Important: Red Hat Security Advisory: jbossweb security update

Updated jbossweb packages that fix multiple security issues are now available for JBoss Enterprise Application Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System...

KLA10394 Multiple vulnerabilities in Siemens

Multiple critical vulnerabilities have been found in Siemens products. Malicious users can exploit these vulnerabilities to read & modify arbitrary files, cause denial of service, execute arbitrary code, bypass authentication, obtain access and inject arbitrary HTTP headers. Below is a complete...

RedHat Update for php RHSA-2012:0033-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

FreeBSD : Multiple implementations -- DoS via hash algorithm collision (91be81e7-3fea-11e1-afc7-2c4138874f7d)

oCERT reports : A variety of programming languages suffer from a denial-of-service DoS condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting predictable collisions in the underlying hashing algorithms. The issue finds particul...

MySQL < 4.1.12 / 5.0.4 Insecure Permissions

The remote MySQL server is earlier than 4.1.12 / 5.0.4 and thus reportedly creates a temporary file with insecure permissions and a predictable name, which could allow a local user to run arbitrary SQL commands. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17805;...

DEBIAN-CVE-2011-5060

The parmktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program, a different...

CVE-2011-5060

The parmktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program, a different...

Code injection

The parmktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program, a different...

CVE-2011-5060

The parmktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program, a different...

DEBIAN-CVE-2011-4114

The parmktmpdir function in the PAR::Packer module before 1.012 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program. NOTE:...

CVE-2011-4114

The parmktmpdir function in the PAR::Packer module before 1.012 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program. NOTE:...

CVE-2011-4114

The parmktmpdir function in the PAR::Packer module before 1.012 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program. NOTE:...

Code injection

The parmktmpdir function in the PAR::Packer module before 1.012 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program. NOTE:...

RedHat Update for php53 and php RHSA-2012:0019-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

php, php53 security update

CentOS Errata and Security Advisory CESA-2012:0019 Updated php53 and php packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability...

Moderate: Red Hat Security Advisory: php53 and php security update

Updated php53 and php packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

OpenVAS Scanner Symlink Attack Local Privilege Escalation Vulnerability

This host is installed with OpenVAS Scanner and is prone to privilege escalation vulnerability. OpenVAS Vulnerability Test $Id: gbopenvasscannerprevesclvuln.nasl 7823 2017-11-20 08:54:04Z cfischer $ OpenVAS Scanner Symlink Attack Local Privilege Escalation Vulnerability Authors: Antu Sanadi...

OpenSSL < 0.9.6b Predictable Random Generator

According to its banner, the remote web server is running a version of OpenSSL that is earlier than 0.9.6b and allows remote attackers to predict the output of the pseudo-random generator. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17745; scriptversion"1.11";...

[oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision

2011-003 multiple implementations denial-of-service via hash algorithm collision Description: A variety of programming languages suffer from a denial-of-service DoS condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting...

Multiple implementations -- DoS via hash algorithm collision

oCERT reports: A variety of programming languages suffer from a denial-of-service DoS condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting predictable collisions in the underlying hashing algorithms. The issue finds particula...