USN-1805-1: Linux kernel vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's getsockname implementation for Logical Link Layer llc sockets. A local user could exploit this flaw to examine some of the kernel's stack memory. CVE-2012-6542 Mathias Krause discovered information leaks in the Linux kernel's...

CVE-2013-1538

Unspecified vulnerability in the Network Layer component in Oracle Database Server 11.2.0.2 and 11.2.0.3 allows remote attackers to affect availability via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect availability via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Network Layer component in Oracle Database Server 11.2.0.2 and 11.2.0.3 allows remote attackers to affect availability via unknown vectors...

CVE-2013-1554

Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect availability via unknown vectors...

CVE-2013-1538

Unspecified vulnerability in the Network Layer component in Oracle Database Server 11.2.0.2 and 11.2.0.3 allows remote attackers to affect availability via unknown vectors...

CVE-2013-1538

CVE-2013-1538 affects Oracle Database Server 11.2.0.2 and 11.2.0.3 in the Network Layer component, enabling remote impact to availability via unknown vectors. The vulnerability is described as unspecified in the Network Layer, with no exploited details provided in the initial or connected documen...

CVE-2013-1554

CVE-2013-1554 affects Oracle Database Server (versions 10.2.0.4/10.2.0.5/11.1.0.7/11.2.0.2/11.2.0.3) with an unspecified vulnerability in the Network Layer component that could allow remote attackers to impact availability via unknown vectors. The risk is described as a network-exposed issue with...

Oracle Database Multiple Vulnerabilities (April 2013 CPU)

The remote Oracle database server is missing the April 2013 Critical Patch Update CPU and is, therefore, potentially affected by security issues in the following components : - Workload Manager - Network Layer %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

Fedora Update for libuv FEDORA-2012-20578

Check for the Version of libuv OpenVAS Vulnerability Test Fedora Update for libuv FEDORA-2012-20578 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

[SECURITY] Fedora 18 Update: libuv-0.10.3-1.fc18

libuv is a new platform layer for Node. Its purpose is to abstract IOCP on Windows and libev on Unix systems. We intend to eventually contain all plat form differences in this library...

CVE-2013-1145

CVE-2013-1145 affects Cisco IOS Software with Zone-Based Policy Firewall SIP application layer gateway inspection enabled. A memory leak in the SIP inspection path can be triggered by malformed SIP messages, leading to denial of service via memory exhaustion or device reload. Affected Cisco IOS r...

DEBIAN-CVE-2013-1654

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to conduct SSLv2 downgrade attacks against SSLv3 sessions via unspecified vectors...

On some web vulnerability principle superficial awareness-vulnerability warning-the black bar safety net

Actually always wanted to write such an article but the total there is low end in each God's eyes, perhaps into the not discernment but still decided to write out own of these experience In fact, a lot of sites the existence of vulnerabilities of the reasons there are a variety of, I can only by ...

Fedora Update for gnutls FEDORA-2013-2984

Check for the Version of gnutls OpenVAS Vulnerability Test Fedora Update for gnutls FEDORA-2013-2984 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

CVE-2013-2566

The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext...

SSL/TLS: CBC padding timing attack (lucky-13)

The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...

SSL/TLS CRIME attack against HTTPS

The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differenc...

CentOS Update for openssl CESA-2013:0587 centos6

Check for the Version of openssl OpenVAS Vulnerability Test CentOS Update for openssl CESA-2013:0587 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Fedora Update for gnutls FEDORA-2013-2892

Check for the Version of gnutls OpenVAS Vulnerability Test Fedora Update for gnutls FEDORA-2013-2892 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...