FreeBSD : SquirrelMail -- Plug-ins compromise (0d0237d0-7f68-11de-984d-0011098ad87f)

The SquirrelMail Web Server has been compromised, and three plugins are affected. The port of squirrelmail-sasql-plugin is safe right MD5, and changepass is not in the FreeBSD ports tree, but multilogin has a wrong MD5. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

SquirrelMail -- Plug-ins compromise

Problem Description: The SquirrelMail Web Server has been compromised, and three plugins are affected. The port of squirrelmail-sasql-plugin is safe right MD5, and changepass is not in the FreeBSD ports tree, but multilogin has a wrong MD5...

Joomla! HTTP header cross-site scripting vulnerability-vulnerability warning-the black bar safety net

From the green Alliance:no commercial use indicate in advance Joomla! Is an open source content management system CMS to. Joomla! Not properly filter the user in the HTTP request the the submission of the HTTPREFERER variable, a remote attacker can submit a malicious request to inject JavaScript ...

Fedora Core 11 FEDORA-2009-7498 (mumbles)

The remote host is missing an update to mumbles announced via advisory FEDORA-2009-7498. OpenVAS Vulnerability Test $Id: fcore20097498.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-7498 mumbles Authors: Thomas Reinke Copyright: Copyright c 2009...

Fedora Core 10 FEDORA-2009-8020 (kdelibs3)

The remote host is missing an update to kdelibs3 announced via advisory FEDORA-2009-8020. OpenVAS Vulnerability Test $Id: fcore20098020.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-8020 kdelibs3 Authors: Thomas Reinke Copyright: Copyright c 2009...

Gentoo Security Advisory GLSA 200907-11 (gst-plugins-good gst-plugins-base gst-plugins-libpng)

The remote host is missing updates announced in advisory GLSA 200907-11. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

Gentoo Security Advisory GLSA 200907-07 (libmodplug gst-plugins-bad)

The remote host is missing updates announced in advisory GLSA 200907-07. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200907-11 (gst-plugins-good gst-plugins-base gst-plugins-libpng)

The remote host is missing updates announced in advisory GLSA 200907-11. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Debian: Security Advisory (DSA-1839-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1839-1 (gst-plugins-good0.10)

The remote host is missing an update to gst-plugins-good0.10 announced via advisory DSA 1839-1. OpenVAS Vulnerability Test $Id: deb18391.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1839-1 gst-plugins-good0.10 Authors: Thomas Reinke Copyright: Copyright ...

Fedora 10 : kdelibs3-3.5.10-13.fc10 (2009-8020)

This update fixes several security issues in the KDE 3 compatibility version of KHTML CVE-2009-1725, CVE-2009-1690, CVE-2009-1687, CVE-2009-1698, CVE-2009-2537 which may lead to a denial of service or potentially even arbitrary code execution. In addition, the package was fixed to build with the...

openSUSE Security Update : gstreamer-0_10-plugins-good (gstreamer-0_10-plugins-good-989)

Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer CVE-2009-1932. if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502 exit0; C Tenable Network Security, Inc. The descriptive text and package checks...

openSUSE Security Update : gstreamer-0_10-plugins-bad (gstreamer-0_10-plugins-bad-887)

This update fixes a buffer overflow in libmodplug that can be exploited remotely to execute arbitrary code with the privileges of the process using the libaray. CVE-2009-1438 if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502 exit0; C...

openSUSE Security Update : gstreamer-0_10-plugins-good (gstreamer-0_10-plugins-good-540)

gstreamer-010: several heap overflows CVE-2009-0386, CVE-2009-0387,CVE-2009-0397 have been fixed. Remote attackers could exploit these to execute arbitrary code via QuickTime media files. if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502...

openSUSE Security Update : gstreamer-0_10-plugins-good (gstreamer-0_10-plugins-good-989)

Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer CVE-2009-1932. if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502 exit0; C Tenable Network Security, Inc. The descriptive text and package checks...

openSUSE Security Update : gstreamer-0_10-plugins-good (gstreamer-0_10-plugins-good-540)

gstreamer-010: several heap overflows CVE-2009-0386, CVE-2009-0387,CVE-2009-0397 have been fixed. Remote attackers could exploit these to execute arbitrary code via QuickTime media files. if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502...

openSUSE Security Update : gstreamer-0_10-plugins-base (gstreamer-0_10-plugins-base-741)

Specially crafted cover art tags in vorbis files could trigger a heap overflow in the base64 decoder. Attackers could potentially exploit that to execute arbitrary code CVE-2009-0586. if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502 exit...

openSUSE Security Update : gvim (gvim-561)

The VI Improved editor vim was updated to version 7.2.108 to fix various security problems and other bugs. CVE-2008-4677: The netrw plugin sent credentials to all servers. CVE-2009-0316: The python support used a search path including the current directory, allowing code injection when python cod...

openSUSE Security Update : gstreamer-0_10-plugins-bad (gstreamer-0_10-plugins-bad-887)

This update fixes a buffer overflow in libmodplug that can be exploited remotely to execute arbitrary code with the privileges of the process using the libaray. CVE-2009-1438 if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502 exit0; C...

[SECURITY] [DSA 1839-1] New gst-plugins-good0.10 packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1839-1 [email protected] http://www.debian.org/security/ Steffen Joeris July 19, 2009 http://www.debian.org/security/faq -...