69 matches found
GameSpy 3D 2.62 Packet Amplification Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6636/info A vulnerability has been reported for several games that support the use of the GameSpy network. A game client typically queries a game server using the UDP protocol. It has been reported that a simple query by ...
Important: Red Hat Security Advisory: tomcat security update
Updated tomcat packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 tomcat6 security update
An update for the Apache Tomcat 6 component for Red Hat JBoss Web Server 2.0.1 that fixes multiple security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CV...
Google Changes Ciphers in Chrome on Android
The emergence of mobile platforms such as iOS and Android have presented a number of challenges in terms of security. Not much can be done about some of these, like users leaving their phones in bars. But engineers at Google have been working on one of the thornier ones of late–how to provide sol...
RHEL 6 : tomcat6 (RHSA-2014:0429)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0429 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. It was found that when Tomcat processed a...
Moderate: Red Hat Security Advisory: tomcat6 security update
Updated tomcat6 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Fedora Update for rrdtool FEDORA-2013-10309
Check for the Version of rrdtool OpenVAS Vulnerability Test Fedora Update for rrdtool FEDORA-2013-10309 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Scientific Linux Security Update : krb5 on SL5.x, SL6.x i386/x86_64 (20130612)
It was found that kadmind's kpasswd service did not perform any validation on incoming network packets, causing it to reply to all requests. A remote attacker could use this flaw to send spoofed packets to a kpasswd service that appear to come from kadmind on a different server, causing the...
krb5 security update
CentOS Errata and Security Advisory CESA-2013:0942 Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...
Moderate: Red Hat Security Advisory: krb5 security update
Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Common Firewall Feature Enables TCP Hijacking Attacks
Attackers using a feature that is common to many firewalls, switches and other networking gear could silently hijack Web sessions on mobile and desktop devices, according to a research paper presented by two Ph.D students from the University of Michigan. The two discovered that so-called TCP...
Network Time Protocol Package Remote Message Loop Denial of Service Vulnerability
The Network Time Protocol NTP package contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to an error in handling certain malformed messages. An unauthenticated, remote attacker could send a malicious N...
PRTG Traffic Grapher Monitor_Bandwidth函数跨站脚本漏洞
BUGTRAQ ID: 35128 CVECAN ID: CVE-2009-1849 PRTG Traffic Grapher是一个使用方便的Windows软件,能够对网络带宽的使用进行监控和分类。 PRTG Traffic Grapher没有正确地验证对MonitorBandwidth函数所提交的输入参数,如果用户受骗跟随了包含有恶意脚本的链接的话,就会导致在用户浏览器会话中执行跨站脚本。 Paessler PRTG Traffic Grapher 6.2.2.977 厂商补丁: Paessler -------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Mandriva Linux Security Advisory : avahi (MDVSA-2009:076)
A security vulnerability has been identified and fixed in avahi which could allow remote attackers to cause a denial of service network bandwidth and CPU consumption via a crafted legacy unicast mDNS query packet CVE-2009-0758. The updated packages have been patched to prevent this. %NASLMINLEVEL...
GLSA-200904-10 : Avahi: Denial of Service
The remote host is affected by the vulnerability described in GLSA-200904-10 Avahi: Denial of Service Rob Leslie reported that the originatesfromlocallegacyunicastsocket function in avahi-core/server.c does not account for the network byte order of a port number when processing incoming multicast...
Mandrake Security Advisory MDVSA-2009:076 (avahi)
The remote host is missing an update to avahi announced via advisory MDVSA-2009:076. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
CVE-2009-0758
The originatesfromlocallegacyunicastsocket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service network bandwidth and CPU consumpti...
CVE-2009-0758
The originatesfromlocallegacyunicastsocket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service network bandwidth and CPU consumpti...
CVE-2009-0758
The originatesfromlocallegacyunicastsocket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service network bandwidth and CPU consumpti...
CVE-2009-0242
Rejected reason: gmetad in Ganglia 3.1.1, when supporting multiple requests per connection on an interactive port, allows remote attackers to cause a denial of service via a request to the gmetad service with a path that does not exist, which causes Ganglia to 1 perform excessive CPU computation...