Debian: Security Advisory (DSA-541)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 152-1 (l2tpd)

The remote host is missing an update to l2tpd announced via advisory DSA 152-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-986-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1070-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 10 Security Update : kernel (kernel-4752)

This kernel update fixes the following security problems : ++ CVE-2007-3104: The sysfsreaddir function in the Linux kernel 2.6 allows local users to cause a denial of service kernel OOPS by dereferencing a NULL pointer to an inode in a dentry. ++ CVE-2007-4997: A 2 byte buffer underflow in the...

CVE-2007-6521

Unspecified vulnerability in Opera before 9.25 allows remote attackers to execute arbitrary code via crafted TLS certificates...

Design/Logic Flaw

Unspecified vulnerability in Cisco Firewall Services Module FWSM 3.23 allows remote attackers to cause a denial of service device reload via crafted "data in the control-plane path with Layer 7 Application Inspections."...

Java Secure Socket Extension Does Not Correctly Process SSL/TLS Handshake Requests Resulting in a Denial of Service (DoS) Condition

The Java Secure Socket Extension JSSE in Sun JDK and JRE 6 Update 1 and earlier, JDK and JRE 5.0 Updates 7 through 11, and SDK and JRE 1.4.211 through 1.4.214, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service CPU consumption via certain SSL/TLS handshake...

Debian DSA-1428-2 : linux-2.6 - several vulnerabilities

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : This is an update to DSA 1428-1 which omitted a reference...

PEAR::MDB2: Information disclosure

Background PEAR::MDB2 is a database abstraction layer for PHP aimed to provide a common API for all supported relational database management systems. A LOB "large object" is a database field holding binary data. Description priyadi discovered that the request to store a URL string as a LOB is...

Directory traversal

Directory traversal vulnerability in region.php in KML share 1.1 allows remote attackers to read arbitrary files via a .. dot dot in the layer parameter...

CVE-2007-6212

Directory traversal vulnerability in region.php in KML share 1.1 allows remote attackers to read arbitrary files via a .. dot dot in the layer parameter...

Moderate: Red Hat Security Advisory: openssl security and bug fix update

Updated OpenSSL packages that correct a security issue and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 an...

Net: HTTP insufficient verification of SSL certificate

The connect method in lib/net/http.rb in the 1 Net::HTTP and 2 Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName CN field in a server certificate matches the domain name in an HTTPS request, which makes it easier for remote attackers to intercept SSL transmissions v...

Incomplete fix for CVE-2007-0720 CUPS denial of service

The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation...

Important: Red Hat Security Advisory: cups security update

Updated cups packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Common UNIX Printing System CUPS provides a portable printing layer for UNIXR operatin...

Wireshark crashes when inspecting MMS traffic

Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed 1 SSL or 2 MMS packets that trigger an infinite loop...

Important: kernel security update

2.6.9-55.0.12.0.1 - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix for nfs open call taking longer issue Chuck Lever orabug 5580407 bz 219412 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with rds Zach...

Mandrake Linux Security Advisory : kernel (MDKSA-2007:195)

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel : A stack-based buffer overflow in the random number generator could allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool si...

openssl security update

CentOS Errata and Security Advisory CESA-2007:0813 Updated OpenSSL packages that correct security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that...