1293 matches found
Debian DSA-3973-1 : wordpress-shibboleth - security update
A cross-site-scripting vulnerability has been discovered in the login form of the Shibboleth identity provider module for Wordpress. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3973. T...
[SECURITY] [DSA 3971-1] tcpdump security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3971-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 13, 2017 https://www.debian.org/security/faq -...
Debian DSA-3971-1 : tcpdump - security update
Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service or, potentially, execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
[SECURITY] [DSA 3969-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3969-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 12, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3966-1] ruby2.3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3966-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 05, 2017 https://www.debian.org/security/faq -...
Debian DSA-3962-1 : strongswan - security update
A denial of service vulnerability was identified in strongSwan, an IKE/IPsec suite, using Google's OSS-Fuzz fuzzing project. The gmp plugin in strongSwan had insufficient input validation when verifying RSA signatures. This coding error could lead to a NULL pointer dereference, leading to process...
Debian DSA-3955-1 : mariadb-10.1 - security update
Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.1.26. Please see the MariaDB 10.1 Release Notes for further details : - https://mariadb.com/kb/en/mariadb/mariadb-10124-release- notes/ -...
Debian: Security Advisory (DSA-3957-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-3953-1 : aodh - security update
Zane Bitter from Red Hat discovered a vulnerability in Aodh, the alarm engine for OpenStack. Aodh does not verify that the user creating the alarm is the trustor or has the same rights as the trustor, nor that the trust is for the same project as the alarm. The bug allows that an authenticated us...
Debian DSA-3941-1 : iortcw - security update
A read buffer overflow was discovered in the idtech3 Quake III Arena family of game engines. This allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted packet. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Debian DSA-3930-1 : freeradius - security update
Guido Vranken discovered that FreeRADIUS, an open source implementation of RADIUS, the IETF protocol for AAA Authorisation, Authentication, and Accounting, did not properly handle memory when processing packets. This would allow a remote attacker to cause a denial-of-service by application crash,...
Debian DSA-3929-1 : libsoup2.4 - security update
Aleksandar Nikolic of Cisco Talos discovered a stack-based buffer overflow vulnerability in libsoup2.4, a HTTP library implementation in C. A remote attacker can take advantage of this flaw by sending a specially crafted HTTP request to cause an application using the libsoup2.4 library to crash...
Debian DSA-3934-1 : git - security update
Joern Schneeweisz discovered that git, a distributed revision control system, did not correctly handle maliciously constructed ssh:// URLs. This allowed an attacker to run an arbitrary shell command, for instance via git submodules. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
[SECURITY] [DSA 3930-1] freeradius security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3930-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 10, 2017 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-3936-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-3931-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 3923-1 (freerdp - security update)
Tyler Bohan of Talos discovered that FreeRDP, a free implementation of the Remote Desktop Protocol RDP, contained several vulnerabilities that allowed a malicious remote server or a man-in-the-middle to either cause a DoS by forcibly terminating the client, or execute arbitrary code on the client...
[SECURITY] [DSA 3918-1] icedove/thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3918-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 25, 2017 https://www.debian.org/security/faq -...
Debian DSA-3917-1 : catdoc - security update
A heap-based buffer underflow flaw was discovered in catdoc, a text extractor for MS-Office files, which may lead to denial of service application crash or have unspecified other impact, if a specially crafted file is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
Debian: Security Advisory (DSA-3918-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...