Moderate: Red Hat Bug Fix Advisory: mod_nss bug fix update

Updated modnss packages that fix multiple bugs are now available for Red Hat Enterprise Linux 5. The modnss module provides strong cryptography for the Apache HTTP Server via the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, using the Network Security Services NSS security...

FreeBSD : puppet -- multiple vulnerabilities (101f0aae-52d1-11e2-87fe-f4ce46b9ace8)

puppet -- multiple vulnerabilities Arbitrary file read on the puppet master from authenticated clients high. It is possible to construct an HTTP get request from an authenticated client with a valid certificate that will return the contents of an arbitrary file on the Puppet master that the maste...

Design/Logic Flaw

org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service infinite loop by terminating the connection during the reading of a...

CVE-2012-4534

Removed by vendor...

CVE-2012-4534

org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service infinite loop by terminating the connection during the reading of a...

Novell File Reporter FSFUI File Upload

Added: 12/17/2012 CVE: CVE-2012-4959 BID: 56579 OSVDB: 87573 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where...

Novell File Reporter FSFUI File Upload

Added: 12/17/2012 CVE: CVE-2012-4959 BID: 56579 OSVDB: 87573 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where...

Microsoft Windows multiple security vulnerabilities

Buffer overflow on OpenType and TrueType fonts parsing, memory corruption on filname handling, DirectPlay buffer overflow, DirectAccess IP-HTTPS insufficient certificate check...

CVE-2012-2549

The IP-HTTPS server in Windows Server 2008 R2 and R2 SP1 and Server 2012 does not properly validate certificates, which allows remote attackers to bypass intended access restrictions via a revoked certificate, aka "Revoked Certificate Bypass Vulnerability."...

CVE-2012-2549

The IP-HTTPS server in Windows Server 2008 R2 and R2 SP1 and Server 2012 does not properly validate certificates, which allows remote attackers to bypass intended access restrictions via a revoked certificate, aka "Revoked Certificate Bypass Vulnerability."...

Microsoft Windows IP-HTTPS Component Security Feature Bypass Vulnerability (2765809)

This host is missing an important security update according to Microsoft Bulletin MS12-083. OpenVAS Vulnerability Test $Id: secpodms12-083.nasl 5351 2017-02-20 08:03:12Z mwiegand $ Microsoft Windows IP-HTTPS Component Security Feature Bypass Vulnerability 2765809 Authors: Sharath S Copyright:...

Microsoft Windows IP-HTTPS Component Security Feature Bypass Vulnerability (2765809)

This host is missing an important security update according to Microsoft Bulletin MS12-083. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2012-2549

CVE-2012-2549 affects the Windows IP-HTTPS component. The IP-HTTPS server in Windows Server 2008 R2, R2 SP1, and Server 2012 does not properly validate certificates, enabling a remote attacker to bypass access restrictions by presenting a revoked certificate. The CVSS base score is 5.8 (Network, ...

Microsoft Windows IP-HTTPS Server Revoked SSL Certificate Validation Security Bypass Vulnerability

Description Microsoft Windows is prone to a security-bypass vulnerability that affects the IP-HTTPS server component. Successful exploits may allow attackers to perform man-in-the-middle attacks or impersonate trusted clients, which will aid in further attacks. To exploit this issue an attacker...

MS12-083: Vulnerability in IP-HTTPS Component Could Allow Security Feature Bypass (2765809)

A security feature bypass vulnerability exists in Windows due to the way the IP-HTTPS Component handles certificates. The vulnerability could allow security feature bypass if an attacker presents a revoked certificate to an IP-HTTPS server commonly used in Microsoft DirectAccess deployments. To...

CVE-2012-4534 Apache Tomcat denial of service

CVE-2012-4534 Apache Tomcat denial of service Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Tomcat 7.0.0 to 7.0.27 - Tomcat 6.0.0 to 6.0.35 Description: When using the NIO connector with sendfile and HTTPS enabled, if a client breaks the connection while reading...

SVN wc.db Scanner

Scan for servers that allow access to the SVN wc.db file. Based on the work by Tim Meddin. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SVN wc.db Scanner', 'Description' = %q Scan for server...

Ubuntu Update for lynx-cur USN-1642-1

Ubuntu Update for Linux kernel vulnerabilities USN-1642-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16421.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for lynx-cur USN-1642-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Thi...

Ubuntu: Security Advisory (USN-1642-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

tomcat -- denial of service

The Apache Software Foundation reports: When using the NIO connector with sendfile and HTTPS enabled, if a client breaks the connection while reading the response an infinite loop is entered leading to a denial of service...