 10998 2010-11-11 22:43:22Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
my-colex 1.4.2 (ab/xss/sql) Multiple Vulnerabilities
No description provided by source. || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! --...
Tolis Group BRU 17.0 - Local Root Exploit (1)
No description provided by source. source: http://www.securityfocus.com/bid/8215/info It has been reported that BRU may not properly parse commandline arguments, potentially leading to at least two vectors of exploitation. It may be possible for local attackers to conduct format string-based...
Python 2.2/2.3 Documentation Server Error Page Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7353/info It has been reported that the Python Documentation Server is vulnerable to a cross-site scripting problem in error pages. Because of this, an attacker could potentially cause the execution of malicious HTML and...
Collabtive 0.65 - Multiple Vulnerabilities
No description provided by source. ANATOLIA SECURITY ADVISORY ------------------------------------ ADVISORY INFO + Title: Collabtive Multiple Vulnerabilities + Advisory URL: http://www.anatoliasecurity.com/adv/as-adv-2010-003.txt + Advisory ID: 2010-003 + Version: 0.65 + Date: 12/10/2010 + Impact...