8850 matches found
Important: gnutls
Issue Overview: It was discovered that the fix for the CVE-2013-1619 issue introduced a regression in the way GnuTLS decrypted TLS/SSL encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to crash a server or client application that uses GnuTLS...
Low: openvpn
Issue Overview: The openvpndecrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the C...
Important: tomcat6
Issue Overview: The 1 tomcat5, 2 tomcat6, and 3 tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on a...
Medium: kernel
Issue Overview: Heap-based buffer overflow in the tg3readvpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows physically proximate attackers to cause a denial of service system crash or possibly execute arbitrary code via crafted firmware that specifies a lo...
Medium: mesa
Issue Overview: An out-of-bounds access flaw was found in Mesa. If an application using Mesa exposed the Mesa API to untrusted inputs Mozilla Firefox does this, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the...
Medium: httpd24
Issue Overview: Cross-site scripting XSS flaws were found in the modproxybalancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the...
Low: tomcat7
Issue Overview: java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for...
Medium: ruby19
Issue Overview: lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service memory consumption and crash via crafted text nodes in an XML document, aka an XML Entity Expansion XEE attack. Affected Packages: ruby19 Issue Correction: Run yum...
Important: openswan
Issue Overview: A buffer overflow flaw was found in Openswan. If Opportunistic Encryption were enabled "oe=yes" in "/etc/ipsec.conf" and an RSA key configured, an attacker able to cause a system to perform a DNS lookup for an attacker-controlled domain containing malicious records such as by...
Medium: httpd
Issue Overview: Cross-site scripting XSS flaws were found in the modproxybalancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the...
Medium: nginx
Issue Overview: http/modules/ngxhttpproxymodule.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxypass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service crash and obtain sensitive information from worker process memory via a crafted proxy...
Medium: kernel
Issue Overview: The perfsweventinit function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perfeventopen system call. Affected Packages: kernel Issue Correction: Run yum update kernel or yum...
Medium: libxml2
Issue Overview: libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service CPU and memory consumption via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear...
Important: mysql51
Issue Overview: This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found in the References section. Affected Packages: mysql51 Issue Correction: Run yum update mysql51 or yum update --advisory ALAS-2013-186 to update your system. New...
Important: java-1.6.0-openjdk
Issue Overview: Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. CVE-2013-1569, CVE-2013-2383, CVE-2013-2384 Multiple improper permission check...
Important: mysql55
Issue Overview: This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found in the References section. Affected Packages: mysql55 Issue Correction: Run yum update mysql55 or yum update --advisory ALAS-2013-187 to update your system. New...
Critical: java-1.7.0-openjdk
Issue Overview: Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. CVE-2013-1569, CVE-2013-2383, CVE-2013-2384 Multiple improper permission check...
Low: 389-ds-base
Issue Overview: It was found that the 389 Directory Server did not properly restrict access to entries when the "nsslapd-allow-anonymous-access" configuration setting was set to "rootdse". An anonymous user could connect to the LDAP database and, if the search scope is set to BASE, obtain access ...
Medium: krb5
Issue Overview: A NULL pointer dereference flaw was found in the way the MIT Kerberos KDC processed certain TGS Ticket-granting Server requests. A remote, authenticated attacker could use this flaw to crash the KDC via a specially-crafted TGS request. CVE-2013-1416 Affected Packages: krb5 Issue...
Medium: puppet
Issue Overview: The 1 template and 2 inlinetemplate functions in the master server in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users to execute arbitrary code via a crafted catalog...
Medium: subversion
Issue Overview: A NULL pointer dereference flaw was found in the way the moddavsvn module handled PROPFIND requests on activity URLs. A remote attacker could use this flaw to cause the httpd process serving the request to crash. CVE-2013-1849 A flaw was found in the way the moddavsvn module handl...
Medium: lighttpd
Issue Overview: The httprequestsplitvalue function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service infinite loop via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header. Affected Packages:...
Critical: postgresql9
Issue Overview: Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service file corruption, and allows remote authenticated users to modify configuration settings and execute arbitrary code, v...
Medium: perl
Issue Overview: A heap overflow flaw was found in Perl. If a Perl application allowed user input to control the count argument of the string repeat operator, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the...
Important: bind
Issue Overview: A denial of service flaw was found in the libdns library. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash. CVE-2013-2266 Affected Packages: bind Iss...
Medium: httpd24
Issue Overview: Multiple cross-site scripting XSS vulnerabilities in the balancerhandler function in the manager interface in modproxybalancer.c in the modproxybalancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web...
Medium: httpd
Issue Overview: Multiple cross-site scripting XSS vulnerabilities in the balancerhandler function in the manager interface in modproxybalancer.c in the modproxybalancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web...
Medium: jakarta-commons-httpclient
Issue Overview: The Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject's Common Name CN or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate th...
Medium: ruby
Issue Overview: It was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially-crafted XML content, which will result in REXML...
Medium: gnutls
Issue Overview: It was discovered that GnuTLS leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding...
Important: java-1.6.0-openjdk
Issue Overview: An integer overflow flaw was found in the way the 2D component handled certain sample model instances. A specially-crafted sample model instance could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with virtual machine privileges...
Medium: cups
Issue Overview: It was discovered that CUPS administrative users members of the SystemGroups groups who are permitted to perform CUPS configuration changes via the CUPS web interface could manipulate the CUPS configuration to gain unintended privileges. Such users could read or write arbitrary...
Important: java-1.7.0-openjdk
Issue Overview: An integer overflow flaw was found in the way the 2D component handled certain sample model instances. A specially-crafted sample model instance could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with virtual machine privileges...
Medium: openssl
Issue Overview: It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS...
Medium: openssh
Issue Overview: Due to the way the pamsshagentauth PAM module was built, the glibc's error function was called rather than the intended error function in pamsshagentauth to report errors. As these two functions expect different arguments, it was possible for an attacker to cause an application...
Medium: axis
Issue Overview: Apache Axis did not verify that the server hostname matched the domain name in the subject's Common Name CN or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain...
Low: dhcp
Issue Overview: A flaw was found in the way the dhcpd daemon handled the expiration time of IPv6 leases. If dhcpd's configuration was changed to reduce the default IPv6 lease time, lease renewal requests for previously assigned leases could cause dhcpd to crash. CVE-2012-3955 Affected Packages:...
Medium: bind
Issue Overview: A flaw was found in the DNS64 implementation in BIND when using Response Policy Zones RPZ. If a remote attacker sent a specially-crafted query to a named server that is using RPZ rewrite rules, named could exit unexpectedly with an assertion failure. Note that DNS64 support is not...
Medium: dnsmasq
Issue Overview: It was discovered that dnsmasq, when used in combination with certain libvirtd configurations, could incorrectly process network packets from network interfaces that were intended to be prohibited. A remote, unauthenticated attacker could exploit this flaw to cause a denial of...
Medium: gdb
Issue Overview: GDB tried to auto-load certain files such as GDB scripts, Python scripts, and a thread debugging library from the current working directory when debugging programs. This could result in the execution of arbitrary code with the user's privileges when GDB was run in a directory that...
Medium: kernel
Issue Overview: It was found that a deadlock could occur in the Out of Memory OOM killer. A process could trigger this deadlock by consuming a large amount of memory, and then causing requestmodule to be called. A local, unprivileged user could use this flaw to cause a denial of service excessive...
Medium: pam
Issue Overview: A stack-based buffer overflow flaw was found in the way the pamenv module parsed users' "/.pamenvironment" files. If an application's PAM configuration contained "userreadenv=1" this is not the default, a local attacker could use this flaw to crash the application or, possibly,...
Important: java-1.6.0-openjdk
Issue Overview: An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. CVE-2013-1486 It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protoc...
Important: java-1.7.0-openjdk
Issue Overview: Multiple improper permission check issues were discovered in the JMX and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. CVE-2013-1486, CVE-2013-1484 An improper permission check issue was discover...
Important: java-1.6.0-openjdk
Issue Overview: Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Multiple flaws were found in the way image parsers in the 2D an...
Important: java-1.7.0-openjdk
Issue Overview: Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, Libraries, and Beans components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. CVE-2013-0442, CVE-2013-0445, CVE-2013-0441,...
Medium: kernel, nvidia
Issue Overview: The xenfailsafecallback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service guest crash by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption...
Medium: php-ZendFramework
Issue Overview: The 1 ZendFeedRss and 2 ZendFeedAtom classes in ZendFeed in Zend Framework 1.11.x before 1.11.15 and 1.12.x before 1.12.1 allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service CPU and memory consumption via a...
Important: nss
Issue Overview: It was found that a Certificate Authority CA mis-issued two intermediate certificates to customers. These certificates could be used to launch man-in-the-middle attacks. This update renders those certificates as untrusted. This covers all uses of the certificates, including SSL,...
Important: freetype
Issue Overview: A flaw was found in the way the FreeType font rendering engine processed certain Glyph Bitmap Distribution Format BDF fonts. If a user loaded a specially-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute...