94 matches found
[SECURITY] Fedora 26 Update: systemd-233-4.fc26
systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...
IBM WebSphere Application Server 7.0 < 7.0.0.39 Multiple Vulnerabilities (FREAK)
Binary data 9700.prm...
IBM Storwize SSL/TLS RC4 Stream Cipher Key Invariance (Bar Mitzvah)
According to its self-reported version number, the IBM Storwize server running on the remote host is affected by a security feature bypass vulnerability, known as Bar Mitzvah, due to improper combination of state data with key data by the RC4 cipher algorithm during the initialization phase. A...
Atlassian JIRA < 6.4.10 / 7.0.0-OD-02 MitM Plaintext Disclosure (Bar Mitzvah)
According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is prior to 6.4.10 or 7.0.0-OD-02. It is, therefore, potentially affected by a security feature bypass vulnerability, known as Bar Mitzvah, due to improper combination of state data with...
SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2015:1844-1)
glibc was updated to fix bugs and security issues. Security issues fixed : - A buffer overflow in nssdns was fixed that could lead to crashes. CVE-2015-1781, bsc927080, BZ 18287 - A denial of service attack out of memory in the NSS files backend was fixed CVE-2014-8121, bsc918187, GLIBC BZ 18007...
Oracle: Security Advisory (ELSA-2013-0132)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...
SUSE-RU-2015:1239-1 Recommended update for freetype2
This update of freetype2 fixes a regression introduced by the security fix for CVE-2014-9671. This is not itself a security issue, it just improves on a previous one. This update is needed for LSB 5 fontconfig usage...
SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...
CVE-2015-2808
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...
SUSE-SU-2015:0805-1 Security update for cups-filters
cups-filters was updated to fix one security issue. This security issue was fixed: - CVE-2015-2265: Remote command execution in removebadchars bnc921753. This non-security issue was fixed: - LSB compliance of foomatic-rip bnc915545...
openSUSE Security Update : systemd (openSUSE-2012-139)
Add fix-console-switch.patch: prevent console lockup rhb771563. - Add fix-quota.patch: correctly enable quota rhb773431. - Add passcredentials.patch: ensure compatibility with kernel 3.2 bnc743299. - Update modulesonboot.patch to not cause failed state for systemd-modules-load.service bnc741481...
pacemaker security, bug fix, and enhancement update
1.1.10-14 - Log: crmd: Supply arguments in the correct order Resolves: rhbz996850 - Fix: Invalid formatting of log message causes crash Resolves: rhbz996850 1.1.10-13 - Fix: cman: Start clvmd and friends from the init script if enabled 1.1.10-12 - Fix: Consistently use 'Slave' as the role for...
Fedora Update for systemd FEDORA-2013-17203
Check for the Version of systemd OpenVAS Vulnerability Test Fedora Update for systemd FEDORA-2013-17203 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
[SECURITY] Fedora 19 Update: systemd-204-15.fc19
systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups,...
Oracle Linux 5 : httpd (ELSA-2013-0130)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0130 advisory. - add security fix for CVE-2008-0456 - add security fix for CVE-2012-2687 850794 Tenable has extracted the preceding description block directly from th...
CentOS Update for httpd CESA-2013:0130 centos5
Check for the Version of httpd OpenVAS Vulnerability Test CentOS Update for httpd CESA-2013:0130 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Scientific Linux Security Update : httpd on SL5.x i386/x86_64 (20130108)
Input sanitization flaws were found in the modnegotiation module. A remote attacker able to upload or create files with arbitrary names in a directory that has the MultiViews options enabled, could use these flaws to conduct cross-site scripting and HTTP response splitting attacks against users...
CentOS 5 : httpd (CESA-2013:0130)
Updated httpd packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give...
httpd, mod_ssl security update
CentOS Errata and Security Advisory CESA-2013:0130 Updated httpd packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common...