FreeBSD : chromium -- Errant plug-in load and GPU process memory corruption (ab1f515d-6b69-11e1-8288-00262d5ed8ee)

Google Chrome Releases reports : 117620 117656 Critical CVE-2011-3047: Errant plug-in load and GPU process memory corruption. Credit to PinkiePie. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML...

chromium -- Errant plug-in load and GPU process memory corruption

Google Chrome Releases reports: 117620 117656 Critical CVE-2011-3047: Errant plug-in load and GPU process memory corruption. Credit to PinkiePie...

GlassFish: hash table collisions CPU usage DoS (oCERT-2011-003)

Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attacke...

ALFTP may insecurely load executable files

Overview ALFTP may use unsafe methods for determining how to load executables. ALFTP provided by ESTsoft Corp. is a FTP client software with the built in FTP server. ALFTP contains an issue when loading files. For example, if an user tries to open README a file without extention which exists in t...

Debian Security Advisory DSA 2324-1 (wireshark)

The remote host is missing an update to wireshark announced via advisory DSA 2324-1. OpenVAS Vulnerability Test $Id: deb23241.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2324-1 wireshark Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Debian: Security Advisory (DSA-2324-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Directory traversal

Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. dot dot in the formname parameter to 1 contrib/acog/printform.php; or 2 loadform.php, 3 viewform.php, or 4 trendform.php in interface/patientfile/encounter...

Best Practice For Setting Up nWorks Collection for Failover and Disaster Recovery

Purpose Additional information given about how collectors work within nWorks and guidelines on how to set up collectors for disaster situations. Solution The Best Practice for Setting Up nWorks Collection for Failover and Disaster Recovery To get started with monitoring through the nWorks...

kernel security and bug fix update

2.6.32-220.4.1.el6 - fs Revert 'proc: enable writing to /proc/pid/mem' Johannes Weiner 782649 782650 CVE-2012-0056 2.6.32-220.3.1.el6 - kernel Remove 'WARNING: at kernel/sched.c:5915' Larry Woodman 768288 766051 - x86 kernel: Fix memory corruption in module load Prarit Bhargava 769595 767140 -...

Important: Red Hat Security Advisory: mod_cluster-native security update

An update for the Native components for JBoss Enterprise Web Platform 5.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS bas...

Important: Red Hat Security Advisory: mod_cluster-native security update

An updated modcluster-native package that fixes one security issue is now available for JBoss Enterprise Web Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System...

Important: Red Hat Security Advisory: mod_cluster-native security update

An update for the Native components for JBoss Enterprise Application Platform 5.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System...

Important: Red Hat Security Advisory: mod_cluster-native security update

An updated modcluster-native package that fixes one security issue is now available for JBoss Enterprise Application Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scorin...

Important: Red Hat Security Advisory: mod_cluster-native security update

An update for the modcluster native component for JBoss Enterprise Web Server 1.0.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System...

Researcher Releases New Version of P0f Fingerprinting Tool

Security researcher Michal Zalewski has released a new version of a passive fingerprinting tool called P0f that has the ability to diagnose a wide range of components in an Internet connection, even uncovering clients that are trying to forge some part of their identity in the connection. P0f is ...

Microsoft SharePoint Office Document Load Balancer SOAP Vulnerability

Added: 11/23/2011 CVE: CVE-2010-3964 BID: 45264 OSVDB: 69817 Background Microsoft SharePoint is a web application platform that provides web content management and document management as an aid to collaboration among users. SharePoint's multi-purpose design allows for managing and provisioning of...

Microsoft SharePoint Office Document Load Balancer SOAP Vulnerability

Added: 11/23/2011 CVE: CVE-2010-3964 BID: 45264 OSVDB: 69817 Background Microsoft SharePoint is a web application platform that provides web content management and document management as an aid to collaboration among users. SharePoint's multi-purpose design allows for managing and provisioning of...

glibc LD_AUDIT arbitrary DSO load Privilege Escalation

Exploit for linux platform in category local exploits !/bin/sh I Can't Read and I Won't Race You Either by zx2c4 This is an exploit for CVE-2010-3856. A while back, Tavis showed us three ways to exploit flaws in glibc's dynamic linker involving LDAUDIT. 1 2 The first way involved opening a file...

hbase-master-info NSE Script

Retrieves information from an Apache HBase Hadoop database master HTTP status page. Information gathered: Hbase version Hbase compile date Hbase root directory Hadoop version Hadoop compile date Average load Zookeeper quorum server Associated region servers Script Arguments slaxml.debug See the...

Debian DSA-2339-1 : nss - several vulnerabilities

This update to the NSS cryptographic libraries revokes the trust in the'DigiCert Sdn. Bhd' certificate authority. More information can be found in the Mozilla Security Blog. This update also fixes an insecure load path for pkcs11.txt configuration file CVE-2011-3640 . %NASLMINLEVEL 70300 C Tenabl...