Oracle Linux 4 : cyrus-sasl (ELSA-2007-0795)

From Red Hat Security Advisory 2007:0795 : An updated cyrus-sasl package that addresses a security issue and fixes various other bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The cyrus-sas...

Oracle Linux 4 : kernel (ELSA-2010-0718)

From Red Hat Security Advisory 2010:0718 : Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, whi...

CVE-2013-4688

flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MSRPC Application Layer Gateway ALG is enabled, allows remote attackers to cause a denial of service daemon crash via crafted MSRPC requests, aka PR 772834...

Code injection

flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MSRPC Application Layer Gateway ALG is enabled, allows remote attackers to cause a denial of service daemon crash via crafted MSRPC requests, aka PR 772834...

Design/Logic Flaw

flowd in Juniper Junos 10.4 before 10.4S14, 11.2 and 11.4 before 11.4R6-S2, and 12.1 before 12.1R6 on SRX devices, when certain Application Layer Gateways ALGs are enabled, allows remote attackers to cause a denial of service daemon crash via crafted TCP packets, aka PRs 727980, 806269, and 83559...

CVE-2013-4688

flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MSRPC Application Layer Gateway ALG is enabled, allows remote attackers to cause a denial of service daemon crash via crafted MSRPC requests, aka PR 772834...

OpenJDK: JConsole SSL support (Serviceability, 8003703)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serviceability. NOTE: the previous information is from the...

SSL/TLS: CBC padding timing attack (lucky-13)

The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...

OpenJDK: JConsole SSL support (Serviceability, 8003703)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serviceability. NOTE: the previous information is from the...

Ubuntu: Security Advisory (USN-1877-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1877-1)

Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 An information leak was discovered in the Linux kernel's rcvmsg path for ATM...

Ubuntu 12.04 LTS : linux vulnerabilities (USN-1878-1)

An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. CVE-2013-0160 A flaw was discovered in the Linux...

Ubuntu 10.04 LTS : linux vulnerabilities (USN-1876-1)

Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 An information leak was discovered in the Linux kernel's rcvmsg path for ATM...

USN-1881-1: Linux kernel vulnerabilities

Andy Lutomirski discover an error in the Linux kernel's credential handling on unix sockets. A local user could exploit this flaw to gain administrative privileges. CVE-2013-1979 An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local...

USN-1877-1: Linux kernel (EC2) vulnerabilities

Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 An information leak was discovered in the Linux kernel's rcvmsg path for ATM...

Ubuntu: Security Advisory (USN-1808-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Pizza Hut Japan Official Order App for Android. contains an issue where it fails to verify SSL server certificates

Overview Pizza Hut Japan Official Order App for Android. contains an issue where it fails to verify SSL server certificates. Shunsuke Taniguchi of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impac...

CentOS Update for gnutls CESA-2013:0883 centos6

Check for the Version of gnutls OpenVAS Vulnerability Test CentOS Update for gnutls CESA-2013:0883 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

CentOS Update for gnutls CESA-2013:0883 centos5

Check for the Version of gnutls OpenVAS Vulnerability Test CentOS Update for gnutls CESA-2013:0883 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

Fedora Update for python-backports-ssl_match_hostname FEDORA-2013-8694

Check for the Version of python-backports-sslmatchhostname OpenVAS Vulnerability Test Fedora Update for python-backports-sslmatchhostname FEDORA-2013-8694 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; y...