EUVD-2004-0434

Malware in sbrugna...

[SECURITY] [DSA 5285-1] asterisk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5285-1 [email protected] https://www.debian.org/security/ Markus Koschany November 17, 2022 https://www.debian.org/security/faq -...

WannaCry Development Errors Enable File Recovery

WannaCry may have caused worldwide havoc on May 12 when it rode the coattails of the NSA’s weaponized EternalBlue exploit to infect computers in 150 countries, but that doesn’t mean it was a quality piece of ransomware. A number of programming errors in the code are floating to the surface and...

Programmers are also people who also make mistakes

It's the first part of our talk with Daniil Svetlov at his radio show "Safe Environment" or "Safe Wednesday" - kind of wordplay in Russian recorded 29.03.2017. We were discussing why Software Vulnerabilities are everyone's problem. Full video in Russian without subtitles is available here. I adde...

Updated icoutils packages fix security vulnerability

Multiple programming errors in the wrestool tool of the icoutils suite allows denial of service or the execution of arbitrary code if a malformed binary is parsed CVE-2017-5208, CVE-2017-5331, CVE-2017-5332, CVE-2017-5333...

Debian: Security Advisory (DSA-3765-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Patched libarchive Vulnerabilities Have Big Reach

The libarchive programming library was recently patched against three critical memory-related vulnerabilities that could be abused to execute code on computers running the vulnerable software. As is the case with most open source software packages, patching the core library is only half the battl...

100 Kenya government websites breached by Indonesian hacker

100 Kenya government websites breached by Indonesian hacker An Indonesian hacker on Tuesday attacked and defaced more than 100 Kenya government websites Among the ministries affected include the Ministries of Local Government, Livestock, Environment, Fisheries, Housing, and Industrialisation in a...

DHS Unveils Effort to Focus on Software Security

The long string of attacks against popular Web sites, high-profile companies such as Sony, and government networks has brought the problem of common and easily exploitable vulnerabilities into the public eye, and the Department of Homeland Security today is unveiling a new effort to help address...

Hackers Increasingly Look For Configuration Errors

Hackers appear to be increasingly counting on configuration problems and programming errors rather than software vulnerabilities in order to steal information from computer systems, according to a new study based on U.S. Secret Service investigations. Read the full article. IDG News Service...

Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires user interaction in that a victim must open a malicious PUB file. The specific flaw exists within the code responsible for converting files from the Publishe...

Top 25 Dangerous Programming Errors Updated

The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of widespread and critical programming errors that can lead to serious software vulnerabilities. Read the full article. Common Weakness Enumeration/Mitre...

Mandriva Linux Security Advisory : wordnet (MDVSA-2008:182-1)

Rob Holland found several programming errors in WordNet which could lead to the execution or arbitrary code when used with untrusted input CVE-2008-2149, CVE-2008-3908. Update : The previous patch had a typo that caused incorrect behaviour in WordNet. This update uses an update patch that correct...

Mandriva Linux Security Advisory : pulseaudio (MDVSA-2008:065)

Luigi Auriemma found a few programming errors in Pulseaudio, that can be used to crash the Pulseaudio daemon, by authenticated and unauthenticated users. The updated packages fix these issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

Mandriva Update for wordnet MDVSA-2008:182-1 (wordnet)

Check for the Version of wordnet OpenVAS Vulnerability Test Mandriva Update for wordnet MDVSA-2008:182-1 wordnet Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Mandriva Update for wordnet MDVSA-2008:182-1 (wordnet)

Check for the Version of wordnet OpenVAS Vulnerability Test Mandriva Update for wordnet MDVSA-2008:182-1 wordnet Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Gentoo Security Advisory GLSA 200512-01 (Perl)

The remote host is missing updates announced in advisory GLSA 200512-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Debian: Security Advisory (DSA-1634-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200512-01 (Perl)

The remote host is missing updates announced in advisory GLSA 200512-01. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1634-1 (wordnet)

The remote host is missing an update to wordnet announced via advisory DSA 1634-1. OpenVAS Vulnerability Test $Id: deb16341.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1634-1 wordnet Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...