[SECURITY] Fedora 20 Update: libreoffice-4.2.6.3-3.fc20

LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...

[SECURITY] Fedora 20 Update: qemu-1.6.2-8.fc20

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

Fake Cell Phone Towers Could Be Intercepting Your Calls

A notable number of cell phone towers around the United States are rogue that, according to latest report, could spoof legitimate towers and intercept calls. The research carried out by ESD America, a defense and law enforcement technology firm based in Las Vegas, shows that a rogue cell phone...

Cisco IOS XR Software Packet Parsing Denial of Service Vulnerability

A vulnerability in the packet parsing code of Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause a lockup and eventual reload of a Network Processor NP chip and a line card processing traffic. The vulnerability is due ...

CVE-2013-6306

Unspecified vulnerability on IBM Power 7 Systems 740 before 740.70 01Ax740121, 760 before 760.40 Ax760078, and 770 before 770.30 01Ax770062 allows local users to gain Service Processor privileges via unknown vectors...

Code injection

Unspecified vulnerability on IBM Power 7 Systems 740 before 740.70 01Ax740121, 760 before 760.40 Ax760078, and 770 before 770.30 01Ax770062 allows local users to gain Service Processor privileges via unknown vectors...

CVE-2013-6306

Unspecified vulnerability on IBM Power 7 Systems 740 before 740.70 01Ax740121, 760 before 760.40 Ax760078, and 770 before 770.30 01Ax770062 allows local users to gain Service Processor privileges via unknown vectors...

CVE-2013-6306

CVE-2013-6306 concerns IBM Power 7 Systems (740 before 740.70 01Ax740_121; 760 before 760.40 Ax760_078; 770 before 770.30 01Ax770_062). The vulnerability allows local users to gain Service Processor privileges via unknown vectors. No root-cause, vector, or remediation details are provided beyond ...

httpd: mod_deflate denial of service

A denial of service flaw was found in the way httpd's moddeflate module handled request body decompression configured via the "DEFLATE" input filter. A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and C...

Cisco IOS XR MPLS and Network Processor (NP) Chip DoS (Typhoon-based Line Cards)

The remote Cisco device is running a version Cisco IOS XR software that is potentially affected by a denial of service vulnerability related the handling of maliciously crafted MPLS Multiprotocol Label Switching packets routed by a bridge-group virtual interface. Note that this issue only affects...

httpd: mod_deflate denial of service

A denial of service flaw was found in the way httpd's moddeflate module handled request body decompression configured via the "DEFLATE" input filter. A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and C...

[SECURITY] Fedora 20 Update: qemu-1.6.2-7.fc20

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

kernel: x86_64: ptrace: sysret to non-canonical address

It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially...

httpd: mod_deflate denial of service

A denial of service flaw was found in the way httpd's moddeflate module handled request body decompression configured via the "DEFLATE" input filter. A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and C...

httpd: mod_deflate denial of service

A denial of service flaw was found in the way httpd's moddeflate module handled request body decompression configured via the "DEFLATE" input filter. A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and C...

SAP Sybase Event Stream Processor esp_parse Remote Code Execution (CVE-2014-3457)

Two unsafe pointer dereference vulnerabilities have been reported in SAP Sybase Event Stream Processor ESP. These vulnerabilities are caused by the listening service accepting unsanitized pointers in XMLRPC requests. A remote attacker can leverage these vulnerabilities by sending crafted requests...

Cisco IOS XR Software MPLS Packet Denial of Service Vulnerability

A vulnerability in parsing crafted Multiprotocol Label Switching MPLS packets in Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause a lockup and eventual reload of a network processor chip and a line card processing...

SAP Sybase Event Stream Processor esp_parse ConnectionType Unsafe Pointer Dereference (CVE-2014-3458)

Five unsafe pointer dereference vulnerabilities have been reported in SAP Sybase Event Stream Processor ESP. These vulnerabilities are caused by the listening service accepting unsanitized pointers in XMLRPC requests. By sending crafted requests to a vulnerable server, an remote attacker can caus...

DEBIAN-CVE-2014-4720

Email::Address module before 1.904 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service CPU consumption via vectors related to "backtracking into the phrase," a different vulnerability than CVE-2014-0477...

[SECURITY] Fedora 19 Update: libreoffice-4.1.6.2-7.fc19

LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...