firewalld security, bug fix, and enhancement update

0.4.3.2-8 - Exclude firewallctl RHBZ1374799 0.4.3.2-7 - Tolerate ipv6rpfilter fail RHBZ1285769 - Fix setrules to copy the rule before extracting the table RHBZ1373260 - Translation update RHBZ1273296 - Conflict with NetworkManager 1:1.4.0-3.el7 RHBZ1366288 0.4.3.2-6 - Do not use exit code 254 for...

Error in handleInterruptedCoalesceLeaf when trying to scan the Storage on XenServer

Error in XenCenter - SR failed to complete the operation Error in /var/log/SMlog -25840 2012-12-14 10:52:35.402274 lock: released /var/lock/sm/lvm-579fdc35-f120-398e-397e-b12179c9531c/83b6fcfd-e9ed-432b-b662-d8d28f9ccca525840 2012-12-14 10:52:35.402380 lock: closed...

ObiHai ObiPhone 1032/1062 < 5-0-0-3497 - Multiple Vulnerabilities

ObiHai ObiPhone - Multiple Vulnerabilities ------------------------------------------ Introduction ============ Multiple vulnerabilities were discovered in the web management interface of the ObiHai ObiPhone products. The Vulnerabilities were discovered during a black box security assessment and...

Fedora 23 : prosody-0.9.9-2.fc23 (2016-38e48069f8)

Prosody 0.9.9 ============= A summary of changes: Security fixes -------------- Fix path traversal vulnerability in modhttpfiles CVE-2016-1231 Fix use of weak PRNG in generation of dialback secrets CVE-2016-1232 Bugs ---- Improve handling of CNAME records in DNS Fix traceback when deleting a user...

mailman security and bug fix update

3:2.1.12-25 - fix CVE-2002-0389 - local users able to read private mailing list archives 3:2.1.12-24 - fix CVE-2015-2775 - directory traversal in MTA transports 3:2.1.12-23 - fix 1095359 - handle update when some mailing lists have been created by newer Mailman than this one 3:2.1.12-22 - fix...

CVE-2014-4301

Multiple cross-site scripting XSS vulnerabilities in the responderror function in routing.py in Eugene Pankov Ajenti before 1.2.21.7 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 resources.js or 2 resources.css in ajenti:static/, related to the traceback page...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the responderror function in routing.py in Eugene Pankov Ajenti before 1.2.21.7 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 resources.js or 2 resources.css in ajenti:static/, related to the traceback page...

PYSEC-2014-99

Multiple cross-site scripting XSS vulnerabilities in the responderror function in routing.py in Eugene Pankov Ajenti before 1.2.21.7 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 resources.js or 2 resources.css in ajenti:static/, related to the traceback page...

CVE-2014-4301

Ajenti (Eugene Pankov) before v1.2.21.7 contains XSS in respond_error() in routing.py, exploitable via PATH_INFO to resources.js or resources.css under ajenti:static/, as described in multiple sources (e.g., GHSA-2CH8-F849-PJG3). Root cause: unvalidated PATH_INFO leads to injection of arbitrary w...

Ani Shell v1.3 Released -- Mail Bomber (with less spam detection) & PHP Decoder

Ani Shell v1.3 Released -- Mail Bomber with less spam detection & PHP Decoder Introduction Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , DDoser, Back Connect , Bind Shell etc etc ! This shell has immense capabilities and have been writte...

To bypass the buffer overflow protection system-vulnerability warning-the black bar safety net

1-Introduction Recently a period of time,some of the commercial security agencies begin to propose some solutions to solve the buffer overflow problem. This article analyzes these protection schemes,and introduce some techniques to bypass the buffer overflow protection system. Now quite a few...