Azure Linux 3.0 Security Update: accountsservice (CVE-2012-6655)

The version of accountsservice installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2012-6655 advisory. - An issue exists AccountService 0.6.37 in the userchangepasswordauthorizedcb function in user.c which...

MiracleLinux 4 : glibc-2.12-1.47.AXS4.9 (AXSA:2012-399:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-399:03 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make...

MiracleLinux 4 : openssh-5.3p1-81.AXS4 (AXSA:2012-593:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-593:02 advisory. SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure...

MiracleLinux 4 : php-pecl-apc-3.1.9-2.AXS4 (AXSA:2012-588:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-588:01 advisory. APC is a free, open, and robust framework for caching and optimizing PHP intermediate code. Security issues fixed with this release: CVE-2010-3294 Cross-site...

MiracleLinux 4 : postgresql-8.4.12-1.0.1.AXS4 (AXSA:2012-661:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-661:02 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselect...

MiracleLinux 3 : drupal-6.27-1.AXS3 (AXSA:2012-1054:02)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2012-1054:02 advisory. Drupal is a free software package that allows an individual or a community of users to easily publish, manage and organize a wide variety of content...

MiracleLinux 4 : nspr-4.9.1-2.AXS4, nss-util-3.13.5-1.AXS4, nss-3.13.5-1.0.1.AXS4 (AXSA:2012-848:04)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-848:04 advisory. Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications...

Oracle Linux 5 : kernel (ELSA-2012-1540-1)

From Red Hat Security Advisory 2012:1540 : Updated kernel packages that fix multiple security issues, two bugs, and add two enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common...

Mozilla: Heap memory corruption issues found using Address Sanitizer (MFSA 2012-86)

Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors...

Fedora 18 : roundcubemail-0.7.3-1.fc18 (2012-12290)

Latest upstream, plus patch for XSS CVE-2012-3507. http://trac.roundcube.net/ticket/1488613 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

Fedora 17 : gc-7.2b-2.fc17 (2012-9556)

Backport upstream fixes for memory allocation related overflows Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additiona...