Design/Logic Flaw

d1both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service memory consumption via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values...

Memory corruption

Memory leak in d1both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service memory consumption via zero-length DTLS fragments that trigger improper handling of the return value of a certain...

CVE-2014-3512

Multiple buffer overflows in crypto/srp/srplib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via an invalid SRP 1 g, 2 A, or 3 B parameter...

CVE-2014-3512

Multiple buffer overflows in crypto/srp/srplib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via an invalid SRP 1 g, 2 A, or 3 B parameter...

CVE-2014-3337

The SIP implementation in Cisco Unified Communications Manager CM 8.6.2 and earlier allows remote authenticated users to cause a denial of service process crash via a crafted SIP message that is not properly handled during processing of an XML document, aka Bug ID CSCtq76428...

Debian DSA-3000-1 : krb5 - security update

Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2014-4341 An unauthenticated remote attacker with the ability to inject packets into a legitimately established GSSAPI...

[SECURITY] [DSA 3000-1] krb5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3000-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 09, 2014 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 3000-1 (krb5 - security update)

Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-4341 An unauthenticated remote attacker with the ability to inject packets into a legitimately established GSSAPI...

DSA-3000-1 krb5 - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3000-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenSSL 1.0.1 < 1.0.1i Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.1i. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.1i advisory. - The sslsetclientdisabled function in t1lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service...

Oracle Linux 7 : kernel (ELSA-2014-1023)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1023 advisory. - net l2tpppp: fail when socket option level is not SOLPPPOL2TP Petr Matousek 1119465 1119466 CVE-2014-4943 - x86 ptrace: force IRET path after a...

CentOS 7 : kernel (CESA-2014:1023)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2014:1023 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scorin...

openSUSE Security Update : kernel (openSUSE-SU-2014:0957-1)

The Linux Kernel was updated to fix various bugs and security issues. CVE-2014-4699: The Linux kernel on Intel processors did not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allowed local users to leverage a...

Debian DSA-2993-1 : tor - security update

Several issues have been discovered in Tor, a connection-based low-latency anonymous communication system, resulting in information leaks. - Relay-early cells could be used by colluding relays on the network to tag user circuits and so deploy traffic confirmation attacks CVE-2014-5117. The update...

SuSE 11.3 Security Update : PHP 5.3 (SAT Patch Number 9537)

PHP 5.3 has been updated to fix several security problems : - The SPL component in PHP incorrectly anticipated that certain data structures will have the array data type after unserialization, which allowed remote attackers to execute arbitrary code via a crafted string that triggers use of a...

CentOS 5 : kernel (CESA-2014:0926)

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2298-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2298-1 advisory. A type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this t...

RHEL 6 : MRG (RHSA-2013:0829)

Updated kernel-rt packages that fix several security issues and multiple bugs are now available for Red Hat Enterprise MRG 2.3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...