12 matches found
RHCOS 6 : rubygem-activesupport (RHSA-2013:0202)
The remote Red Hat Enterprise Linux CoreOS 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2013:0202 advisory. - rubygem-activesupport: json to yaml parsing CVE-2013-0333 Note that Nessus has not tested for this issue but has instead relied only on the...
MiracleLinux 4 : httpd-2.2.15-28.0.1.AXS4 (AXSA:2013-442:03)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-442:03 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2012-3499 Multiple cross-sit...
MiracleLinux 4 : mesa-9.0-0.8.AXS4.3 (AXSA:2013-474:02)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-474:02 advisory. Mesa Security issues fixed with this release: CVE-2013-1872 CVE-2013-1993 No description available at the time of writing, please refer to the CVE...
MiracleLinux 4 : krb5-1.10.3-10.AXS4.3 (AXSA:2013-483:04)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-483:04 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending...
MiracleLinux 4 : 389-ds-base-1.2.11.15-20.AXS4 (AXSA:2013-585:04)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-585:04 advisory. 389 Directory Server is an LDAPv3 compliant server. The base package includes the LDAP server and command line utilities for server administration. Security...
wireshark: MQ dissector crash (wnpa-sec-2013-58, upstream bug 9079)
The dissectmqrr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service application crash via a crafted packet...
Oracle Linux 5 : kernel (ELSA-2013-1166-1)
From Red Hat Security Advisory 2013:1166 : Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System...
Oracle Linux 5 : bind97 (ELSA-2013-1115)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-1115 advisory. 32:9.7.0-17.P2.2 - fix for CVE-2013-4854 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...
Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2013-0602)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0602 advisory. 1.7.0.9-2.3.8.0.0.1.el64 - Update DISTRONAME in specfile 1.7.0.9-2.3.8.0el6 - Revert to rhel 6.3 version of spec file - Revert to icedtea7 2.3.8 forest...
Oracle Linux 5 / 6 : pidgin (ELSA-2013-0646)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0646 advisory. - Add patch for CVE-2013-0274 RH bug 910653. - Add patch for CVE-2013-0273 RH bug 910653. - Add patch for CVE-2013-0272 RH bug 910653. - Add patch...
Mozilla: Out-of-bounds write in Cairo library (MFSA 2013-31)
Integer signedness error in the pixmanfillsse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows...
Mozilla: Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer (MFSA 2013-28)
Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecifie...