CentOS 6 : kernel (CESA-2013:0830)

Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

CentOS Update for kernel CESA-2013:0830 centos6

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2013:0830 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

Mandriva Linux Security Advisory : stunnel (MDVSA-2013:130)

Updated stunnel packages fix security vulnerability : stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a...

CentOS Update for stunnel CESA-2013:0714 centos6

Check for the Version of stunnel OpenVAS Vulnerability Test CentOS Update for stunnel CESA-2013:0714 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

RedHat Update for stunnel RHSA-2013:0714-01

Check for the Version of stunnel OpenVAS Vulnerability Test RedHat Update for stunnel RHSA-2013:0714-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CentOS Update for stunnel CESA-2013:0714 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 6 : stunnel (CESA-2013:0714)

An updated stunnel package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Scientific Linux Security Update : stunnel on SL6.x i386/x86_64 (20130408)

An integer conversion issue was found in stunnel when using Microsoft NT LAN Manager NTLM authentication with the HTTP CONNECT tunneling method. With this configuration, and using stunnel in SSL client mode on a 64-bit system, an attacker could possibly execute arbitrary code with the privileges ...

Moderate: Red Hat Security Advisory: stunnel security update

An updated stunnel package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2013-1762

stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow...

CVE-2013-1762

CVE-2013-1762 affects stunnel 4.21–4.54 when NTLM authentication and CONNECT protocol negotiation are enabled. A mis-handled integer conversion can trigger a buffer overflow, allowing a remote attacker to execute arbitrary code via a crafted request to a proxy. Connected advisories consistently c...

Scientific Linux Security Update : pki-core on SL6.x i386/x86_64 (20130221)

Note: The Certificate Authority component provided by this advisory cannot be used as a standalone server. It is installed and operates as a part of Identity Management the IPA component in Scientific Linux. Multiple cross-site scripting flaws were discovered in Certificate System. An attacker...

Mod_proxy From Apache 1.3 Integer Overflow

Name: Modproxy from apache 1.3 - Integer overflow which causes heap overflow. Author: Adam Zabrocki or Date: Jan 27, 2010 Issue: Modproxy from apache 1.3.xx tested on latest version - 1.3.41 allows local and remote attackers to overflow buffer on heap via integer overflow vulnerability...

Design/Logic Flaw

The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a...

CVE-2009-4035

The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a...

CVE-2009-4035

The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a...

CVE-2009-4035

The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a...

Pu Arcade component for Joomla - SQL injection

I discovered a vulnerability in Component PUARCADE for joomla the last version is vulnerable . SQL Injection vulnerability in puarcade.class.php = V. 2.2 , component for JOOMLA...

MIT Kerberos kadmind RPC library gssrpc__svcauth_unix() integer conversion error

Overview The MIT Kerberos administration daemon kadmind contains an integer conversion error vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Description The gssrpcsvcauthunix function used by the Kerberos administration...