Download
| Alert*
oval:org.secpod.oval:def:1500729
Updated bash packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support, Red Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat Enterprise L ... oval:org.secpod.oval:def:1500731 GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the Fo ... oval:org.secpod.oval:def:1500745 GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the Fo ... oval:org.secpod.oval:def:1500226 Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 3 and 4 Extended Life Cycle Support. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System base score, which gives a detailed ... oval:org.secpod.oval:def:1500227 Oracle Linux 4 is installed oval:org.secpod.oval:def:1500906 Updated glibc packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extended Life Cycle Support. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ratin ... oval:org.secpod.oval:def:1500594 OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions ... |