[SECURITY] Fedora 23 Update: guile-2.0.13-1.fc23

GUILE GNU's Ubiquitous Intelligent Language for Extension is a library implementation of the Scheme programming language, written in C. GUILE provides a machine-independent execution platform that can be linked in as a library during the building of extensible programs. Install the guile package ...

Debian DLA-666-1 : guile-2.0 security update

Several vulnerabilities were discovered in GNU Guile, an implementation of the Scheme programming language. The Common Vulnerabilities and Exposures project identifies the following issues. CVE-2016-8605: The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that...

[SECURITY] [DLA 666-1] guile-2.0 security update

Package : guile-2.0 Version : 2.0.5+1-3+deb7u1 CVE ID : CVE-2016-8605 CVE-2016-8606 Debian Bug : 840555 840556 Several vulnerabilities were discovered in GNU Guile, an implementation of the Scheme programming language. The Common Vulnerabilities and Exposures project identifies the following...

[SECURITY] Fedora 24 Update: guile-2.0.13-1.fc24

GUILE GNU's Ubiquitous Intelligent Language for Extension is a library implementation of the Scheme programming language, written in C. GUILE provides a machine-independent execution platform that can be linked in as a library during the building of extensible programs. Install the guile package ...

DLA-666-1 guile-2.0 - security update

Bulletin has no description...

guile2 -- multiple vulnerabilities

Ludovic Courtès reports: The REPL server is vulnerable to the HTTP inter-protocol attack The ‘mkdir’ procedure of GNU Guile, an implementation of the Scheme programming language, temporarily changed the process’ umask to zero. During that time window, in a multithreaded application, other threads...

Phire CMS 2.0.0 Cross Site Scripting

Title Phire CMS HTTP Request POST /phirecms/phire/config HTTP/1.1 Headers: ... Post Data: datetimeformat=&datetimeformatcustom=%22%3E%3Cscript%3Ealert%281337%29%3C%2Fscript%3E&pagination=25&systemtheme=default&submit=Save HTTP Response...

VX Search Enterprise 9.0.26 Buffer Overflow

!/usr/bin/python print "VX Search Enterprise 9.0.26 Buffer Overflow Exploit" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYSTEM You do not need to be authenticated, password below is...

Dup Scout Enterprise 9.0.28 Buffer Overflow

!/usr/bin/python print "Dup Scout Enterprise 9.0.28 Buffer Overflow Exploit" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYSTEM You do not need to be authenticated, password below is...

Disk Pulse Enterprise 9.0.34 - Buffer Overflow Exploit

Exploit for windows platform in category remote exploits !/usr/bin/python print "Disk Pulse Enterprise 9.0.34 Buffer Overflow Exploit" print "Author: Tulpa // tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpa-security.com Exploit will land you NT...

How to apply advance customizations to Storefront web page

This article describes how to apply advance Customizations to StoreFront web page. Note : Citrix Support will only help with customization that can be done using StoreFront Management Console. For supported customizations refer toProduct Documentation Prerequisites HTML and CSS programming...

libarchive security update

CentOS Errata and Security Advisory CESA-2016:1850 An update for libarchive is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Warning! This Cross-Platform Malware Can Hack Windows, Linux and OS X Computers

Unlike specially crafted malware specifically developed to take advantage of Windows operating system platform, cyber attackers have started creating cross-platform malware for wider exploitation. Due to the rise in popularity of Mac OS X and other Windows desktop alternatives, hackers have begun...

[SECURITY] Fedora 23 Update: python-2.7.11-8.fc23

Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as t...

[SECURITY] Fedora 23 Update: perl-5.22.2-354.fc23

Perl is a high-level programming language with roots in C, sed, awk and she ll scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

Cisco Unified Communications Manager Information Disclosure Vulnerability (CNVD-2016-06424)

Cisco Unified Communications Manager CUCM, Unified CM is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. An information disclosure hole exists in the...

Medium: golang

Issue Overview: An input-validation flaw was discovered in the Go programming language built in CGI implementation, which set the environment variable "HTTPPROXY" using the incoming "Proxy" HTTP-request header. The environment variable "HTTPPROXY" is used by numerous web clients, including Go's...

[SECURITY] Fedora 24 Update: mingw-libarchive-3.2.1-2.fc24

Libarchive is a programming library that can create and read several differ ent streaming archive formats, including most popular tar variants, several cpio formats, and both BSD and GNU ar variants. It can also write shar archives and read ISO9660 CDROM images and ZIP archives...

foreman: API and UI actions/URLs not limited to the orgs/locations assigned

It was found that the foreman API and UI actions and URLs are not properly limited to the organizations and locations they were assigned to. This could allow an attacker to view and update other organizations and locations in the system that they should not be allowed to...

IBM API Connect and NPM Remote Information Disclosure Vulnerability

IBM API Connect is a suite of integrated solutions for managing the API lifecycle and IBM NPM is a suite of NodeJS package management and distribution tools. A security vulnerability exists in IBM API Connect and NPM that allows remote attack attackers to submit special requests to obtain sensiti...