410 matches found
RHEL 5 : php-pear (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - php-pear: File overwrite by malicious server CVE-2017-5630 Note that Nessus has not tested for this issue but has...
RHEL 5 : apr-util (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - apr-util, httpd: Billion laughs attack regression CVE-2016-6312 Note that Nessus has not tested for this issue but...
RHEL 5 : libxinerama (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libXinerama: Integer overflow leading to heap-based buffer overflow CVE-2013-1985 Note that Nessus has not tested f...
RHEL 5 : nfs-utils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nfs-utils: rpc.gssd is vulnerable to DNS spoofing CVE-2013-1923 Note that Nessus has not tested for this issue but...
RHEL 5 : tog-pegasus (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - tog-pegasus: xml hash table collision CPU usage DoS CVE-2011-4967 Note that Nessus has not tested for this issue bu...
RHEL 5 : sos (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - sos: Usage of predictable temporary files allows privilege escalation CVE-2015-7529 Note that Nessus has not tested...
RHEL 5 : flex (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - flex: Recursive calls in the function markbeginningasnormal resulting in a denial of service CVE-2019-6293 Note tha...
RHEL 5 : Red Hat JBoss Enterprise Application Platform 6.4.19 (RHSA-2018:0271)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0271 advisory. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red...
RHEL 5 : redhat-ds-base (RHSA-2008:0269)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2008:0269 advisory. Red Hat Directory Server is an LDAPv3 compliant server. The redhat-ds-base package includes the LDAP server and command line utilities for server...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
RHEL 5 : Red Hat JBoss Enterprise Application Platform 6.4.23 (RHSA-2020:2781)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2781 advisory. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS. The vulnerability exists as the fix for CVE-2011-2482 provided by RHSA-2011:1212 introduced a regression: on systems that do not have Security-Enhanced Linux SELinux in Enforcing mode, a socket lock race could occur between sctprcv and sctpaccept. A...
Denial Of Service (DoS)
openswan is vulnerable to denial of service DoS. The vulnerability exists as a use-after-free flaw was found in the way Openswan's pluto IKE daemon used cryptographic helpers. A remote, authenticated attacker could send a specially-crafted IKE packet that would crash the pluto daemon. This issue...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the backported stack unwinder fixes in Red Hat Enterprise Linux 5. On AMD64 and Intel 64 platforms, a local user could trigger this flaw and cause a denial of service...
Arbitrary Code Execution
cups is vulnerable to arbitrary code execution. The vulnerability exists as a heap buffer overflow flaw was found in a CUPS administration interface CGI script. A local attacker able to connect to the IPP port TCP port 631 could send a malicious request causing the script to crash or, potentially...
Denial Of Service (DoS)
httpd is vulnerable to denial of service DoS. The vulnerability exists as the Apache HTTP Server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and caus...
Design/Logic Flaw
frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Linux 5 are built with an insecure RPATH set in the ELF header of multiple binaries in /usr/bin/f e.g. fcore, fcatch, fstack, fstep, ... shipped in the package. A local attacker can exploit this vulnerability by running arbitrary...
CVE-2008-3278
frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Linux 5 are built with an insecure RPATH set in the ELF header of multiple binaries in /usr/bin/f e.g. fcore, fcatch, fstack, fstep, ... shipped in the package. A local attacker can exploit this vulnerability by running arbitrary...