CVE-2011-4137

The verifyexists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote attackers to cause a denial of service resource consumption via a URL associated with...

Critical: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

CVE-2011-3231

CVE-2011-3231 affects Apple Safari before 5.1.1 on Mac OS X before 10.7. The SSL implementation accesses uninitialized memory during X.509 certificate processing, enabling remote code execution via a crafted certificate. Public records include the NVD entry, vulnerability lists, and Apple’s advis...

Microsoft Office Graph DataFormat Signed Index Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office 2007. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2011-3324

Removed by vendor...

CVE-2011-3324

The ospf6lsaischanged function in ospf6lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service assertion failure and daemon exit via trailing zero values in the Link State Advertisement LSA header list of an IPv6 Database...

CVE-2011-1768

The tunnels implementation in the Linux kernel before 2.6.34, when tunnel functionality is configured as a module, allows remote attackers to cause a denial of service OOPS by sending a packet during module loading...

Memory corruption

Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service memory consumption or device reload by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672...

CVE-2011-0946

CVE-2011-0946 involves a vulnerability in Cisco IOS/NAT where NAT for NetMeeting Directory (LDAP) can be triggered by malformed LDAP traffic, causing a DoS (device reload or hang). Affected are Cisco IOS releases 12.1–12.4 and 15.0–15.1, plus IOS XE 3.1.xSG. The weakness is within the NAT transla...

CVE-2011-0946

The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service device reload or hang via malformed NetMeeting Directory aka Internet Locator Service or ILS LDAP traffic, aka Bug ID CSCtd10712...

CVE-2011-3279

CVE-2011-3279 affects Cisco IOS NAT for provider-edge MPLS NAT on Cisco IOS 12.1–12.4 and 15.0–15.1, and IOS XE 3.1.xSG. A malformed SIP packet sent to UDP 5060 can cause a device reload (DoS) on vulnerable MPLS NAT devices. The Cisco PSIRT advisory CSCti98219 documents this vulnerability and pro...

Cisco Unified Communications Manager memory leak

Memory leaks in SIP implementation...

Apache Tomcat digest authentication vulnerabilities

Multiple implementation errors make authentication vulnerable to different attacks...

Ubuntu Update for linux-fsl-imx51 USN-1204-1

Ubuntu Update for Linux kernel vulnerabilities USN-1204-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12041.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-fsl-imx51 USN-1204-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

Ubuntu Update for linux-ti-omap4 USN-1202-1

Ubuntu Update for Linux kernel vulnerabilities USN-1202-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12021.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-ti-omap4 USN-1202-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.n...

Design/Logic Flaw

The ACL implementation in Cisco NX-OS 5.02 and 5.03 before 5.03N21 on Nexus 5000 series switches, and NX-OS before 5.03U12a on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in...

[SECURITY] [DSA 2303-2] New linux-2.6 packages fix regression

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-2303-2 [email protected] http://www.debian.org/security/ Dann Frazier September 10, 2011 http://www.debian.org/security/faq -...

Mozilla Releases Field Guide to Do Not Track

Mozilla has released a comprehensive guide to the use and implementation of the Do Not Track technology that’s included in its Firefox browser, in an effort to give developers and advertisers a better handle on how the technology works and how users are taking advantage of it. The Do Not Track...

Mozilla Products Information Disclosure and Security Bypass Vulnerabilities (Windows)

The host is installed with Mozilla firefox/seamonkey and is prone to information disclosure and security bypass vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtssecbypassninfodiscvulnwin.nasl 7029 2017-08-31 11:51:40Z teissa $ Mozilla Products Information Disclosure and Security...

Debian DSA-2303-2 : linux-2.6 - privilege escalation/denial of service/information leak

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-1020 Kees Cook discovered an issue in the /proc filesystem that allows loc...