Oracle Solaris Third-Party Patch Update : apache (cve_2013_4365_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer overflow in the fcgidheaderbucketread function in fcgidbucket.c in the modfcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown...

Oracle Solaris Third-Party Patch Update : net-snmp (cve_2012_6151_resource_management)

The remote Solaris system is missing necessary patches to address security updates : - Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service crash or infinite loop, CPU consumption, and hang by...

Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark5)

The remote Solaris system is missing necessary patches to address security updates : - The dissectdiagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery aka RELOAD dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which...

Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark8)

The remote Solaris system is missing necessary patches to address security updates : - The ieee802154maprec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote...

Oracle Solaris Third-Party Patch Update : libxml2 (cve_2010_4008_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which...

Oracle Solaris Third-Party Patch Update : xorg (cve_2013_4396_use_after)

The remote Solaris system is missing necessary patches to address security updates : - Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service daemon crash or...

Oracle Solaris Third-Party Patch Update : keystone (cve_2014_2828_authentication_issues)

The remote Solaris system is missing necessary patches to address security updates : - The V3 API in OpenStack Identity Keystone 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service CPU consumption via a large number of the same authenticati...

Oracle Solaris Third-Party Patch Update : wireshark (cve_2014_2907_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - The srtpaddaddress function in epan/dissectors/packet-rtp.c in the RTP dissector in Wireshark 1.10.x before 1.10.7 does not properly update SRTP conversation data, which allows remote attackers to cause a denia...

Oracle Solaris Third-Party Patch Update : libdbus (cve_2012_3524_permissions_privileges)

The remote Solaris system is missing necessary patches to address security updates : - libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUSSYSTEMBUSADDRESS...

Oracle Solaris Third-Party Patch Update : kerberos (multiple_vulnerabilities_in_kerberos1)

The remote Solaris system is missing necessary patches to address security updates : - dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of service daemon cra...

Oracle Solaris Third-Party Patch Update : thunderbird (multiple_vulnerabilities_in_thunderbird5)

The remote Solaris system is missing necessary patches to address security updates : - Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file...

Oracle Solaris Third-Party Patch Update : apache (multiple_denial_of_service_dos5)

The remote Solaris system is missing necessary patches to address security updates : - The cacheinvalidate function in modules/cache/cachestorage.c in the modcache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP servers to cause a denial of...

Oracle Solaris Third-Party Patch Update : tomcat (multiple_vulnerabilities_in_tomcat)

The remote Solaris system is missing necessary patches to address security updates : - Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data...

Oracle Solaris Third-Party Patch Update : openssl (multiple_vulnerabilities_in_openssl4) (Heartbleed)

The remote Solaris system is missing necessary patches to address security updates : - The ssl3takemac function in ssl/s3both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service NULL pointer dereference and application crash via a crafted Next Protocol...

Oracle Solaris Third-Party Patch Update : django (multiple_vulnerabilities_in_django)

The remote Solaris system is missing necessary patches to address security updates : - The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 allows remote attackers to import and execute arbitrary Python modules ...

Oracle Solaris Third-Party Patch Update : python (cve_2010_1634_integer_overflow)

The remote Solaris system is missing necessary patches to address security updates : - Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service application crash via a large fragment, as...

Oracle Solaris Third-Party Patch Update : freetype (multiple_denial_of_service_dos1)

The remote Solaris system is missing necessary patches to address security updates : - FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap read operation and memory corruption or possibly...

Oracle Solaris Third-Party Patch Update : ruby (cve_2013_4073_cryptographic_issues)

The remote Solaris system is missing necessary patches to address security updates : - The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exceptiontos method, as demonstrated by changing an...

Oracle Solaris Third-Party Patch Update : php (cve_2013_4248_input_validation)

The remote Solaris system is missing necessary patches to address security updates : - The opensslx509parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of a...

RHEL 5 : ntp (RHSA-2014:2025)

Updated ntp packages that fix several security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...