RedHat Update for pam RHSA-2013:0521-02

Check for the Version of pam OpenVAS Vulnerability Test RedHat Update for pam RHSA-2013:0521-02 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

RedHat Update for pam RHSA-2013:0521-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Server: Information disclosure

Due to the inclusion of the Amazon SDK testing suite an unauthenticated attacker is able to gain additional informations about the server including: the PHP version the cURL version informations wether the following functions/modules are available: SimpleXML DOM SPL JSON PCRE File System Read/Wri...

[Recon-ng] Web Reconnaisance Framework for Penetration Testers

Recon-ng is a full-featured Web Reconnaissance framework written in Python. Recon-ng has a look and feel similar to the Metasploit Framework, reducing the learning curve for leveraging the framework. Complete with independent modules, database interaction, built in convenience functions,...

Cisco Nexus 7000 M1-Series Modules Crafted Packet Vulnerability

Cisco Nexus 7000 M1-Series Modules contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to incorrect handling of crafted packets processed by the affected software. An unauthenticated, remote attacker cou...

JBoss: allows empty password to authenticate against LDAP

The default configuration of the 1 LdapLoginModule and 2 LdapExtLoginModule modules in JBoss Enterprise Application Platform EAP 4.3.0 CP10, 5.2.0, and 6.0.1, and Enterprise Web Platform EWP 5.2.0 allow remote attackers to bypass authentication via an empty password...

CentOS Update for libreport CESA-2013:0215 centos6

Check for the Version of libreport OpenVAS Vulnerability Test CentOS Update for libreport CESA-2013:0215 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Cisco Unity Express Cross-Site Scripting Vulnerabilities

Cisco Unity Express contains multiple vulnerabilities that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerabilities are due to insufficient sanitization of user-supplied input processed by the Cisco Unity Express software. An unauthenticated,...

SuSE 11.1 Security Update : net-snmp (SAT Patch Number 6517)

This update to net-snmp resolves the following issues : - Specially crafted SNMP GET requests could cause a denial of service application crash via a heap-based out-out-bounds read flaw which could be exploited remotely. CVE-2012-2141 - The snmpd agent should read shared memory information from...

CVE-2012-6437

The device does not properly authenticate users and the potential exists for a remote user to upload a new firmware image to the Ethernet card, whether it is a corrupt or legitimate firmware image. Successful exploitation of this vulnerability could cause loss of availability, integrity, and...

CVE-2012-6441

An information exposure of confidential information results when the device receives a specially crafted CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP. Successful exploitation of this vulnerability could cause loss of confidentiality. Rockwell Automation EtherNet/I...

CVE-2012-6442

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the product to reset, a DoS can occur. This situation could cause loss of availability and a disruption of communicatio...

Design/Logic Flaw

Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and...

Buffer overflow

Buffer overflow in Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier...

Red October Attackers Shutting Down C&C Infrastructure

It appears that the attackers behind the Red October cyberespionage campaign are taking their ball and going home. Since the attack came to light on Monday, the attackers have begun shutting down their infrastructure and the hosting providers and registrars involved with some of the...

drupal -- multiple vulnerabilities

Drupal Security Team reports: Cross-site scripting Various core and contributed modules Access bypass Book module printer friendly version Access bypass Image module...

[SECURITY] Fedora 18 Update: pl-6.0.2-5.fc18

ISO/Edinburgh-style Prolog compiler including modules, auto-load, libraries, Garbage-collector, stack-expandor, C/C++-interface, GNU-readline interface, very fast compiler. Including packages clib Unix process control and sockets, cpp C++ interface, sgml reading XML/SGML, sgml/RDF reading RDF int...

[SECURITY] Fedora 17 Update: pl-6.0.2-4.fc17

ISO/Edinburgh-style Prolog compiler including modules, auto-load, libraries, Garbage-collector, stack-expandor, C/C++-interface, GNU-readline interface, very fast compiler. Including packages clib Unix process control and sockets, cpp C++ interface, sgml reading XML/SGML, sgml/RDF reading RDF int...

[SECURITY] Fedora 16 Update: pl-5.10.2-9.fc16

ISO/Edinburgh-style Prolog compiler including modules, auto-load, libraries, Garbage-collector, stack-expandor, C/C++-interface, GNU-readline interface, very fast compiler. Including packages clib Unix process control and sockets, cpp C++ interface, sgml reading XML/SGML, sgml/RDF reading RDF int...

Fedora Update for pl FEDORA-2013-0211

Check for the Version of pl OpenVAS Vulnerability Test Fedora Update for pl FEDORA-2013-0211 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the...