Oracle Solaris Third-Party Patch Update : net-snmp (cve_2012_6151_resource_management)

The remote Solaris system is missing necessary patches to address security updates : - Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service crash or infinite loop, CPU consumption, and hang by...

Oracle Solaris Third-Party Patch Update : django (multiple_vulnerabilities_in_django)

The remote Solaris system is missing necessary patches to address security updates : - The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 allows remote attackers to import and execute arbitrary Python modules ...

Oracle Solaris Third-Party Patch Update : lighttpd (cve_2014_2469_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service memory consumption by breaking a request into...

Oracle Solaris Third-Party Patch Update : nova (cve_2014_3517_information_disclosure)

The remote Solaris system is missing necessary patches to address security updates : - api/metadata/handler.py in OpenStack Compute Nova before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess...

Oracle Solaris Third-Party Patch Update : bind (cve_2012_4244_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service assertion failure and named daemon...

Oracle Solaris Third-Party Patch Update : isc-dhcp (multiple_denial_of_service_dos4)

The remote Solaris system is missing necessary patches to address security updates : - ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a malformed client identifier. CVE-2012-3571 - Multiple memo...

Oracle Solaris Third-Party Patch Update : perl-58 (cve_2012_6329_code_injection1)

The remote Solaris system is missing necessary patches to address security updates : - The compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, whi...

Oracle Solaris Third-Party Patch Update : ghostscript (multiple_denial_of_service_vulnerabilities7)

The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer overflow in the jpccoxgetcompparms function in libjasper/ jpc/jpccs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a...

Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark)

The remote Solaris system is missing necessary patches to address security updates : - epan/dissectors/packet-ansia.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service NULL pointer dereference and application crash...

Oracle Solaris Third-Party Patch Update : texinfo (cve_2006_4810_buffer_overflow)

The remote Solaris system is missing necessary patches to address security updates : - Buffer overflow in the readline function in util/texindex.c, as used by the 1 texi2dvi and 2 texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file...

Oracle Solaris Third-Party Patch Update : ruby (multiple_vulnerabilities_in_ruby1)

The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service...

Oracle Solaris Third-Party Patch Update : ibutils (cve_2013_2561_link_following)

The remote Solaris system is missing necessary patches to address security updates : - OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on 1 ibdiagnet.db, 2 ibdiagnet.fdbs, 3 ibdiagnetibis.log, 4 ibdiagnet.log, 5 ibdiagnet.lst, 6 ibdiagnet.mcfdbs, 7...

Oracle Solaris Third-Party Patch Update : kerberos (multiple_buffer_errors_vulnerabilities_in4)

The remote Solaris system is missing necessary patches to address security updates : - MIT Kerberos 5 aka krb5 before 1.12.2 allows remote attackers to cause a denial of service buffer over-read and application crash by injecting invalid tokens into a GSSAPI application session. CVE-2014-4341 - M...

Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark5)

The remote Solaris system is missing necessary patches to address security updates : - The dissectdiagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery aka RELOAD dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which...

Oracle Solaris Third-Party Patch Update : logilab-common (multiple_symlink_attack_vulnerabilities_in)

The remote Solaris system is missing necessary patches to address security updates : - The 1 extractkeysfrompdf and 2 fillpdf functions in pdfext.py in logilab-commons before 0.61.0 allows local users to overwrite arbitrary files and possibly have other unspecified impact via a symlink attack on...

Oracle Solaris Third-Party Patch Update : thunderbird (multiple_vulnerabilities_in_thunderbird5)

The remote Solaris system is missing necessary patches to address security updates : - Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file...

Oracle Solaris Third-Party Patch Update : cvs (cve_2012_0804_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer overflow in the proxyconnect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service crash and possibly execute arbitrary code via a crafted...

Oracle Solaris Third-Party Patch Update : puppet (multiple_vulnerabilities_in_puppet1)

The remote Solaris system is missing necessary patches to address security updates : - Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when...

Oracle Solaris Third-Party Patch Update : freetype (multiple_denial_of_service_dos1)

The remote Solaris system is missing necessary patches to address security updates : - FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap read operation and memory corruption or possibly...

Oracle Solaris Third-Party Patch Update : thunderbird (multiple_vulnerabilities_in_thunderbird7)

The remote Solaris system is missing necessary patches to address security updates : - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey...