Debian Security Advisory DSA 047-1 (various kernel packages)

The remote host is missing an update to various kernel packages announced via advisory DSA 047-1. OpenVAS Vulnerability Test $Id: deb0471.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 047-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-638-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 788-1 (kismet)

The remote host is missing an update to kismet announced via advisory DSA 788-1. Several security related problems have been discovered in kismet, a wireless 802.11b monitoring tool. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-2626 Insecure handlin...

openSUSE 10 Security Update : kernel (kernel-4752)

This kernel update fixes the following security problems : ++ CVE-2007-3104: The sysfsreaddir function in the Linux kernel 2.6 allows local users to cause a denial of service kernel OOPS by dereferencing a NULL pointer to an inode in a dentry. ++ CVE-2007-4997: A 2 byte buffer underflow in the...

SuSE 10 Security Update : Java 1.4.2 (ZYPP Patch Number 2426)

The SUN Java packages have been upgraded to 1.4.2 update 13 to fix various security problems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid29471;...

SuSE 10 Security Update : madwifi (ZYPP Patch Number 3897)

The madwifi driver and userland packages were updated to 0.9.3.1. Please note that while the RPM version still says '0.9.3', the content is the 0.9.3.1 version. This updates fixes following security problems : - The 802.11 network stack in net80211/ieee80211input.c in MadWifi before 0.9.3.1 allow...

SuSE 10 Security Update : ImageMagick (ZYPP Patch Number 2048)

Several security problems have been fixed in ImageMagick : - Several heap buffer overflow were found in the Sun Bitmap decoder of ImageMagick by an audit by the Google Security Team. This problem could be exploited by an attacker to execute code. CVE-2006-3744 - Multiple buffer overflows were fou...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 2399)

This kernel update fixes the following security problems : - A bug within the UDF filesystem that caused machine hangs when truncating files on the filesystem was fixed. 186226. CVE-2006-4145 - A potential crash when receiving IPX packets was fixed. This problem is thought not to be exploitable...

SuSE 10 Security Update : gzip (ZYPP Patch Number 2085)

This update fixes several security problems that can be exploited to compromise the system in conjunction with other programs while processing malformated archive files. CVE-2006-4334 / CVE-2006-4335 / CVE-2006-4336 / CVE-2006-4337 / CVE-2006-4338 %NASLMINLEVEL 70300 C Tenable Network Security,...

SuSE 10 Security Update : gnomemeeting (ZYPP Patch Number 3163)

This update fixes format string problems in gnomemeeting which might be used by remote attackers to crash gnomemeeting and on older distributions potentially execute code. CVE-2007-1007 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 1896)

This kernel update fixes the following security problems : - A race condition allows local users to gain root privileges by changing the file mode of /proc/self/ files in a way that causes those files for instance /proc/self/environ to become setuid root. 192688. CVE-2006-3626 - A stack-based...

openSUSE 10 Security Update : kernel (kernel-4749)

This kernel update fixes the following security problems : ++ CVE-2007-5500: A buggy condition in the ptrace attach logic can be used by local attackers to hang the machine. ++ CVE-2007-5501: The tcpsacktagwritequeue function in net/ipv4/tcpinput.c allows remote attackers to cause a denial of...

Authenticating security providers fails due to ClassLoader bugs

If the Trusted Application feature is not working and the following is seen noformat WARN atlassian.seraph.filter.TrustedApplicationsFilter Failed to login trusted application: confluence1234567 due to: com.atlassian.security.auth.trustedapps.InvalidCertificateException:...

openSUSE 10 Security Update : kernel (kernel-4641)

This kernel update fixes the following security problems : ++ CVE-2006-6058: A local denial of service when mounting MINIX filesystems was fixed. ++ CVE-2007-4997: A 2 byte buffer underflow in the ieee80211 stack was fixed, which might be used by attackers in WLAN reach to crash the machine. and...

openSUSE 10 Security Update : kernel (kernel-2635)

This kernel update fixes the following security problems : - CVE-2006-2936: The ftdisio driver allowed local users to cause a denial of service memory consumption by writing more data to the serial port than the hardware can handle, which causes the data to be queued. This requires this driver to...

openSUSE 10 Security Update : gnomemeeting (gnomemeeting-3162)

This update fixes format string problems in gnomemeeting. CVE-2007-1007 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update gnomemeeting-3162. The text description of this plugin is C SUSE LLC...

openSUSE 10 Security Update : opera (opera-3903)

This versionupdate of Opera to 9.22 fixes numerous defects including some security problems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update opera-3903. The text description of this plugin is ...

Fedora Core 6 : kernel-2.6.22.1-32.fc6 (2007-655)

Rebase kernel to 2.6.22.1: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.1 Includes the CFS scheduler from upstream kernel 2.6.23. Fixes since initial 2.6.22 test kernel was released: Fix timer problems and failure to boo...

liberoit-xss.txt

The Italian ISP Libero.it not check the HTTP POST Parameter "pQuery" on search query and displays the content of this variable without modification within the html form area. Security problems on Libero's 155.it allows attackers to conduct XSS attacks for the following URL:...

Solaris finger bug

Hi all: Recently, we monitored a cracker from Eastern Europe, who ran 'finger 9@host' against a Solaris 7 box, and got the following result: Login Name TTY Idle When Where daemon ??? . . . . bin ??? pts/1 Oct 2, 2002 xxx.lbl.gov sys ??? . . . . account1 ??? pts/8 Jul 20, 2000 yyy.lbl.gov account2...