4753 matches found
Mandriva Linux Security Advisory : kernel (MDVSA-2015:057)
Multiple vulnerabilities has been found and corrected in the Linux kernel : The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AFALG socket with a parenthesized module template expression in the salgname field, as...
[SECURITY] [DLA 174-1] tcpdump security update
Package : tcpdump Version : tcpdump4.1.1-1+deb6u2 CVE ID : CVE-2015-0261 CVE-2015-2154 CVE-2015-2155 Several issues have been discovered with tcpdump in the way it handled some printer protocols. Those issues can lead to denial of service, or, potentially, execution of arbitrary code. CVE-2015-02...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3014)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3014 advisory. - kvm: fix excessive pages un-pinning in kvmiommumap error path. Quentin Casasnovas Orabug: 20687314 CVE-2014-3601 CVE-2014-8369 CVE-2014-3601 -...
Debian DSA-3191-1 : gnutls26 - security update
Multiple vulnerabilities have been discovered in GnuTLS, a library implementing the TLS and SSL protocols. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-0282 GnuTLS does not verify the RSA PKCS 1 signature algorithm to match the signature algorith...
tcpdump multiple security vulnerabilities
Multiple vulnerabilities in protocols dissectors...
[SECURITY] [DSA 3191-1] gnutls26 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3191-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 15, 2015 http://www.debian.org/security/faq -...
CentOS 6 / 7 : bind (CESA-2015:0672)
"Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
bind security update
CentOS Errata and Security Advisory CESA-2015:0672 Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score,...
packETH – Ethernet Packet Generator
packETH Ethernet Packet Generator packETH is GUI and CLI packet generator tool for ethernet. It allows you to create and send any possible packet or sequence of packets on the ethernet link. It is very simple to use, powerful and supports many adjustments of parameters while sending sequence of...
OWASP SSL audit: O-Saft
O-Saft is an easy to use tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations. It’s designed to be used by penetration testers, security auditors or server administrators. The idea is to show the important...
openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2015:0190-1) (POODLE)
OpenJDK was updated to 2.5.4 - OpenJDK 7u75 to fix security issues and bugs : - Security fixes - S8046656: Update protocol support - S8047125, CVE-2015-0395: ref More phantom object references - S8047130: Fewer escapes from escape analysis - S8048035, CVE-2015-0400: Ensure proper proxy protocols ...
Security update for java-1_7_0-openjdk (important)
OpenJDK was updated to 2.5.4 - OpenJDK 7u75 to fix security issues and bugs: Security fixes - S8046656: Update protocol support - S8047125, CVE-2015-0395: ref More phantom object references - S8047130: Fewer escapes from escape analysis - S8048035, CVE-2015-0400: Ensure proper proxy protocols -...
Hackers can Spoof AT&T Phone Messages to steal your Information
Bad news for AT&T customers! You all are vulnerable to phishing scams – thanks to AT&T's text protocols. The actual problem lies in the way AT&T handles its customer alerts via text messages, as it’s very easy for cybercriminals to mimic. In "Phishing" attacks, scammers attempt to trick victims...
Regin Cyberespionage Malware Platform Modules Disclosed
The Regin malware platform used to steal secrets from government agencies, banks and GSM network operators caught the attention of security experts who called it one of the most advanced attack platforms that has been studied, surpassing Flame, Duqu, even Stuxnet. Researchers at Kaspersky Lab sai...
Unspecified Arbitrary Code Execution Vulnerability in Oracle Java SE Hotspot Subcomponent (CNVD-2015-00565)
Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE Hotspot subcomponent, which allows an unauthenticated attacker to exploit the vulnerability to execute arbitrary cod...
Unspecified Arbitrary Code Execution Vulnerability in Oracle Java SE RMI Subware
Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE RMI subcomponent, which allows an unauthenticated attacker to exploit the vulnerability to attack over multiple...
Unspecified Arbitrary Code Execution Vulnerability in Oracle Java SE JAX-WS Subcomponent
Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE JAX-WS subcomponent, which allows an unauthenticated attacker to exploit the vulnerability over multiple protocols,...
Oracle Java SE has a remote vulnerability (CNVD-2015-00477)
Java SE is short for Java Platform Standard Edition, based on the JDK and JRE, for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments. A remote vulnerability exists in Oracle Java SE, which can be exploited by attackers to launch...
[SECURITY] Fedora 20 Update: openssl-1.0.1e-41.fc20
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...
wireshark multiple security vulnerabilities
Memory corruptions in multiple protocols dessectors...