DEBIAN-CVE-2013-4301

includes/resourceloader/ResourceLoaderContext.php in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allows remote attackers to obtain sensitive information via a "" open angle bracket character in the lang parameter to w/load.php, which reveals the installation pat...

OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previou...

OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previou...

Debian Security Advisory DSA 2775-1 (ejabberd - insecure SSL usage)

It was discovered that ejabberd, a Jabber/XMPP server, uses SSLv2 and weak ciphers for communication, which are considered insecure. The software offers no runtime configuration options to disable these. This update disables the use of SSLv2 and weak ciphers. The updated package for Debian 7 whee...

WebAssist PowerCMS PHP - Multiple Web Vulnerabilities

Document Title: =============== WebAssist PowerCMS PHP - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1098 Release Date: ============= 2013-09-27 Vulnerability Laboratory ID VL-ID: ==================================== 1098...

Cisco Content Switching Module Layer 7 Load Balancing DoS

According to its self-reported version number, the Cisco Content Switching Module in the remote switch may be affected by a denial of service vulnerability. The vulnerability exists when the CSM or CSM-S is configured for layer 7 load balancing. An attacker can trigger this vulnerability when the...

Fedora 20 : icedtea-web-1.4.1-0.fc20 (2013-16971)

Updated to icedtea-web 1.4.1 New in release 1.4.1 2013-XX-YY : - Improved and cleaned Temporary internet files panel - PR1465 - java.io.FileNotFoundException while trying to download a JAR file - PR1473 - javaws should not depend on name of local file - PR854: Resizing an applet several times...

DEBIAN-CVE-2013-4234

Multiple heap-based buffer overflows in the 1 abcMIDIdrum and 2 abcMIDIgchord functions in loadabc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service memory corruption and crash and possibly execute arbitrary code via a crafted ABC...

UBUNTU-CVE-2013-4234

Multiple heap-based buffer overflows in the 1 abcMIDIdrum and 2 abcMIDIgchord functions in loadabc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service memory corruption and crash and possibly execute arbitrary code via a crafted ABC...

Cisco Application Control Engine (ACE) Version

Cisco Application Control Engine ACE software is installed on the remote Cisco IOS or ACE device. It is a load-balancing and application-delivery solution for Cisco Catalyst 6500 Series switches and Cisco 7600 Series routers, and it is also available as an appliance. TRUSTED...

Fedora Update for lighttpd FEDORA-2013-15345

Check for the Version of lighttpd OpenVAS Vulnerability Test Fedora Update for lighttpd FEDORA-2013-15345 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) Missing DLL

This module exploits a missing DLL loaded by the 'IKE and AuthIP Keyring Modules' IKEEXT service which runs as SYSTEM, and starts automatically in default installations of Vista-Win8. It requires an insecure bin path to plant the DLL payload. This module requires Metasploit:...

Moderate: Red Hat Security Advisory: haproxy security update

An updated haproxy package that fixes one security issue is now available for Red Hat OpenShift Enterprise 1.2.2. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

[SECURITY] Fedora 18 Update: lighttpd-1.4.32-1.fc18

Secure, fast, compliant and very flexible web-server which has been optimiz ed for high-performance environments. It has a very low memory footprint compa red to other webservers and takes care of cpu-load. Its advanced feature-set FastCGI, CGI, Auth, Output-Compression, URL-Rewriting and many mo...

SOL14634 - SSL/TLS BREACH vulnerability CVE-2013-3587

Vulnerability Recommended Actions To mitigate this vulnerability, you can disable HTTP compression, or only enable HTTP compression for static content. For information about configuring HTTP compression, refer to the product guides for your specific product and version. Impact of action: Slower...

CentOS Update for haproxy CESA-2013:1120 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

haproxy security update

CentOS Errata and Security Advisory CESA-2013:1120 An updated haproxy package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...

Moderate: Red Hat Security Advisory: haproxy security update

An updated haproxy package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Cisco GSS Version

The remote host is running GSS, an operating system for Cisco load balancers. It is possible to read the GSS version number by connecting to the router by SSH or by using SNMP. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid68960; scriptversion"1.6";...

Oracle Linux 5 : kernel (ELSA-2010-0398)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0398 advisory. - xen arpl on MMIO area crashes the guest Paolo Bonzini 572979 572982 CVE-2010-0730 - misc kernel: fix elf load DoS on x8664 Danny Feng 560552 560553...