java security update

CentOS Errata and Security Advisory CESA-2013:0247 Updated java-1.7.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scorin...

CVE-2013-1624

The TLS implementation in the Bouncy Castle Java library before 1.48 and C library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attack...

Design/Logic Flaw

The TLS implementation in the Bouncy Castle Java library before 1.48 and C library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attack...

Important: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Important: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

CVE-2013-1624

The TLS implementation in the Bouncy Castle Java library before 1.48 and C library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attack...

CVE-2013-1624

Technical details for CVE-2013-1624 are not publicly available in the provided documents. Monitor for updates.

CVE-2013-1619

CVE-2013-1619 affects the TLS implementation in GnuTLS prior to 2.12.23, 3.0.x prior to 3.0.28, and 3.1.x prior to 3.1.7. The vulnerability arises from improper consideration of timing side-channel attacks on a noncompliant CBC padding check during processing of malformed CBC padding, enabling re...

CVE-2013-1624

The TLS implementation in the Bouncy Castle Java library before 1.48 and C library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attack...

Flaw in Intel Ethernet controller exposes to 'packet of death' attack

The hardware qualification is a very important issue, recent vulnerabilities discovered in network appliances of various manufacturer have alerted security community once again on the necessity to validate the hardware especially for large consume product. The last news is related to a...

CVE-2013-1620

The TLS implementation in Mozilla Network Security Services NSS does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attac...

CVE-2013-1619

The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks...

Fedora Update for libssh FEDORA-2013-1422

Check for the Version of libssh OpenVAS Vulnerability Test Fedora Update for libssh FEDORA-2013-1422 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

[SECURITY] Fedora 17 Update: libssh-0.5.4-1.fc17

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

CVE-2013-0440

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 7, allows remote attackers to affect availability via vectors related to JSSE. NOTE: the previous...

Broadcom UPnP Remote Preauth Root Code Execution

DefenseCode Security Advisory http://www.defensecode.com/ Broadcom UPnP Remote Preauth Root Code Execution Vulnerability Advisory ID: DC-2013-01-003 Advisory Title: Broadcom UPnP Remote Preauth Root Code Execution Vulnerability Advisory URL: http://www.defensecode.com/subcategory/advisories-28...

SuSE 11.1 Security Update : GnuTLS (SAT Patch Number 6448)

This update of GnuTLS fixes multiple vulnerabilities : - remote attackers could cause a denial of service heap memory corruption and application crash via an issue in the asn1getlengthder function. CVE-2012-1569 - crafted GenericBlockCipher structures allow remote attackers to cause a denial of...

SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6440)

PHP5 was updated with incremental fixes to the previous update. - Additional unsafe cgi wrapper scripts are also fixed now. CVE-2012-2335 - Even more commandline option handling is filtered, which could lead to crashes of the php interpreter. CVE-2012-2336 - heap-based buffer overflow in php's ph...

RHEL 5 : kernel (RHSA-2009:1672)

Updated kernel packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5.2 Extended Update Support. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the...

RHEL 5 : kernel (RHSA-2013:0168)

Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...