Scientific Linux Security Update : dhcp on SL4.x, SL5.x, SL6.x i386/x86_64

The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. Two denial of service flaws were found in the way the dhcpd daemon handle...

CentOS Update for curl CESA-2011:0918 centos4 x86_64

Check for the Version of curl OpenVAS Vulnerability Test CentOS Update for curl CESA-2011:0918 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

CentOS Update for finch CESA-2012:1102 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for cifs-utils FEDORA-2012-10453

Check for the Version of cifs-utils OpenVAS Vulnerability Test Fedora Update for cifs-utils FEDORA-2012-10453 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

RedHat Update for pidgin RHSA-2012:1102-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

[SECURITY] Fedora 17 Update: cifs-utils-5.5-2.fc17

The SMB/CIFS protocol is a standard file sharing protocol widely deployed on Microsoft Windows machines. This package contains tools for mounting shares on Linux using the SMB/CIFS protocol. The tools in this package work in conjunction with support in the kernel to allow one to mount a SMB/CIFS...

Authentication Capture: MySQL

This module provides a fake MySQL service that is designed to capture authentication credentials. It captures challenge and response pairs that can be supplied to Cain or JtR for cracking. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2012-1870

The CBC mode in the TLS protocol, as used in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and other products, allows remote web servers to obtain plaintext data by triggering multiple requests to a...

CVE-2012-2318

CVE-2012-2318 affects Pidgin (libpurple) via the MSN protocol plugin. The issue arises from how msg.c handles crafted characters in a text/plain message, enabling a remote server to trigger a denial of service (application crash). Affected version: Pidgin prior to 2.10.4 (libpurple MSN plugin). S...

CVE-2012-2654

The 1 EC2 and 2 OS APIs in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restriction...

mysql-vuln-cve2012-2122 NSE Script

Attempts to bypass authentication in MySQL and MariaDB servers by exploiting CVE2012-2122. If its vulnerable, it will also attempt to dump the MySQL usernames and password hashes. All MariaDB and MySQL versions up to 5.1.61, 5.2.11, 5.3.5, 5.5.22 are vulnerable but exploitation depends on whether...

Ubuntu Update for nova USN-1466-1

Ubuntu Update for Linux kernel vulnerabilities USN-1466-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14661.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for nova USN-1466-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

CVE-2012-1012

server/serverstubs.c in the kadmin protocol implementation in MIT Kerberos 5 aka krb5 1.10 before 1.10.1 does not properly restrict access to 1 SETSTRING and 2 GETSTRINGS operations, which might allow remote authenticated administrators to modify or read string attributes by leveraging the global...

USN-1465-2: Ubuntu One storage protocol update

USN-1465-1 fixed a vulnerability in the Ubuntu One Client. This update adds a required fix to the Ubuntu One storage protocol library. Original advisory details: It was discovered that the Ubuntu One Client incorrectly validated server certificates when using HTTPS connections. If a remote attack...

Fedora Update for openssl FEDORA-2012-8024

Check for the Version of openssl OpenVAS Vulnerability Test Fedora Update for openssl FEDORA-2012-8024 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

eppc-enum-processes NSE Script

Attempts to enumerate process info over the Apple Remote Event protocol. When accessing an application over the Apple Remote Event protocol the service responds with the uid and pid of the application, if it is running, prior to requesting authentication. Example Usage nmap -p 3031 --script...

Moderate: Red Hat Security Advisory: Red Hat Enterprise MRG Messaging 2.1 security and enhancement update

Updated Messaging packages that resolve one security issue, fix multiple bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.1 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common...

Crlf injection

curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the 1 IMAP, 2 POP3, or 3 SMTP protocol...

Intuit Help System Protocol File Retrieval

Intuit Help System Protocol File Retrieval Derek Soeder [email protected] Reported to [email protected] on March 15, 2012; vendor did not respond. Reported to CERT on March 22, 2012; vendor did not respond. Responsible disclosure failed with error code 10060. Published: March 30, 2012 AFFECT...

Cisco IOS Software Multicast Source Discovery Protocol Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...