CentOS 6 : ruby (CESA-2012:0069)

Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

ruby security update

CentOS Errata and Security Advisory CESA-2012:0069 Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score...

irb, ruby security update

CentOS Errata and Security Advisory CESA-2012:0070 Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

CVE-2012-0039

GLib 2.31.8 and earlier, when the gstrhash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash...

CVE-2012-0039

GLib 2.31.8 and earlier, when the gstrhash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash...

PT-2012-2257 · Gnome +1 · Glib +1

Name of the Vulnerable Software and Affected Versions: GLib versions 2.31.8 and earlier Description: The issue allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table, because the g str hash function computes...

New Version of OpenSSL Fixes Six Flaws

A new version of the OpenSSL package has been released, fixing six vulnerabilities, including a plaintext recovery attack on the DTLS implementation. There are two other cryptographic flaws fixed in OpenSSL 1.0.0f, and a few other less-serious problems. The most problematic of the vulnerabilities...

n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2011.004 28-Dec-2011 Vendors: PHP, http://www.php.net Oracle, http://www.oracle.com Microsoft, http://www.microsoft.com Python, http://www.python.org Ruby, http://www.ruby.org Google, http://www.google.com Affected Products: PHP 4 and ...

PlayStation Network Security Update !

On Tuesday, April 26 Sony shared that some information that was compromised in connection with an illegal and unauthorized intrusion into our network. Once again, Sony'd like to apologize to the many users who were inconvenienced and worried about this situation. Sony want to state this again giv...

NIST Announces SHA-3 Hash Function Finalists

The National Institute of Standards and Technology has chosen the five finalists for the last round of its competition to find the next hash function standard. The SHA-3 finalists include Skein, developed by a group including Bruce Schneier and Jon Callas. The other four SHA-3 finalists are BLAKE...

FreeBSD Security Advisory (FreeBSD-SA-10:05.opie.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-10:05.opie.asc SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

RSA 2010: Experts Expect Several Ciphers to Be Cracked Soon

Cryptographers are expecting several of the major cryptographic systems in use today to be broken in the near future. In the Cryptographers Panel session at the RSA Conference Tuesday, Adi Shamir said that he is working with a team of researchers who have put together a paper that describes an...

FreeBSD Security Advisory (FreeBSD-SA-06:12.opie.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:12.opie.asc ADV FreeBSD-SA-06:12.opie.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft In...

FreeBSD Security Advisory (FreeBSD-SA-06:12.opie.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:12.opie.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

MOODLE <= 1.5.2 user password read out

--/ INTRODUCTION -- / Advisory : MOODLE = 1.5.2 user password read out Release Date : 17. March 2007 Application : Moodle.org is a course management system CMS : to help educators create effective online learning communities. Impact : read out user account passwords in md5 hash Googledork :...

PHP <= 5.2.1 hash_update_file() Freed Resource Usage Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | \| || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / //...

PHP <= 5.2.1 hash_update_file() Freed Resource Usage Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

MOPB-22-2007:PHP session_regenerate_id() Double Free Vulnerability

Summary The sessionregenerateid function that is used to generate a new session identifier fails to clear an already freed pointer to the former session identifier before calling the session identifier generator. When this generator triggers an error this can result in a double free that is easil...

CVE-2004-0594

The memorylimit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when registerglobals is enabled, allows remote attackers to execute arbitrary code by triggering a memorylimit abort during execution of the zendhashinit function and overwriting a...

DoS for Ganglia

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Center for High Performance Computing at UNM / Dopesquad Security Advisory Wed Nov 5 13:10:35 MST 2003 Discovery made by: James E. Prewett [email protected] Product: Ganglia Versions: 2.5.3 tested There is an error in Ganglia's gmond such that...