RHEL 5 : iproute (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - iproute: multiple insecure temporary file use issues CVE-2012-1088 Note that Nessus has not tested for this issue b...

RHEL 4 : foomatic (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - foomatic: foomatic-rip debug mode insecure temporary file use in renderer command line by processing...

Arbitrary File Overwrite

cman is vulnerable to arbitrary file overwrites. The vulnerability exists as multiple insecure temporary file use flaws were found in fenceapcsnmp and ccstool. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities typically root with th...

Arbitrary Code Execution

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Ja...

Privilege Escalation

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when...

RHEL 6 : sos (RHSA-2016:0152)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2016:0152 advisory. The sos package contains a set of tools that gather information from system hardware, logs and configuration files. The information can then be used...

CentOS 6 / 7 : java-1.8.0-openjdk (CESA-2015:1228) (Bar Mitzvah) (Logjam)

Updated java-1.8.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Fedora 21 : qemu-2.1.3-8.fc21 (2015-9599)

User interface freezes when entering space character in Xfig bz 1151253 - CVE-2015-4037: insecure temporary file use in /net/slirp.c bz 1222894 - Backport Haswell,Broadwell-noTSX cpu models bz 1213053 Note that Tenable Network Security has extracted the preceding description block directly from...

FreeBSD : PHP multiple vulnerabilities (d2a892b9-2605-11e4-9da0-00a0986f28c4)

The PHP Team reports : insecure temporary file use in the configure script unserialize SPL ArrayObject / SPLObjectStorage Type Confusion Heap buffer over-read in DateInterval fileinfo: cdfreadshortsector insufficient boundary check fileinfo: CDF infinite loop in nelements DoS fileinfo: fileinfo:...

Fedora 20 : php-5.5.14-1.fc20 (2014-7765)

26 Jun 2014, PHP 5.5.14 Core : - Fixed BC break introduced by patch for bug 67072. Anatol, Stas - Fixed bug 66622 Closures do not correctly capture the late bound class static:: in some cases. Levi Morrison - Fixed bug 67390 insecure temporary file use in the configure script. CVE-2014-3981 Remi ...

Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2014:100)

Updated java-1.7.0-openjdk packages fix security vulnerabilities : An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java applicatio...

Critical: java-1.7.0-openjdk

Issue Overview: An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execut...

Updated icedtea-web packages fix CVE-2013-6493

Updated icedtea-web packages fix security vulnerability: LiveConnect provides a gateway between the JavaScript engine in the web browser and Java applets. An insecure temporary file use flaw was found in the LiveConnect implementation in the IcedTea-Web browser plug-in. A malicious, local user...

Fedora 20 : flite-1.3-21.fc20 (2014-0579)

CVE-2014-0027 flite: insecure temporary file use Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

RHEL 5 : cman (RHSA-2009:1341)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1341 advisory. The Cluster Manager cman utility provides services for managing a Linux cluster. Multiple insecure temporary file use flaws were found in...

RHEL 5 : sudo (RHSA-2012:1149)

An updated sudo package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

CentOS 5 : sudo (CESA-2012:1149)

An updated sudo package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

CentOS Update for dhclient CESA-2009:1154 centos3 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

VMSA-2009-0014:VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues

VMSA-2009-0014.3 VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2009-0014.3 VMware Security Advisory Synopsis: VMware ESX patches for DHCP, Service Console kernel, and JRE resolve...

RHEL 3 : dhcp (RHSA-2009:1154)

Updated dhcp packages that fix two security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an...