4986 matches found
[SECURITY] [DSA 2438-1] raptor security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2438-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 22, 2012 http://www.debian.org/security/faq -...
Debian DSA-2438-1 : raptor - programming error
It was discovered that Raptor, a RDF parser and serializer library, allows file inclusion through XML entities, resulting in information disclosure. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...
[SECURITY] [DSA 2438-1] raptor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2438-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 22, 2012 http://www.debian.org/security/faq -...
Mystery of Duqu Programming Language Solved
Mystery of Duqu Programming Language Solved An appeal for help from the programming community has allowed antivirus analysts to classify the unknown language used to develop key components of the Duqu Trojan. The sections responsible for downloading and executing additional modules in the Duqu...
Duqu's 'Mystery Code' Not New – Just 'Old School'
Researchers around the world put their heads together and solved the identity of ‘mystery code’ in the Duqu Trojan horse program, researchers from Kaspersky Lab announced on Monday. Weeks after announcing that they had discovered computer code of unknown provenance in the innards of the Duqu...
Fedora Update for ldns FEDORA-2011-13895
Check for the Version of ldns OpenVAS Vulnerability Test Fedora Update for ldns FEDORA-2011-13895 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Fedora Update for xchat-ruby FEDORA-2012-1334
Check for the Version of xchat-ruby OpenVAS Vulnerability Test Fedora Update for xchat-ruby FEDORA-2012-1334 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
[20120303] - Core - Privilege Escalation
Programming error allows privilege escalation in some cases...
Mystery of Duqu Deepens As Researchers Ponder Unknown Programming Language
Segments of code within the mysterious information stealing trojan, Duqu, seem to have been written in an unknown programming language according to a new report from Securelist. Kaspersky Lab Expert, Igor Soumenkov claims that Duqu’s payload DLL initially looked like standard Windows executable,...
GCC 4.6.3 Released with 70 bug-fixes
GCC 4.6.3 Released with 70 bug-fixes The GNU Compiler Collection version 4.6.3 has been released. Jakub Jelinek of Red Hat announced the release this morning of GCC 4.6.3. Over GCC 4.6.2 there's over 70 bug-fixes and other work. However, all of the exciting work meanwhile is going into what will...
EasyFTP Server 1.7.0.11 - APPE Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - APPE Remote Buffer Overflow !/usr/bin/env python -- coding: latin-1 -- / / / / / / // / / -/ - / // / / / / // / ////,//////,// ///, / // nullsecurity team Easy FTP server remote exploit DATE 03/03/2012 DESCRIPTION Easy FTP Server - "APPE" command buffer overflow -...
Linux Kernel epoll Subsystem “eventpoll.c”多个本地拒绝服务漏洞
BUGTRAQ ID: 46630 CVE ID: CVE-2011-1082,CVE-2011-1083 Linux Kernel是Linux操作系统的内核。 Linux Kernel 2.6.38之前版本的fs/eventpoll.c在epoll子系统的实现上存在本地拒绝服务安全漏洞,将epoll文件描述符放置在其他epoll数据结构中,没有检查已关闭的循环或深链接,攻击者可利用此漏洞造成拒绝服务 0 Linux kernel 2.6.38 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.kernel.or...
PHP Calendar Extension “SdnToJulian()”远程整数溢出漏洞
BUGTRAQ ID: 46967 CVE ID: CVE-2011-1466 PHP是一种在电脑上运行的脚本语言,主要用途是在于处理动态网页,包含了命令行运行接口或者产生图形用户界面程序。 PHP 5.3.6之前版本的Calendar扩展中的SdnToJulian函数在实现上存在整数溢出漏洞,可使攻击者通过calfromjd函数的首个参数造成拒绝服务 0 PHP 5.3.x 厂商补丁: PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.php.net...
Fedora Update for xchat-ruby FEDORA-2012-1325
Check for the Version of xchat-ruby OpenVAS Vulnerability Test Fedora Update for xchat-ruby FEDORA-2012-1325 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
[SECURITY] Fedora 15 Update: xchat-ruby-1.2-11.fc15
For those of us that prefer the Ruby programming language above all others, the XChat-Ruby Plugin now allows X-Chat plugins to be written in Ruby, in addition to the other supported scripting interfaces. This means that, for the first time, you can use a purely object-oriented language in which t...
[SECURITY] Fedora 16 Update: xchat-ruby-1.2-11.fc16
For those of us that prefer the Ruby programming language above all others, the XChat-Ruby Plugin now allows X-Chat plugins to be written in Ruby, in addition to the other supported scripting interfaces. This means that, for the first time, you can use a purely object-oriented language in which t...
PHP 5.3.x libxslt安全限制绕过漏洞
BUGTRAQ ID: 51806 CVE ID: CVE-2012-0057 PHP是一种在电脑上运行的脚本语言,主要用途是在于处理动态网页,包含了命令行运行接口或者产生图形用户界面程序。 PHP在libxslt安全设置上存在漏洞,可使远程攻击者通过使用了libxslt输出扩展的特制XSLT样式表创建任意文件。 0 PHP 5.3.x 厂商补丁: PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.php.net...
stoneware webnetwork6 - Multiple Vulnerabilities
Stoneware WebNetwork6 Vulnerability Assessment CVE-2012-0285 – XSS CVE-2012-0286 - CSRF Conducted by: Leland Public Schools Stoneware Customer Jacob Holcomb Network Engineer for LPS Conducted for: Leland Public Schools Purchaser of WebNetwork product. Test was to assure cloud security Stoneware...
stoneware webnetwork6 - Multiple Vulnerabilities
stoneware webnetwork6 - Multiple Vulnerabilities Stoneware WebNetwork6 Vulnerability Assessment CVE-2012-0285 – XSS CVE-2012-0286 - CSRF Conducted by: Leland Public Schools Stoneware Customer Jacob Holcomb Network Engineer for LPS Conducted for: Leland Public Schools Purchaser of WebNetwork...
Stoneware WebNetwork6 Cross Site Request Forgery / Cross Site Scripting
Stoneware WebNetwork6 Vulnerability Assessment Conducted by: Leland Public Schools Stoneware Customer Jacob Holcomb Network Engineer for LPS Conducted for: Leland Public Schools Purchaser of WebNetwork product. Test was to assure cloud security Stoneware INC. Discovered Zero Day vulnerabilities...