openSUSE: Security Advisory for libxml2 (openSUSE-SU-2012:1647-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

SuSE Update for libxml2 openSUSE-SU-2012:1647-1 (libxml2)

Check for the Version of libxml2 OpenVAS Vulnerability Test $Id: gbsuse201216471.nasl 8045 2017-12-08 08:39:37Z santu $ SuSE Update for libxml2 openSUSE-SU-2012:1647-1 libxml2 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This progra...

CentOS Update for libxml2 CESA-2013:0581 centos5

Check for the Version of libxml2 OpenVAS Vulnerability Test CentOS Update for libxml2 CESA-2013:0581 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

RedHat Update for libxml2 RHSA-2013:0581-01

Check for the Version of libxml2 OpenVAS Vulnerability Test RedHat Update for libxml2 RHSA-2013:0581-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CentOS Update for libxml2 CESA-2013:0581 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for libxml2 RHSA-2013:0581-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS 5 / 6 : libxml2 (CESA-2013:0581)

Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

libxml2 security update

CentOS Errata and Security Advisory CESA-2013:0581 Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS...

RHEL 5 / 6 : libxml2 (RHSA-2013:0581)

Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Scientific Linux Security Update : libxml2 on SL5.x, SL6.x i386/x86_64 (20130228)

A denial of service flaw was found in the way libxml2 performed string substitutions when entity values for entity references replacement was enabled. A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, would lead to excessiv...

libxml2: CPU consumption DoS when performing string substitutions during entities expansion

libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service CPU and memory consumption via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity...

Moderate: Red Hat Security Advisory: libxml2 security update

Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

libxml2 security update

2.7.6-12.0.1.el64.1 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.7.6-12.el64.1 -detect and stop excessive entities expansion upon replacement rhbz912574 2.7.6-12.el6 - fix out of range heap access CVE-2012-5134 2.7.6-11.el6 - Change the...

CVE-2013-0339

libxml2 through 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote attackers to cause a denial of service resource consumption, send HTTP requests to intranet servers,...

CVE-2013-0338

libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service CPU and memory consumption via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity...

texproc/expat2 -- billion laugh attack

Kurt Seifried reports: So here are the CVE's for the two big ones, libxml2 and expat. Both are affected by the expansion of internal entities which can be used to consume resources and external entities which can cause a denial of service against other services, be used to port scan, etc.. A...

libxml2 -- cpu consumption Dos

Kurt Seifried reports: libxml2 is affected by the expansion of internal entities which can be used to consume resources and external entities which can cause a denial of service against other services, be used to port scan, etc...

VMSA-2013-0001 : VMware vSphere security updates for the authentication service and third-party libraries

a. VMware vSphere client-side authentication memory corruption vulnerability VMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the handling of the management authentication protocol. To exploit this vulnerability, an attacker must convince either vCenter Server, vSphere...

CentOS Update for mingw32-libxml2 CESA-2013:0217 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for mingw32-libxml2 CESA-2013:0217 centos6

Check for the Version of mingw32-libxml2 OpenVAS Vulnerability Test CentOS Update for mingw32-libxml2 CESA-2013:0217 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...