303 matches found
DSA-2948-1 python-bottle - security update
Bulletin has no description...
Debian: Security Advisory (DSA-2948-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2222-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 2937-1] mod-wsgi security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2937-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 27, 2014 http://www.debian.org/security/faq -...
mod-wsgi security vulnerabilities
Privilege escalation, information disclosure...
Debian DSA-2937-1 : mod-wsgi - security update
Two security issues have been found in the Python WSGI adapter module for Apache : - CVE-2014-0240 Robert Kisteleki discovered a potential privilege escalation in daemon mode. This is not exploitable with the kernel used in Debian 7.0/wheezy. - CVE-2014-0242 Buck Golemon discovered that incorrect...
[SECURITY] [DSA 2937-1] mod-wsgi security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2937-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 27, 2014 http://www.debian.org/security/faq -...
DSA-2937-1 mod-wsgi - security update
Bulletin has no description...
Debian Security Advisory DSA 2937-1 (mod-wsgi - security update)
Two security issues have been found in the Python WSGI adapter module for Apache: CVE-2014-0240 Robert Kisteleki discovered a potential privilege escalation in daemon mode. This is not exploitable with the kernel used in Debian 7.0/wheezy. CVE-2014-0242 Buck Golemon discovered that incorrect memo...
USN-2222-1: mod_wsgi vulnerabilities
Róbert Kisteleki discovered modwsgi incorrectly checked setuid return values. A malicious application could use this issue to cause a local privilege escalation when using daemon mode. CVE-2014-0240 Buck Golemon discovered that modwsgi used memory that had been freed. A remote attacker could use...
Debian: Security Advisory (DSA-2937-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Aspen 0.8 - Directory Traversal
Aspen 0.8 - Directory Traversal Aspen 0.8 - Directory Traversal Earlier versions are also possibly vulnerable. INFORMATION Product: Aspen 0.8 Remote-exploit: yes Vendor-URL: http://www.zetadev.com/software/aspen/ Discovered by: Daniel Ricardo dos Santos CVE Request - 15/03/2013 CVE Assign -...
Aspen 0.8 - Directory Traversal
Aspen 0.8 - Directory Traversal Earlier versions are also possibly vulnerable. INFORMATION Product: Aspen 0.8 Remote-exploit: yes Vendor-URL: http://www.zetadev.com/software/aspen/ Discovered by: Daniel Ricardo dos Santos CVE Request - 15/03/2013 CVE Assign - 18/03/2013 CVE Number - CVE-2013-2619...
Aspen 0.8 Directory Traversal
Aspen 0.8 - Directory Traversal Earlier versions are also possibly vulnerable. INFORMATION Product: Aspen 0.8 Remote-exploit: yes Vendor-URL: http://www.zetadev.com/software/aspen/ Discovered by: Daniel Ricardo dos Santos CVE Request - 15/03/2013 CVE Assign - 18/03/2013 CVE Number - CVE-2013-2619...
[SECURITY] Fedora 16 Update: openstack-keystone-2011.3.1-3.fc16
Keystone is a Python implementation of the OpenStack http://www.openstack.org identity service API. Services included are: Keystone - identity store and authentication service AuthToken - WSGI middleware that can be used to handle token auth proto col WSGI or remote proxy AuthBasic - Stub for WSG...
[SECURITY] Fedora 13 Update: loggerhead-1.18.1-1.fc13
Loggerhead is a WSGI app that provides a web interface to the Bazaar version control system. It can be used to navigate a branch history, view who changed lines in a file, look at patches, and perform searches...
[SECURITY] Fedora 15 Update: loggerhead-1.18.1-1.fc15
Loggerhead is a WSGI app that provides a web interface to the Bazaar version control system. It can be used to navigate a branch history, view who changed lines in a file, look at patches, and perform searches...
Fedora Update for python-paste FEDORA-2010-10414
Check for the Version of python-paste OpenVAS Vulnerability Test Fedora Update for python-paste FEDORA-2010-10414 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora 11 : python-paste-1.7.4-1.fc11 (2010-10400)
1.7.4 The only real change is to paste.httpexceptions, which was using insecure quoting of some parameters and allowed an XSS hole, most specifically with its 404 messages. The most notably WSGI application using this is paste.urlparse.StaticURLParser and PkgResourcesParser. By directing someone ...
Fedora 12 : python-paste-1.7.4-1.fc12 (2010-10383)
1.7.4 The only real change is to paste.httpexceptions, which was using insecure quoting of some parameters and allowed an XSS hole, most specifically with its 404 messages. The most notably WSGI application using this is paste.urlparse.StaticURLParser and PkgResourcesParser. By directing someone ...