CVE-2012-0748

CVE-2012-0748 : The affected software is IBM Rational Team Concert (RTC) 4.x prior to 4.0.0.1. The vulnerability involves multiple cross-site request forgery (CSRF) flaws in unspecified services that allow remote attackers to hijack the authentication of arbitrary users and perform requests that ...

kvm security and bug fix update

kvm-83-249.0.1.el5 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch - modify kversion to fix build failure kvm-83-249.el5 - kvm-kernel-KVM-x86-Prevent-starting-PIT-timers-in-the-absence-o.patch bz770101 - CVE: CVE-2011-4622 - Resolves: bz770101...

[SECURITY] Fedora 15 Update: oprofile-0.9.6-21.fc15

OProfile is a profiling system for systems running Linux. The profiling runs transparently during the background, and profile data can be collected at any time. OProfile makes use of the hardware performance counters provided on Intel P6, and AMD Athlon family processors, and can use the RTC for...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Rational Team Concert RTC 3.0 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Work Item 165513...

CVE-2011-2606

IBM Rational Team Concert (RTC) 3.0 Web UI is affected by CVE-2011-2606, a Cross-site Scripting (XSS) flaw in the Web UI exploitable via an unspecified parameter (Work Item 165511). Root cause: unsafe handling of input in the affected page. Impact: remote attacker can inject arbitrary web script ...

CVE-2011-2607

CVE-2011-2607 is described across multiple sources as a Cross-site Scripting (XSS) vulnerability in IBM Rational Team Concert (RTC) 3.0, allowing remote attackers to inject arbitrary script or HTML via an unspecified parameter (Work Item 165513). The connected documents confirm the affected produ...

CVE-2011-1029

CVE-2011-1029 is an XSS in IBM Rational Team Concert (RTC) 2.0.0.x. Remote authenticated users can inject arbitrary script/HTML via the name of a shared report. The supplied documents do not include exploit status, in‑the‑wild details, or a stated remediation patch/version.

Mandriva Linux Security Advisory : kernel (MDVSA-2008:167)

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel : Memory leak in the ipip6rcv function in net/ipv6/sit.c in the Linux kernel before 2.6.25.3 allows remote attackers to cause a denial of service memory consumption via network traffic to a Simple Internet Transition SIT...

udev reissued for 12.2/current

Updated udev packages are available for Slackware 12.2, and -current to fix a serial device ownership regression in 12.2, adjust the perms on /dev/rtc0, and make sure that the /dev/root symlink is properly created. Here are the details from the Slackware 12.2 ChangeLog:...

Fedora 7 : kernel-2.6.22.9-91.fc7 (2007-2349)

Update to Linux 2.6.22.8 and 2.6.22.9: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.9 CVE-2007-4571 The sndmemprocread function in sound/core/memalloc.c in the Advanced Linux Sound Architecture ALSA in the Linux kernel...

Debian DSA-1070-1 : kernel-source-2.4.19 - several vulnerabilities

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2004-0427 A local denial of service vulnerability i...

[SECURITY] [DSA 1069-1] New Linux kernel 2.4.18 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1069-1 [email protected] http://www.debian.org/security/ Martin Schulze, Dann Frazier May 20th, 2006 http://www.debian.org/security/faq -...

Mandrake Linux Security Advisory : kernel (MDKSA-2004:001)

A flaw in bounds checking in mremap in the Linux kernel versions 2.4.23 and previous was discovered by Paul Starzetz. This flaw may be used to allow a local attacker to obtain root privilege. Another minor information leak in the RTC real time clock routines was fixed as well. All Mandrake Linux...

CVE-2003-0984

CVE-2003-0984 affects the Linux kernel RTC code: RTC routines in kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space. Exploitation would require local access (per CVSS data), with partial impact on confidentiality, integrity, and avail...