Debian DLA-347-1 : putty security update

It was discovered that PuTTY's terminal emulator did not properly validate the parameter to the ECH erase characters control sequence, allowing a denial of service and possibly remote code execution. For the oldoldstable distribution squeeze, this problem has been fixed in version...

DLA-347-1 putty - security update

Bulletin has no description...

[SECURITY] Fedora 21 Update: ProDy-1.7.1-1.fc21

ProDy is a free and open-source Python package for protein structure, dynam ics, and sequence analysis. It allows for comparative analysis and modeling of protein structural dynamics and sequence co-evolution. Fast and flexible P roDy API is for interactive usage as well as application developmen...

[SECURITY] Fedora 22 Update: ProDy-1.7.1-1.fc22

ProDy is a free and open-source Python package for protein structure, dynam ics, and sequence analysis. It allows for comparative analysis and modeling of protein structural dynamics and sequence co-evolution. Fast and flexible P roDy API is for interactive usage as well as application developmen...

[SECURITY] Fedora 23 Update: ProDy-1.7.1-1.fc23

ProDy is a free and open-source Python package for protein structure, dynam ics, and sequence analysis. It allows for comparative analysis and modeling of protein structural dynamics and sequence co-evolution. Fast and flexible P roDy API is for interactive usage as well as application developmen...

grep security and bug fix update

2.20-2 - Fixed invalid UTF-8 byte sequence error in PCRE mode by pcre-backported-fixes patch Resolves: rhbz1217080 - Fixed buffer overrun for grep -F Resolves: CVE-2015-1345 - Fixed \w and \W behaviour in multibyte locales Resolves: rhbz1159012 - Documented --fixed-regexp option Resolves:...

DEBIAN-CVE-2015-8217

The ffhevcparsesps function in libavcodec/hevcps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted High Efficiency Video Coding HEVC da...

GE Hydran M2 Predictable TCP Initial Sequence Vulnerability

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on February 10, 2015, and is being released to the NCCIC/ICS-CERT web site. Raheem Beyah, David Formby, and San Shin Jung of Georgia Tech, via a research project partially sponsored by the Georgia Tech National...

putty: arbitrary code execution

A potential memory-corrupting integer overflow has been discovered in the handling of the ECH erase characters control sequence in the terminal emulator. To exploit a vulnerability in the terminal emulator, an attacker must be able to insert a carefully crafted escape sequence into the terminal...

Updated putty packages fix security vulnerability

Versions of PuTTY 0.54 and 0.65 inclusive have a potentially memory-corrupting integer overflow in the handling of the ECH erase characters control sequence in the terminal emulator CVE-2015-5309...

MGASA-2015-0442 Updated putty packages fix security vulnerability

Versions of PuTTY 0.54 and 0.65 inclusive have a potentially memory-corrupting integer overflow in the handling of the ECH erase characters control sequence in the terminal emulator CVE-2015-5309...

FreeBSD : PuTTY -- memory corruption in terminal emulator's erase character handling (0cb0afd9-86b8-11e5-bf60-080027ef73ec)

Ben Harris reports : Versions of PuTTY and pterm between 0.54 and 0.65 inclusive have a potentially memory-corrupting integer overflow in the handling of the ECH erase characters control sequence in the terminal emulator. To exploit a vulnerability in the terminal emulator, an attacker must be ab...

IBM Security Guardium Access Privilege Vulnerability

IBM Security Guardium is a data activity monitor product from IBM USA. The product offers features such as automated controls for compliance and protection against internal and external threats. A security vulnerability exists in the diag script of IBM Security Guardium. A local attacker could...

PuTTY -- memory corruption in terminal emulator's erase character handling

Ben Harris reports: Versions of PuTTY and pterm between 0.54 and 0.65 inclusive have a potentially memory-corrupting integer overflow in the handling of the ECH erase characters control sequence in the terminal emulator. To exploit a vulnerability in the terminal emulator, an attacker must be abl...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3093)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-3093 advisory. 2.6.39-400.264.5 - virtio-net: drop NETIFFFRAGLIST Jason Wang Orabug: 22145599 CVE-2015-5156 Tenable has extracted the preceding description block directly...

[SECURITY] Fedora 23 Update: seqan-1.4.2-21.fc23

SeqAn is an open source C++ library of efficient algorithms and data struct ures for the analysis of sequences with the focus on biological data. Our library applies a unique generic design that guarantees high performanc e, generality, extensibility, and integration with other libraries...

CVE-2004-0230

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service connection loss to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP...

CVE-1999-0077

Predictable TCP sequence numbers allow spoofing...

Eaton Cooper Power Series Form 6 Control and Idea/IdeaPlus Relays with Ethernet Vulnerability

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on January 6, 2015, and is now being released to the NCCIC/ICS-CERT web site. Dr. Raheem Beyah, David Formby, and San Shin Jung of Georgia Tech, via a research project partially sponsored by the Georgia Tech Nationa...

Oracle: Security Advisory (ELSA-2011-0909)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...