ecryptfs-utils security, bug fix, and enhancement update

75-4 - fix EOF handling 499367 - add icon to gui desktop file 75-3 - ask for password confirmation when creating openssl key 500850 - removed executable permission from ecryptfs-dot-private 500817 - ecryptfs-rewrite-file: improve of progress output 500813 - dont error out when unwrapping and addi...

nltk

Natural Language Toolkit NLTK !PyPIhttps://img.shields.i...

Linux-PAM: Privilege escalation

Background Linux-PAM Pluggable Authentication Modules is an architecture allowing the separation of the development of privilege granting software from the development of secure and appropriate authentication schemes. Description Marcus Granado repoted that Linux-PAM does not properly handle user...

Sql injection

Multiple SQL injection vulnerabilities in Qsoft K-Rate Premium allow remote attackers to execute arbitrary SQL commands via 1 the $id variable in admin/includes/delecpac.php, 2 $ordorderid variable in payments/paymentreceived.php, 3 $id variable in includes/functions.php, and 4 unspecified...

eLinks SQL Injection / XSS / LFI

===================================================================== eLinks Vulnerabilities blind sql inj / xss / LFI by Inj3ct0r.com ===================================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ ...

[SECURITY] Fedora 11 Update: farsight2-0.0.14-1.fc11

farsight2 is a collection of GStreamer modules and libraries for videoconferencing...

Code injection

The web interface CobblerWeb in Cobbler before 1.2.9 allows remote authenticated users to execute arbitrary Python code in cobblerd by editing a Cheetah kickstart template to import arbitrary Python modules...

CVE-2008-6954

CVE-2008-6954 affects CobblerWeb in Cobbler before 1.2.9, where the Cheetah template engine can execute Python statements embedded in kickstart templates. This enables remote authenticated users to run arbitrary Python code in cobblerd, effectively compromising the server. The vulnerability stems...

Rootkit techniques the main principle of explanation-vulnerability warning-the black bar safety net

Article author: hackisle rootkit main categories: Application-level-kernel-the hardware level Early rootkits mainly for application-level rootkits application-level rootkits mainly by replacing the login, ps, ls, netstat and other system tools, or modify. rhosts etc system configuration files, et...

OpenSC: Multiple vulnerabilities

Background OpenSC provides a set of libraries and utilities to access smart cards. Description Multiple vulnerabilities were found in OpenSC: b.badrignans discovered that OpenSC incorrectly initialises private data objects CVE-2009-0368. Miquel Comas Marti discovered that src/tools/pkcs11-tool.c ...

python, tkinter security update

CentOS Errata and Security Advisory CESA-2009:1176 Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive...

[SECURITY] [DSA 1846-1] New kvm packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1846-1 [email protected] http://www.debian.org/security/ Dann Frazier July 28, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------...

Gentoo Security Advisory GLSA 200907-08 (rt2400 rt2500 rt2570 rt61 ralink-rt61)

The remote host is missing updates announced in advisory GLSA 200907-08. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200907-08 (rt2400 rt2500 rt2570 rt61 ralink-rt61)

The remote host is missing updates announced in advisory GLSA 200907-08. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

DSA-1846-1 kvm - denial of service

Bulletin has no description...

python: Multiple integer overflows discovered by Google

Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to 1 Include/pymem.h; 2 csv.c, 3 struct.c, 4 arraymodule.c, 5 audioop.c, 6 binascii.c, 7 cPickle.c, 8 cStringIO.c, 9 cjkcodecs/multibytecodec.c, 10...

python: Multiple integer overflows in python core

Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the 1 stringobject, 2 unicodeobject, 3 bufferobject, 4 longobject, 5 tupleobject, 6 stropmodule, 7 gcmodule, and 8 mmapmodule modules. NOTE: The expandtabs...

python: Multiple integer overflows discovered by Google

Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to 1 Include/pymem.h; 2 csv.c, 3 struct.c, 4 arraymodule.c, 5 audioop.c, 6 binascii.c, 7 cPickle.c, 8 cStringIO.c, 9 cjkcodecs/multibytecodec.c, 10...

python: Multiple integer overflows in python core

Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the 1 stringobject, 2 unicodeobject, 3 bufferobject, 4 longobject, 5 tupleobject, 6 stropmodule, 7 gcmodule, and 8 mmapmodule modules. NOTE: The expandtabs...

openSUSE Security Update : gtk2 (gtk2-583)

A SUSE specific patch to GTK2 accidentally added a relative search path for gtk modules therefore allowed local attackers have gtk programs load modules from untrusted places CVE-2009-0848. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...