CVE-2013-0454

The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to 1 write to a read-only share; 2 trigger...

CVE-2013-0454

The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to 1 write to a read-only share; 2 trigger...

CentOS Update for hpijs CESA-2013:0500 centos6

Check for the Version of hpijs OpenVAS Vulnerability Test CentOS Update for hpijs CESA-2013:0500 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

It's Time to Abandon Java

As humans, we have a difficult time letting go of things. Whether it be a favorite pair of jeans, a beloved dog or an old friend who you know is just bringing you down, putting aside things we know well is hard to do. But sometimes things are just too broken to be useful any longer, and that’s th...

autofs security, bug fix, and enhancement update

5.0.1-0.rc2.177.0.1.el5 - apply fix from NetApp to use tcp before udp http://www.mail-archive.com/[email protected]/msg07910.html Bert Barbe orabug 6827898 5.0.1-0.rc2.177.el5 - bz714766 - autofs /net maps do not refresh list of shares exported on the NFS server - disable hosts map HUP sign...

Scientific Linux Security Update : selinux-policy enhancement update on SL5.x, SL6.x i386/x86_64 (20121119)

This update adds the following enhancements : - An SELinux policy for openshift packages has been added This update has been placed in the security tree to avoid selinux related problems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux...

dedeCMS latest injection vulnerability a gold-bug warning-the black bar safety net

Brief description: Since the parameters of the variables not be initialized testing and using the class reflection skills leads to plus\feedback.php in the variable $typeid presence of injection risk. Detailed description: Since the official has already released patches and vulnerabilities are no...

German Police eavesdropping Facebook, Gmail, Skype Conversations

An eavesdropping tool allegedly used by the German government to intercept Skype calls is full of security problems and may violate a ruling by the country's constitutional court, according to a European hacker club. The information was released as part of a move towards financial transparency. T...

Compatibility Issues Affecting Signed Microsoft Binaries (2749655)

This host is missing an important security update according to Microsoft 2749655. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : yum-autoupdate update on SL5.x, SL6.x i386/x86_64 (20120925)

The Scientific Linux team was made aware of a problem with the use of temp files in the yum-autoupdate script by Elias Persson. The problem should be corrected in these packages. These packages also include some minor feature updates for each release. For SL5, the script now includes the 'PRERUN'...

Mandriva Linux Security Advisory : mozilla (MDVSA-2012:110-1)

Security issues were identified and fixed in mozilla firefox and thunderbird : Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain...

Mandrake Linux Security Advisory : kernel (MDKSA-2001:037)

A number of security problems have been found in the Linux kernels prior to the latest 2.2.19 kernel. Following is a list of problems based on the 2.2.19 release notes as found on http://www.linux.org.uk/ - binfmtmisc used user pages directly - the CPIA driver had an off-by-one error in the buffe...

Mandrake Linux Security Advisory : inn (MDKSA-2001:010)

WireX discovered a potential temporary file race condition in the inn program. This condition is due partly to the way inn is compiled and configured on some Linux distributions, including Linux-Mandrake, and partly due to the lack of information in the inn package detailing potential security...

Fedora 17 : xen-4.1.3-2.fc17 (2012-11755)

fix for 845444 broke xend under systemd, update to 4.1.3, includes fix for untrusted HVM guest can cause the dom0 to hang or crash XSA-11, CVE-2012-3433 843582 remove some unnecessary cache flushing that slow things down, change python options on xend to reduce selinux problems 845444 Note that...

Scientific Linux Security Update : xen on SL5.x i386/x86_64

Note: Troy Dawson has tested this update on a machine hosting both paravirtualized and fully virtualized machines, both 32 bit and 64 bit. He did the update while all the machines were running, none of them had any problems. He also tried stopping, starting, and rebooting several of the machines...

Apple Ships Safari 6 Security Update

In concert with the release of their highly anticipated Mountain Lion OS X, Apple also updated their Web browser, Safari, including a number of security fixes. Among the security update in Safari 6 are three general patches. The first resolves a cross-site scripting vulnerability that existed in...

Study Examines Security and Privacy in Computer-Related Medical Device Recalls

Nearly one-third of all recalled medical devices contain computers, and half of those are recalled because of computer-related problems, according to a recent study. ‘Security and Privacy Qualities of Medical Devices: An Analysis of FDA Postmarket Surveillance’ was funded by the Department of...

Debian DSA-2513-1 : iceape - several vulnerabilities

Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of SeaMonkey : - CVE-2012-1948 Benoit Jacob, Jesse Ruderman, Christian Holler, and Bill McCloskey identified several memory safety problems that may lead to the execution of arbitrary code. - CVE-2012-1954...

abrt, libreport, btparser, and python-meh security and bug fix update

abrt 2.0.8-6.0.1.el6 - Add abrt-oracle-enterprise.patch to be product neutral - Remove abrt-plugin-rhtsupport dependency for cli and desktop - Make abrt Obsoletes/Provides abrt-plugin-rhtsupprot 2.0.8-6 - enable plugin services after install rhbz820515 - Resolves: 820515 2.0.8-5 - removed the...

Fedora 15 : mumble-1.2.3-4.fc15.1 (2012-8960)

This update fixes a number of startup problems of the mumble server murmur. Additionally it contains a fix for CVE-2012-0863 insecure world-readable permissions on database file of the mumble client. Rebuild for newer protobuf Note that Tenable Network Security has extracted the preceding...