MDVA-2009:183 : nvidia

This update provides the kernel modules which were not distributed with the last kernel update. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This script was...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpBMS 0.96 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 index.php and 2 modules\base\myaccount.php; and the PATHINFO to 3 modulesview.php, 4 tabledefsoptions.php, and 5 adminsettings.php in...

Sql injection

Multiple SQL injection vulnerabilities in phpBMS 0.96 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to modules/bms/invoicesdiscountajax.php, 2 f parameter to dbgraphic.php, and 3 tid parameter in a show action to advancedsearch.php...

CVE-2009-3755

Multiple cross-site scripting XSS vulnerabilities in phpBMS 0.96 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 index.php and 2 modules\base\myaccount.php; and the PATHINFO to 3 modulesview.php, 4 tabledefsoptions.php, and 5 adminsettings.php in...

Microsoft Office Art Property Table Memory Corruption

Added: 10/22/2009 CVE: CVE-2009-2528 BID: 36650 OSVDB: 58869 Background Microsoft Office is a package that provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. MS Office XP 2002 and MS Office 2000 use the Microsoft Windows...

SLES9: Security update for PHP4

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: php4-zlib php4-shmop php4-ftp php4-filepro php4-mcrypt php4-servlet php4-gmp php4-bz2 php4-snmp php4-mysql php4-mimemagic php4 php4-pgsql modphp4-servlet...

SLES9: Security update for PHP

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: php4-gd php4-recode apache2-modphp4 php4-mysql php4-exif php4-pear php4-pgsql php4-devel modphp4-core modphp4-servlet php4-servlet php4-fastcgi php4-session...

SLES9: Security update for Red Carpet

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: libsoup libredcarpet rug rcd-devel libredcarpet-python rcd rcd-modules-devel red-carpet rcd-modules libredcarpet-tools libsoup-devel More details may also be...

SLES9: Security update for some XFree86 modules

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: XFree86-libs XFree86-Xvnc XFree86-server XFree86-Xprt XFree86-Xnest XFree86-Xvfb For more information, please visit the referenced security advisories. More...

SLES9: Security update for Red Carpet

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: rug libredcarpet-tools rcd-modules xmlrpc-c rcd red-carpet libredcarpet python-openssl libredcarpet-python rcd-modules-devel xmlrpc-c-devel rcd-devel For mor...

SuSE 11 Security Update : Mozilla (SAT Patch Number 1328)

This update brings the Mozilla XULRunner engine to the 1.9.0.14 stable release. It also fixes various security issues : - / CVE-2009-30 /. MFSA 2009-47 / CVE-2009-3069 / CVE-2009-3070 / CVE-2009-3071 / CVE-2009-3072 / CVE-2009-3073 - Mozilla developers and community members identified and fixed...

Fedora Core 10 FEDORA-2009-9386 (proftpd)

The remote host is missing an update to proftpd announced via advisory FEDORA-2009-9386. OpenVAS Vulnerability Test $Id: fcore20099386.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-9386 proftpd Authors: Thomas Reinke Copyright: Copyright c 2009...

Fedora 10 : proftpd-1.3.2a-5.fc10 (2009-9386)

This update has a large number of changes from previous Fedora packages; the highlights are as follows: - Update to upstream release 1.3.2a - Fix SQL injection vulnerability at login 485125, CVE-2009-0542 - Fix SELinux compatibility 498375 - Fix audit logging 506735 - Fix default configuration...

SuSE9 Security Update : YaST2 (YOU Patch Number 11952)

This update fixes a security bug in yast2-core that allows local attackers to provide malicious YaST2 modules to YaST2 which are subsequently executed with root privileges. To trigger this vulnerability root has to execute yast2 in an untrusted directory i.e. /tmp. %NASLMINLEVEL 70300 C Tenable...

Mozilla Firefox PKCS11 Module Installation Code Execution

Added: 09/24/2009 CVE: CVE-2009-3076 BID: 36343 OSVDB: 57977 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem The warning dialog displayed when adding or removing security modules via pkcs11.addmodule or pkcs11.deletemodule can be customized by a...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-1312)

This update brings Mozilla Firefox to the 3.0.14 stable release. It also fixes various security issues: MFSA 2009-47 / CVE-2009-3069 / CVE-2009-3070 / CVE-2009-3071 / CVE-2009-3072 / CVE-2009-3073 / CVE-2009-3074 / CVE-2009-3075: Mozilla developers and community members identified and fixed sever...

Directory traversal

Multiple directory traversal vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the module parameter to graph.php; or the 2 module or 3 file parameter to include/Ajax/CommonAjax.php, reachable through...

Authentication flaw

pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an "empty selection" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote attackers to bypass authentication...

CVE-2009-3232

pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an "empty selection" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote attackers to bypass authentication...

Microsoft Excel BIFF format Qsir record memory corruption

Added: 09/11/2009 CVE: CVE-2009-1134 BID: 35246 OSVDB: 54958 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability allows command execution when a user closes a spreadshee...