4420 matches found
[SECURITY] Fedora 18 Update: nagios-3.4.4-1.fc18
Nagios is a program that will monitor hosts and services on your network. It has the ability to send email or page alerts when a problem arises and when a problem is resolved. Nagios is written in C and is designed to run under Linux and some other NIX variants as a background process,...
[SECURITY] Fedora 17 Update: nagios-3.4.4-1.fc17
Nagios is a program that will monitor hosts and services on your network. It has the ability to send email or page alerts when a problem arises and when a problem is resolved. Nagios is written in C and is designed to run under Linux and some other NIX variants as a background process,...
[SECURITY] Fedora 16 Update: nagios-3.4.4-1.fc16
Nagios is a program that will monitor hosts and services on your network. It has the ability to send email or page alerts when a problem arises and when a problem is resolved. Nagios is written in C and is designed to run under Linux and some other NIX variants as a background process,...
libvirt security and bug fix update
0.8.2-29.0.1.el5 - Replaced docs/et.png in tarball - remove virshtest from test cases to fix failure in mock build root libvirt-0.8.2-29.el5 - Coverity pointed out an use after free in the fix for 816601 rhbz772848 libvirt-0.8.2-28.el5 - qemu: Rollback on used USB devices rhbz816601 - qemu: Don't...
OpenIPMI security, bug fix, and enhancement update
2.0.16-16.el5 - ipmitool: fix ipmi command retry shifts replies 863310 2.0.16-15.el5 - ipmitool: added -b, -B, -l and -T options to ipmitool man page 846596 - ipmitool: fixed man page documentation for delloem setled command 797050 2.0.16-14.el5 - ipmitool: fixed wrong permissions on ipmievd.pid...
Low: Red Hat Security Advisory: OpenIPMI security, bug fix, and enhancement update
Updated OpenIPMI packages that fix one security issue, multiple bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which give...
Debian DSA-2600-1 : cups - privilege escalation
Jann Horn discovered that users of the CUPS printing system who are part of the lpadmin group could modify several configuration parameters with security impact. Specifically, this allows an attacker to read or write arbitrary files as root which can be used to elevate privileges. This update...
Debian Security Advisory DSA 2600-1 (cups - privilege escalation)
Jann Horn discovered that users of the CUPS printing system who are part of the lpadmin group could modify several configuration parameters with security impact. Specifically, this allows an attacker to read or write arbitrary files as root which can be used to elevate privileges. This update...
DSA-2586-1 perl - several
Bulletin has no description...
ESA-2012-054: RSA ® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerabilities
ESA-2012-054.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-054: RSA ® Adaptive Authentication On-Premise Cross-Site Scripting Vulnerabilities EMC Identifier: ESA-2012-054 CVE Identifier: CVE-2012-4611 Severity Rating: CVSS v2 Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Affected...
[SECURITY] Fedora 16 Update: mantis-1.2.12-1.fc16
Mantis is a free popular web-based issue tracking system. It is written in the PHP scripting language and works with MySQL, MS SQL, and PostgreSQL databases and a web server. Almost any web browser should be able to function as a client. Documentation can be found in: /usr/share/doc/mantis-1.2.12...
CVE-2012-3431
The Teiid Java Database Connectivity JDBC socket, as used in JBoss Enterprise Data Services Platform before 5.3.0, does not encrypt login messages by default contrary to documentation and specification, which allows remote attackers to obtain login credentials via a man-in-the-middle MITM attack...
[SECURITY] Fedora 18 Update: mantis-1.2.12-1.fc18
Mantis is a free popular web-based issue tracking system. It is written in the PHP scripting language and works with MySQL, MS SQL, and PostgreSQL databases and a web server. Almost any web browser should be able to function as a client. Documentation can be found in: /usr/share/doc/mantis-1.2.12...
[ISME v0.7] IP Phone Scanning Made Easy
ISME is a small framework to test IP phones from several editors. It can gather information from IP phone infrastructures, test their web servers for default login/password combinations, and also implement attacks against the systems. ISME has been written in perl with a perl/Tk interface to...
(RHSA-2012:1438) Low: Red Hat Enterprise Virtualization 2 End of Life Extension
Red Hat has updated the support life cycle for Red Hat Enterprise Virtualization version 2, extending the end of life for version 2 from November 3rd 2012 until March 1st 2013. During this period customers are recommended to upgrade their existing Red Hat Enterprise Virtualization RHEV 2.x...
[SECURITY] Fedora 17 Update: dokuwiki-0-0.14.20121013.fc17
DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at crea ting documentation of any kind. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...
FreeBSD : django -- multiple vulnerabilities (5f326d75-1db9-11e2-bc8f-d0df9acfd7e5)
The Django Project reports : - Host header poisoning Some parts of Django -- independent of end-user-written applications -- make use of full URLs, including domain name, which are generated from the HTTP Host header. Some attacks against this are beyond Django's ability to control, and require t...
[SECURITY] Fedora 18 Update: dokuwiki-0-0.14.20121013.fc18
DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at crea ting documentation of any kind. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...
Inactive users still receiving emails from "Send email" function
The JIRA documentation for deactivating users says, bq. Will not receive any email notifications from JIRA, even if they continue to remain the assignee, reporter, or watchers of issues. However, when users have been marked as inactive they are not excluded from emails sent to groups via the 'Sen...
Design/Logic Flaw
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Siebel Documentation...