90 matches found
RHEL 5 : python (RHSA-2012:0745)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0745 advisory. - python: potential XSS in SimpleHTTPServer's listdirectory CVE-2011-4940 - python: distutils creates /.pypirc insecurely CVE-2011-4944 -...
python security update
2.4.3-46.el58.2 - if hash randomization is enabled, also enable it within pyexpat Resolves: CVE-2012-0876 2.4.3-46.el58.1 - distutils.commands.register: create /.pypirc securely Resolves: CVE-2011-4944 - send encoding in SimpleHTTPServer.listdirectory to protect IE7 against potential XSS attacks...
Moderate: Red Hat Security Advisory: tomcat6 security and bug fix update
Updated tomcat6 packages that fix multiple security issues and three bugs are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System...
tomcat5 security update
CentOS Errata and Security Advisory CESA-2012:0474 Updated tomcat5 packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...
tomcat: hash table collisions CPU usage DoS (oCERT-2011-003)
Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...
tomcat: hash table collisions CPU usage DoS (oCERT-2011-003)
Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...
Moderate: Red Hat Security Advisory: tomcat6 security update
Updated tomcat6 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Moderate: Red Hat Security Advisory: tomcat5 security update
Updated tomcat5 packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
RedHat Update for ruby RHSA-2012:0070-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Important: Red Hat Security Advisory: jbossweb security update
Updated jbossweb packages that fix multiple security issues are now available for JBoss Enterprise Web Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS ba...
tomcat: hash table collisions CPU usage DoS (oCERT-2011-003)
Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...
RHEL 6 : ruby (RHSA-2012:0069)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:0069 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A...
RHEL 4 : php (RHSA-2012:0071)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0071 advisory. - php: buffer over-read in Exif extension CVE-2011-0708 - php: Crash by converting serial day numbers SDN into Julian calendar CVE-2011-1466...
php security update
CentOS Errata and Security Advisory CESA-2012:0071 Updated php packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...
irb, ruby security update
CentOS Errata and Security Advisory CESA-2012:0070 Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...
ruby: hash table collisions CPU usage DoS (oCERT-2011-003)
Ruby aka CRuby before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table...
Moderate: Red Hat Security Advisory: ruby security update
Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Moderate: Red Hat Security Advisory: php security update
Updated php packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
ruby security update
1.8.7.352-4 - Address CVE-2011-4815 'DoS excessive CPU use via hash meet-in-the-middle attacks oCERT-2011-003' ruby-1.8.7-p352-CVE-2011-4815.patch - Resolves: rhbz768831...
ruby security update
1.8.5-22.1 - Properly initialize the random number generator when forking new process ruby-1.8.7-CVE-2011-3009.patch - Related: rhbz768829 1.8.5-21.1 - Revert accidential move of tcl/tk libraries. - Related: rhbz768829 1.8.5-20.1 - Address CVE-2011-4815 "DoS excessive CPU use via hash...