RedHat Update for pki-core RHSA-2013:0511-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

httpd security, bug fix, and enhancement update

2.2.15-26.0.1.el6 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-26 - htcacheclean: exit with code 4 also for 'restart' action 805810 2.2.15-25 - htcacheclean: exit with code 4 if nonprivileged user runs initscript 805810 - rotatelogs: omit the...

RHEL 6 : pki-core (RHSA-2013:0511)

Updated pki-core packages that fix multiple security issues, two bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

Moderate: Red Hat Security Advisory: pki-core security, bug fix and enhancement update

Updated pki-core packages that fix multiple security issues, two bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

Oracle GlassFish Server Multiple XSS and CSRF Vulnerabilities

This host is running Oracle GlassFish Server and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboracleglassfishservermultvuln.nasl 5956 2017-04-14 09:02:12Z teissa $ Oracle GlassFish Server Multiple XSS and CSRF Vulnerabilities Authors: Sooraj KS Copyright: Copyright c 20...

Nmap NSE net: ssl-cert

Retrieves a server's SSL certificate. The amount of information printed about the certificate depends on the verbosity level. With no extra verbosity, the script prints the validity period and the commonName, organizationName, stateOrProvinceName, and countryName of the subject. '443/tcp open htt...

Delicious.com Getting Problem with SSL Certificate

Delicious.com Getting Problem with SSL Certificate Just now we have notice that Delicious.com getting some problem with their SSL Certificate. The Certificate is Valid unto 4/30/2012 as you can see below : But Secure SSL site Link : is Down and showing Error as shown :...

Greenbone Security Assistant Cross-Site Request Forgery Vulnerability

This host is installed with Greenbone Security Assistant and is prone to cross-site request forgery vulnerability. OpenVAS Vulnerability Test $Id: gbgreenbonegsacsrfvuln.nasl 3112 2016-04-19 08:52:10Z antu123 $ Greenbone Security Assistant Cross-Site Request Forgery Vulnerability Authors: Antu...

Mahara Cross Site Scripting and Cross Site Request Forgery Vulnerabilities

This host is running Mahara and is prone to cross site scripting and cross site request forgery vulnerabilities. OpenVAS Vulnerability Test $Id: secpodmaharaxssncsrfvuln.nasl 7029 2017-08-31 11:51:40Z teissa $ Mahara Cross Site Scripting and Cross Site Request Forgery Vulnerabilities Authors:...

Uniform Server Multiple CSRF Vulnerabilities

Uniform Server is prone to multiple Cross-Site Request Forgery vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Brekeke PBX Cross-Site Request Forgery Vulnerability

This host is running Brekeke PBX and is prone to Cross-Site Request Forgery Vulnerability. OpenVAS Vulnerability Test $Id: secpodbrekekepbxcsrfvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Brekeke PBX Cross-Site Request Forgery Vulnerability Authors: Madhuri D Copyright: Copyright c 2010 SecPod,...

Zenoss Server Multiple Vulnerabilities

The host is running Zenoss Server and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbzenossservmultvuln.nasl 5388 2017-02-21 15:13:30Z teissa $ Zenoss Server Multiple Vulnerabilities Authors: Rachana Shetty Copyright: Copyright c 2010 SecPod, http://www.secpod.com This...

SSL Certificate Expiry - Future Validity

The SSL certificate for the remote SSL-enabled service is not yet valid. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid42980; scriptversion "$Revision: 1.8 $"; scriptcvsdate"$Date: 2012/04/02 16:34:10 $"; scriptnameenglish:"SSL Certificate Expiry - Future Validity";...

pligg -- Cross-Site Scripting and Cross-Site Request Forgery

secunia reports: Russ McRee has discovered some vulnerabilities in Pligg, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks. Input passed via the "Referer" HTTP header to various scripts e.g. admin/adminconfig.php, admin/adminmodules.php,...

ssl-cert NSE Script

Retrieves a server's SSL certificate. The amount of information printed about the certificate depends on the verbosity level. With no extra verbosity, the script prints the validity period and the commonName, organizationName, stateOrProvinceName, and countryName of the subject. 443/tcp open http...

Fedora 10 : phpMyAdmin-3.2.0.1-1.fc10 (2009-7340)

The first security release for phpMyAdmin 3.2.0: - security XSS: Insufficient output sanitizing in bookmarks This version contains a number of small new features and some bug fixes: - core better support for vendor customisation based on what Debian needs - rfe warn when session.gcmaxlifetime is...

ruby: Incorrect checks for validity of X.509 certificates

ext/openssl/osslocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSPbasicverify function, which might allow remote attackers to successfully present an invalid X.509 certificate, possibly involving a revoked certificate...

Java WebStart allows hidden code privilege escalation

Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows remote attackers to make unauthorized network connections and hijack HTTP sessions via a crafted file that validates as both a GIF an...

FreeBSD : mediawiki -- multiple vulnerabilities (61b07d71-ce0e-11dd-a721-0030843d3802)

The MediaWiki development team reports : Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Certain unspecified input related to uploads ...

mediawiki -- multiple vulnerabilities

The MediaWiki development team reports: Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Certain unspecified input related to uploads i...