Scientific Linux Security Update : tzdata enhancement update on SL5.x, SL6.x i386/x86_64 (20120719)

This update adds the following enhancements : Daylight Saving Time will be interrupted during the holy month of Ramadan in Morocco that is July 20 - August 19, 2012 in the Gregorian Calendar. This update incorporates the exception so that Daylight Saving Time is turned off and the time setting...

Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20120718)

The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFYSOURCE protection...

Scientific Linux Security Update : webkitgtk on SL6.x i386/x86_64

Multiple memory corruption flaws were found in WebKit. Malicious web content could cause an application using WebKitGTK+ to crash or, potentially, execute arbitrary code with the privileges of the user running the application. CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785,...

Scientific Linux Security Update : nss_ldap on SL5.x i386/x86_64

A race condition was discovered in nssldap which affected certain applications which make LDAP connections, such as Dovecot. This could cause nssldap to answer a request for information about one user with information about a different user. CVE-2007-5794 In addition, these updated packages fix t...

Scientific Linux Security Update : kvm on SL5.4 x86_64

CVE-2009-4031 kernel: KVM: x86 emulator: limit instructions to 15 bytes On x86 platforms, the doinsnfetch function did not limit the amount of instruction bytes fetched per instruction. Users in guest operating systems could leverage this flaw to cause large latencies on SMP hosts that could lead...

Scientific Linux Security Update : tzdata on SL5.x, SL6.x i386/x86_64 (20120523)

This update adds the following enhancements : - The following time-zone changes have been added to the zone info database: Haiti entered a period of Daylight Saving Time DST on March 11; Gaza Strip, West Bank and Syria entered a period of DST on March 30. This update has been placed in the securi...

Wireshark PPP And NFS Dissector Denial of Service Vulnerabilities - Windows

Wireshark is prone to denial of service vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark";...

CVE-2007-6754

The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD does not properly allocate memory, which makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, related to "integer rounding and...

Mozilla Products Memory Corruption Vulnerabilities - July12 (Mac OS X)

This host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmemcorrvulnjul12macosx.nasl 6445 2017-06-27 12:31:06Z santu $ Mozilla Products Memory Corruption Vulnerabilities - July12 Mac OS X Authors:...

Firefox < 14.0 Multiple Vulnerabilities

The installed version of Firefox is earlier than 14.0 and thus, is potentially affected by the following security issues : - Several memory safety issues exist, some of which could potentially allow arbitrary code execution. CVE-2012-1948, CVE-2012-1949 - An error related to drag and drop can all...

Firefox 10.0.x < 10.0.6 Multiple Vulnerabilities

The installed version of Firefox 10.0.x is potentially affected by the following security issues : - Several memory safety issues exist, some of which could potentially allow arbitrary code execution. CVE-2012-1948 - An error related to drag and drop can allow incorrect URLs to be displayed...

Content Security Policy 1.0 implementation errors cause data leakage — Mozilla

Security researcher Karthikeyan Bhargavan of Prosecco at INRIA reported Content Security Policy CSP 1.0 implementation errors. CSP violation reports generated by Firefox and sent to the "report-uri" location include sensitive data within the "blocked-uri" parameter. These include fragment...

CentOS 6 : nss (CESA-2012:0973)

Updated nss, nss-util, and nspr packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Network Security Services NSS is a set of...

nspr, nss security update

CentOS Errata and Security Advisory CESA-2012:0973 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2012-July/080886.html Affected packages: nspr nspr-devel nss nss-devel nss-pkcs11-devel nss-sysinit nss-tools nss-util nss-util-devel Upstream details at...

Monitoring of standalone hosts fails

Challenge No topology is created for standalone ESX/ESXi hosts. nworks logs contain the following errors: 0.0017 EXCOL+ VP120 retrieveHostProperties failed, buildMorList: zero count at nworksCore.Collectors.VimUtil.buildMorListList1 nodes at...

RedHat Update for bind-dyndb-ldap RHSA-2012:0683-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Wireshark Multiple Denial of Service Vulnerabilities - July 12 (Windows)

This host is installed with Wireshark and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gbwiresharkmultdosvulnwinjul12.nasl 6018 2017-04-24 09:02:24Z teissa $ Wireshark Multiple Denial of Service Vulnerabilities - July 12 Windows Authors: Madhuri D...

Wireshark Multiple Denial of Service Vulnerabilities - July 12 (Mac OS X)

This host is installed with Wireshark and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gbwiresharkmultdosvulnmacosxjul12.nasl 5958 2017-04-17 09:02:19Z teissa $ Wireshark Multiple Denial of Service Vulnerabilities - July 12 Mac OS X Authors: Madhuri D...

Debian DSA-2507-1 : openjdk-6 - several vulnerabilities

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform. - CVE-2012-1711 CVE-2012-1719 Multiple errors in the CORBA implementation could lead to breakouts of the Java sandbox. - CVE-2012-1713 Missing input sanitising in the font manager could lead to...

CVE-2012-3375

The epollctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLLCTLADD operations, which allows local users to cause a denial of service file-descriptor consumption and system crash via a crafted application that attempts to create a...