curl: SFTP path ~ resolving discrepancy

A path traversal vulnerability exists in curl 8.0.0 SFTP implementation causes the tilde character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can...

SUSE CVE-2004-1063

PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safemodeexecdir restrictions and execute commands outside of the intended safemodeexecdir via shell metacharacters in the current directory name. NOTE: this issue was...

Golang Cryptomining Worm Offers 15% Speed Boost

A freshly discovered variant of the Golang crypto-worm was recently spotted dropping Monero-mining malware on victim machines; in a switch-up of tactics, the payload binaries are capable of speeding up the mining process by 15 percent, researchers said. According to research from Uptycs, the worm...

SYS.1.3.A17

Es SOLLTEN speziell gehaertete Kernels z. B. grsecurity, PaX und geeignete Schutzmassnahmen wie Speicherschutz oder Dateisystemabsicherung umgesetzt werden, die eine Ausnutzung von Schwachstellen und die Ausbreitung im Betriebssystem verhindern. Copyright C 2021 Greenbone Networks GmbH Some text...

[SECURITY] Fedora 33 Update: monitorix-3.13.1-1.fc33

Monitorix is a free, open source and lightweight system monitoring tool designed to monitor as many services and system resources as possible. It h as been created to be used under production Linux/UNIX servers, but due to its simplicity and small size may also be used on embedded devices as well...

[SECURITY] Fedora 32 Update: monitorix-3.13.1-1.fc32

Monitorix is a free, open source and lightweight system monitoring tool designed to monitor as many services and system resources as possible. It h as been created to be used under production Linux/UNIX servers, but due to its simplicity and small size may also be used on embedded devices as well...

Security Bulletin: Vulnerability in SSLv3 affects IBM Cognos Command Center (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Cognos Command Center. Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION : Product could allow a remote attacker to obtain sensitive...

[SECURITY] Fedora 28 Update: monitorix-3.10.1-1.fc28

Monitorix is a free, open source and lightweight system monitoring tool designed to monitor as many services and system resources as possible. It h as been created to be used under production Linux/UNIX servers, but due to its simplicity and small size may also be used on embedded devices as well...

[SECURITY] Fedora 26 Update: monitorix-3.10.1-1.fc26

Monitorix is a free, open source and lightweight system monitoring tool designed to monitor as many services and system resources as possible. It h as been created to be used under production Linux/UNIX servers, but due to its simplicity and small size may also be used on embedded devices as well...

IBM Open Admin Tool SOAP welcomeServer PHP Command Injection

Added: 09/27/2017 CVE: CVE-2017-1092 BID: 98615 Background IBM Informix Dynamic Server IDS is an online transaction processing OLTP data server for enterprise and workgroup computing. Open Admin Tool OAT is an open source, platform-independent tool providing a graphical interface for administrati...

[SECURITY] Fedora 20 Update: monitorix-3.3.1-1.fc20

Monitorix is a free, open source, lightweight system monitoring tool design ed to monitor as many services and system resources as possible. It has been created to be used under production Linux/UNIX servers, but due to its simplicity and small size may also be used on embedded devices as well...

[SECURITY] Fedora 18 Update: monitorix-3.3.1-1.fc18

Monitorix is a free, open source, lightweight system monitoring tool design ed to monitor as many services and system resources as possible. It has been created to be used under production Linux/UNIX servers, but due to its simplicity and small size may also be used on embedded devices as well...

Symantec Backup Exec Remote Agent for Linux and UNIX Servers (RALUS) Installed

Symantec Backup Exec Remote Agent for Linux and UNIX Servers RALUS, a backup agent for Linux and UNIX servers, is installed on the remote host. TRUSTED...

Debian DSA-562-1 : mysql - several vulnerabilities

Several problems have been discovered in MySQL, a commonly used SQL database on Unix servers. The following problems have been identified by the Common Vulnerabilities and Exposures Project : - CAN-2004-0835 Oleksandr Byelkin noticed that ALTER TABLE ... RENAME checks CREATE/INSERT rights of the...

mSQL-DoS.txt

Date: Mon, 11 Jan 1999 01:53:30 -0200 From: Sekure SDI SSC To: [email protected] Subject: Sekure SDI Advisory: mSQL Remote Bug fwd s e k u r e SDI http://www.sekure.org ----------------------------- Brazilian Information Security Team - mSQL Buffer Overflow Advisory mSQL is a SQL server for Un...