CentOS Update for openssl CESA-2012:0699 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for openssl CESA-2012:0699 centos6

Check for the Version of openssl OpenVAS Vulnerability Test CentOS Update for openssl CESA-2012:0699 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

CentOS Update for openssl CESA-2012:0699 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2011-3149

The expandarg function in the pamenv module modules/pamenv/pamenv.c in Linux-PAM aka pam before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service CPU consumption...

PHP 5.3.x < 5.3.14 Multiple Vulnerabilities

According to its banner, the version of PHP installed on the remote host is 5.3.x earlier than 5.3.14, and is, therefore, potentially affected the following vulnerabilities : - An integer overflow error exists in the function 'pharparsetarfile' in the file 'ext/phar/tar.c'. This error can lead to...

Moderate: Red Hat Security Advisory: openssl security and bug fix update

Updated openssl packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

[BSA-071] Security Update for request-tracker4

Dominic Hargreaves uploaded new packages for request-tracker4 which fixed the following security problems: CVE-2011-2082 The vulnerable-passwords scripts introduced for CVE-2011-0009 failed to correct the password hashes of disabled users. CVE-2011-2083 Several cross-site scripting issues have be...

CVE-2011-3109

Google Chrome before 19.0.1084.52 on Linux does not properly perform a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have unknown other impact by leveraging an error in the GTK implementation of the UI...

SuSE 10 Security Update : the Linux Kernel (x86_64) (ZYPP Patch Number 6730)

This update fixes a several security issues and various bugs in the SUSE Linux Enterprise 10 SP 2 kernel. The following security issues were fixed: CVE-2009-3939: A sysctl variable of the megaraidsas driver was worldwriteable, allowing local users to cause a denial of service or potential code...

Wireshark Multiple Denial of Service Vulnerabilities (Mac OS X)

This host is installed with Wireshark and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gbwiresharkmultdosvulnmacosxoct11.nasl 5956 2017-04-14 09:02:12Z teissa $ Wireshark Multiple Denial of Service Vulnerabilities Mac OS X Authors: Sooraj KS Copyright:...

PHP 5.4.x < 5.4.1 Multiple Vulnerabilities

According to its banner, the version of PHP installed on the remote host is 5.4.x earlier than 5.4.1, and, therefore, potentially affected by multiple vulnerabilities : - The '$FILES' variable can be corrupted because the names of uploaded files are not properly validated. CVE-2012-1172 - The...

SuSE 10 Security Update : Python (ZYPP Patch Number 8080) (BEAST)

The following issues have been fixed in this update : - hash randomization issues CVE-2012-115 see below - SimpleHTTPServer XSS. CVE-2011-1015 - SSL BEAST vulnerability CVE-2011-3389 The hash randomization fix is by default disabled to keep compatibility with existing python code when it extracts...

Wordpress Plugin Email Before Download <=3.16 Blind SQL Inyection

Exploit for php platform in category web applications Wordpress Plugin: Email Before Download escape before using it. On line 120 File: /email-before-download/email-before-download.php we can see that: ===================================================================================== 120:...

IBM Db2 XML Feature DoS and CREATE VARIABLE Security Bypass Vulnerabilities

IBM Db2 is prone to a denial of service and security bypass vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Design/Logic Flaw

IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 does not properly check variables, which allows remote authenticated users to bypass intended restrictions on viewing table data by leveraging the CREATEIN privilege to execute crafted SQL CREATE VARIABLE statements...

CVE-2011-3037

Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document...

Limesurvey Blind SQL Injection

Exploit Title: LimeSurvey Blind SQL injection Date: 20/02/2012 Author: TorTukiTu - OpenSphere Version: 1.91+ build 11804 Tested on: php ckeprotectedCckeprotectedC ------------------------------------------------------------------------- TorTukiTu - Killing Tortoise ,-"""-. oo./ / \ /\ /// \...

DirCMS arbitrary file read 0day-vulnerability warning-the black bar safety net

Feel time really flies really fast, the computer opened an off day is gone. Can't go on like this, so I'm going to take some time to write the blog and learning, recording their growth. Whether it be a programmer, or a security engineer, reading someone else's code is undoubtedly progress in a...

RHEL 5 : cups (RHSA-2012:0302)

Updated cups packages that fix one security issue and various bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

PHP 5.3.9 'php_register_variable_ex()' Code Execution (intrusive check)

The remote host is running a version of PHP that is affected by an arbitrary code execution vulnerability. Specifically, the fix for the hash collision denial of service vulnerability CVE-2011-4885 introduces a remote code execution vulnerability in the function 'phpregistervariableex' in the fil...