[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:1501223
The remote host is missing a patch containing a security fix, which affects the following package(s): autofs

oval:org.secpod.oval:def:1500929
GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a ...

oval:org.secpod.oval:def:1500858
Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) docker load operation or (2) registry communications.

oval:org.secpod.oval:def:1500863
Oracle Linux has issued an update for docker. This fixes two security issues, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions.

oval:org.secpod.oval:def:1501244
The remote host is missing a patch containing a security fix, which affects the following package(s): netcf

oval:org.secpod.oval:def:1500673
It was found that when replication was enabled for each attribute in 389 Directory Server, which is the default configuration, the server returned replicated metadata when the directory was searched while debugging was enabled. A remote attacker could use this flaw to disclose potentially sensitive ...

oval:org.secpod.oval:def:1500926
Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.

oval:org.secpod.oval:def:1500690
Updated glibc packages that fix two security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available fo ...

oval:org.secpod.oval:def:1500641
It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, e ...

oval:org.secpod.oval:def:1500727
An updated haproxy package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from th ...

oval:org.secpod.oval:def:34299
Apple Mac OS X Server 10.10 (Yosemite) is installed

oval:org.secpod.oval:def:34297
Apple Mac OS X 10.11 (el capitan) is installed

oval:org.secpod.oval:def:34298
Apple Mac OS X Server 10.11 (el capitan) is installed

oval:org.secpod.oval:def:1500620
An out-of-bounds memory access flaw was found in the way QEMU's IDE device driver handled the execution of SMART EXECUTE OFFLINE commands. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host wi ...

oval:org.secpod.oval:def:1500763
Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from ...

oval:org.secpod.oval:def:1500797
Updated cups-filters packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for ea ...

oval:org.secpod.oval:def:1500692
An updated mod_wsgi package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from ...

oval:org.secpod.oval:def:1501230
The remote host is missing a patch containing a security fix, which affects the following package(s): net-snmp

oval:org.secpod.oval:def:1501235
The remote host is missing a patch containing a security fix, which affects the following package(s): unbound

oval:org.secpod.oval:def:1500633
A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application.

oval:org.secpod.oval:def:1500683
It was found that the implementation of Internationalizing Domain Names in Applications (IDNA) hostname matching in NSS did not follow the RFC 6125 recommendations. This could lead to certain invalid certificates with international characters to be accepted as valid.

oval:org.secpod.oval:def:1500623
An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execute arbitrary code wi ...

oval:org.secpod.oval:def:1500750
Updated java-1.6.0-openjdk packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed seve ...

oval:org.secpod.oval:def:1500868
Updated rpm packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for each vulne ...

oval:org.secpod.oval:def:1500776
Updated rsyslog packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the ...

oval:org.secpod.oval:def:1500697
Updated squid packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CV ...

oval:org.secpod.oval:def:1500969
Stack-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.

oval:org.secpod.oval:def:1500693
Updated firefox packages that fix two security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available f ...

oval:org.secpod.oval:def:1500638
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

oval:org.secpod.oval:def:1500769
Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availa ...

oval:org.secpod.oval:def:1500631
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

oval:org.secpod.oval:def:1501673
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

oval:org.secpod.oval:def:1501687
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.5.0 Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute ar ...

oval:org.secpod.oval:def:1501567
The monlist feature in ntp_request.c in ntpd in NTP allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.

oval:org.secpod.oval:def:1501688
Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.5.1 ESR. Security Fix: * A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privil ...

oval:org.secpod.oval:def:1500759
Updated java-1.7.0-openjdk packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ...

oval:org.secpod.oval:def:1501749
Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.7.0 ESR. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with t ...

oval:org.secpod.oval:def:1501691
A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

oval:org.secpod.oval:def:1501227
The remote host is missing a patch containing a security fix, which affects the following package(s): xfsprogs

oval:org.secpod.oval:def:1501290
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501186
During Docker pulls validation and extraction of the manifest object from its JSON representation are done in separate steps. The digest that represents the manifest corresponds to a hash of the payload portion of the JSON blob returned by the remote registry. Even though the validity of the payload ...

oval:org.secpod.oval:def:1500837
Updated mailx packages that fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for eac ...

oval:org.secpod.oval:def:1500962
PostgreSQL is an advanced object-relational database management system . An information leak flaw was found in the way the PostgreSQL database server handled certain error messages. An authenticated database user could possibly obtain the results of a query they did not have privileges to execute by ...

oval:org.secpod.oval:def:1500851
Updated libXfont packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available f ...

oval:org.secpod.oval:def:1501701
Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.6.0 ESR. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with t ...

oval:org.secpod.oval:def:1501706
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.6.0. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute a ...

oval:org.secpod.oval:def:1500619
Oracle Linux 7 is installed

oval:org.secpod.oval:def:1500861
Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availa ...

oval:org.secpod.oval:def:1500865
Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ...

oval:org.secpod.oval:def:1500747
Updated libvirt packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available ...

oval:org.secpod.oval:def:1500746
Updated polkit-qt packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from th ...

oval:org.secpod.oval:def:1500629
A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the cl ...

oval:org.secpod.oval:def:1500874
Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CV ...

oval:org.secpod.oval:def:1500634
It was found that libvirt passes the XML_PARSE_NOENT flag when parsing XML documents using the libxml2 library, in which case all XML entities in the parsed documents are expanded. A user able to force libvirtd to parse an XML document with an entity pointing to a file could use this flaw to read th ...

oval:org.secpod.oval:def:1500876
Updated libvirt packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ...

oval:org.secpod.oval:def:1500807
Updated xorg-x11-server packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ...

oval:org.secpod.oval:def:1501759
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501758
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501770
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500793
An updated wget package that fixes one security issue is now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from ...

oval:org.secpod.oval:def:1501787
It was found that IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate is ...

oval:org.secpod.oval:def:1501789
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potent ...

oval:org.secpod.oval:def:1501793
Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.8.0 ESR. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with t ...

oval:org.secpod.oval:def:1501795
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501796
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.8.0. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute a ...

oval:org.secpod.oval:def:1501823
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501831
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501839
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501840
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501895
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501905
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500791
Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for ...

oval:org.secpod.oval:def:1500923
Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.

oval:org.secpod.oval:def:1501239
The remote host is missing a patch containing a security fix, which affects the following package(s): rubygem-bundler and rubygem-thor

oval:org.secpod.oval:def:1500911
Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ...

oval:org.secpod.oval:def:1501250
The remote host is missing a patch containing a security fix, which affects the following package(s): binutils

oval:org.secpod.oval:def:1500922
lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.

oval:org.secpod.oval:def:1500951
unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.

oval:org.secpod.oval:def:1500945
The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.

oval:org.secpod.oval:def:1501113
Important: Oracle Linux 7 lxc security update.

oval:org.secpod.oval:def:1500956
The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the verbs API. A local user with access to a /dev/infiniba ...

oval:org.secpod.oval:def:1501016
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A buffer overflow flaw was found in the way the Linux kernel"s Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use ...

oval:org.secpod.oval:def:1501142
The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol , including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which us ...

oval:org.secpod.oval:def:1501834
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501843
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501891
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501889
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501926
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501788
Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support is vulnerable to a null pointer dereference flaw. It could occur on x86 platform, when emulating an undefined instruction. An attacker could use this flaw to crash the host kernel resulting in DoS. (CVE-2016-8630) * A race ...

oval:org.secpod.oval:def:1501790
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:38256
A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets implementation in the Linux kernel networking subsystem handled synchronization while creating the TPACKET_V3 ring buffer. A local user able to open a raw packet socket (requires the CAP_NET_RAW capab ...

oval:org.secpod.oval:def:1501728
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501695
The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent. The sctp_sf_ootb function i ...

oval:org.secpod.oval:def:1501700
The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent. The sctp_sf_ootb function i ...

oval:org.secpod.oval:def:1501682
memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix: * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached bin ...

oval:org.secpod.oval:def:1501180
OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ...

oval:org.secpod.oval:def:1501933
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500644
Unspecified vulnerability in MariaDB allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR.

oval:org.secpod.oval:def:1500823
Updated mariadb packages that fix several security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for ea ...

oval:org.secpod.oval:def:1501887
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501903
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501708
Vim is an updated and improved version of the vi editor. Security Fix: * A vulnerability was found in vim in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running ...

oval:org.secpod.oval:def:1500836
Updated nss, nss-util, and nss-softokn packages that contain a patch to mitigate the CVE-2014-3566 issue, fix a number of bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. ...

oval:org.secpod.oval:def:1500642
Multiple buffer overflow flaws were found in the way the json-c library handled long strings in JSON documents. An attacker able to make an application using json-c parse excessively large JSON input could cause the application to crash.

oval:org.secpod.oval:def:1500963
It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity (XXE) attacks, possibly resulting i ...

oval:org.secpod.oval:def:1500738
Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ...

oval:org.secpod.oval:def:1500684
A race condition was found in the way OpenSSL handled ServerHello messages with an included Supported EC Point Format extension. A malicious server could possibly use this flaw to cause a multi-threaded TLS/SSL client using OpenSSL to write into freed memory, causing the client to crash or execute a ...

oval:org.secpod.oval:def:1500930
The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.

oval:org.secpod.oval:def:1500933
Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599.

oval:org.secpod.oval:def:1500701
Updated httpcomponents-client packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is avail ...

oval:org.secpod.oval:def:1500703
Updated jakarta-commons-httpclient packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity r ...

oval:org.secpod.oval:def:1500708
Updated procmail packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availabl ...

oval:org.secpod.oval:def:1500798
Updated shim packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for each vul ...

oval:org.secpod.oval:def:1500852
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ...

oval:org.secpod.oval:def:1500640
It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, e ...

oval:org.secpod.oval:def:1500724
Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is avai ...

oval:org.secpod.oval:def:1500811
Updated ruby packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for each vul ...

oval:org.secpod.oval:def:1500794
Updated kernel packages that fix several security issues and bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ...

oval:org.secpod.oval:def:1500936
Cross-site scripting (XSS) vulnerability in the Web UI in FreeIPA 4.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to breadcrumb navigation.

oval:org.secpod.oval:def:1500873
Updated libvncserver packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avail ...

oval:org.secpod.oval:def:1500875
Updated kdenetwork packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for ea ...

oval:org.secpod.oval:def:1500850
Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA (.xz) archive, related to the chroot for archive extraction.

oval:org.secpod.oval:def:1501247
The remote host is missing a patch containing a security fix, which affects the following package(s): python

oval:org.secpod.oval:def:1500828
Updated glibc packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available fo ...

oval:org.secpod.oval:def:1500947
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition inv ...

oval:org.secpod.oval:def:1501254
Integer overflow in TigerVNC allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to screen size handling, which triggers a heap-based buffer overflow, a similar issue to CVE-2014-6051.

oval:org.secpod.oval:def:1500880
Updated firefox packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings ...

oval:org.secpod.oval:def:1501249
The remote host is missing a patch containing a security fix, which affects the following package(s): cpio

oval:org.secpod.oval:def:1500901
Updated libyaml packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from ...

oval:org.secpod.oval:def:1500925
The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended authentication requirements that would forc ...

oval:org.secpod.oval:def:26788
jakarta-taglibs-standard is the Java Standard Tag Library . This library is used in conjunction with Tomcat and Java Server Pages . It was found that the Java Standard Tag Library allowed the processing of untrusted XML documents to utilize external entity references, which could access resources on ...

oval:org.secpod.oval:def:1501225
The remote host is missing a patch containing a security fix, which affects the following package(s): chrony

oval:org.secpod.oval:def:1501149
Pluggable Authentication Modules provide a system whereby administrators can set up authentication policies without having to recompile programs to handle authentication. It was discovered that the _unix_run_helper_binary function of PAM"s unix_pam module could write to a blocking pipe, possibly ca ...

oval:org.secpod.oval:def:26793
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the kernel"s implementation of the Berkeley Packet Filter . A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly ...

oval:org.secpod.oval:def:1501852
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501628
The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. The following packages have been upgraded to a newer upstream version: libvir ...

oval:org.secpod.oval:def:1500835
Updated jasper packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for ...

oval:org.secpod.oval:def:1500931
The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.

oval:org.secpod.oval:def:1500913
Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ...

oval:org.secpod.oval:def:26792
Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposit ...

oval:org.secpod.oval:def:1501053
Xerces-C is a validating XML parser written in a portable subset of C++. A flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application t ...

oval:org.secpod.oval:def:1500981
X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. A buffer over-read flaw was found in the way the X.Org server handled XkbGetGeometry requests. A malicious, authorized client co ...

oval:org.secpod.oval:def:1500975
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A ...

oval:org.secpod.oval:def:1500977
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ...

oval:org.secpod.oval:def:1500954
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the pr ...

oval:org.secpod.oval:def:1500917
Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these ...

oval:org.secpod.oval:def:1500938
Multiple unspecified vulnerabilities in the browser engine in Mozilla Thunderbird before 31.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

oval:org.secpod.oval:def:1501191
Use-after-free vulnerability in libwmf allows remote attackers to cause a denial of service (crash) via a crafted WMF file to the (1) wmf2gd or (2) wmf2eps command.

oval:org.secpod.oval:def:1501189
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.

oval:org.secpod.oval:def:1501202
KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. It was found that the QEMU"s websocket frame decoder processed incoming frames without limiting resources used to process the ...

oval:org.secpod.oval:def:1501252
It was discovered that, under certain circumstances, glibc's getaddrinfo() function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application enc ...

oval:org.secpod.oval:def:1501246
The remote host is missing a patch containing a security fix, which affects the following package(s): libssh2

oval:org.secpod.oval:def:26790
The libXfont package provides the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format fonts. A malicious, local user could use this flaw to crash the X ...

oval:org.secpod.oval:def:1501145
Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd.

oval:org.secpod.oval:def:1501226
The remote host is missing a patch containing a security fix, which affects the following package(s): krb5

oval:org.secpod.oval:def:1501161
Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way NSS verified certain ECDSA signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery ...

oval:org.secpod.oval:def:1501057
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ...

oval:org.secpod.oval:def:1501069
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. It ...

oval:org.secpod.oval:def:1501041
Mailman is a program used to help manage email discussion lists. It was found that mailman did not sanitize the list name before passing it to certain MTAs. A local attacker could use this flaw to execute arbitrary code as the user running mailman. This update also fixes the following bugs: * Previ ...

oval:org.secpod.oval:def:1501055
PostgreSQL is an advanced object-relational database management system . A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is tri ...

oval:org.secpod.oval:def:1501134
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which htt ...

oval:org.secpod.oval:def:1501308
Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information.

oval:org.secpod.oval:def:1501295
A denial of service flaw was found in the ldb_wildcard_compare() function of libldb. A remote attacker could send a specially crafted packet that, when processed by an application using libldb (for example the AD LDAP server in Samba), would cause that application to consume an excessive amount of m ...

oval:org.secpod.oval:def:1501155
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.

oval:org.secpod.oval:def:1501233
The remote host is missing a patch containing a security fix, which affects the following package(s): cups-filters

oval:org.secpod.oval:def:26791
HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. An implementation error related to the memory management of request and responses was found within HAProxy"s buffer_slow_realign function. An unauthenticated remote attacker could possibly use this ...

oval:org.secpod.oval:def:1501119
SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database w ...

oval:org.secpod.oval:def:1501004
KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An out-of-bounds memory access flaw was found in the way QEMU"s virtual Floppy Disk Controller handled FIFO buffer access wh ...

oval:org.secpod.oval:def:1501130
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privil ...

oval:org.secpod.oval:def:1501131
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privil ...

oval:org.secpod.oval:def:1501163
gdk-pixbuf is an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. An integer overflow, leading to a heap-based buffer overflow, was found in the way gdk-pixbuf, an image loading library for GNOME, scaled certain bit ...

oval:org.secpod.oval:def:1501122
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. N ...

oval:org.secpod.oval:def:1501153
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privil ...

oval:org.secpod.oval:def:1501175
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ...

oval:org.secpod.oval:def:1501266
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ...

oval:org.secpod.oval:def:1501231
The remote host is missing a patch containing a security fix, which affects the following package(s): java-1.6.0-openjdk

oval:org.secpod.oval:def:1501193
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to c ...

oval:org.secpod.oval:def:1501197
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to c ...

oval:org.secpod.oval:def:1501184
The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtu ...

oval:org.secpod.oval:def:1501261
It was discovered that the nss_files backend for the Name Service Switch in glibc would return incorrect data to applications or corrupt the heap (depending on adjacent heap contents) in certain cases. A local attacker could potentially use this flaw to escalate their privileges.

oval:org.secpod.oval:def:1501248
The remote host is missing a patch containing a security fix, which affects the following package(s): postgresql

oval:org.secpod.oval:def:1501431
Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba . Ref ...

oval:org.secpod.oval:def:26789
The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remot ...

oval:org.secpod.oval:def:1501182
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. T ...

oval:org.secpod.oval:def:1501209
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

oval:org.secpod.oval:def:1501259
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

oval:org.secpod.oval:def:1501284
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

oval:org.secpod.oval:def:1501291
A use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP connections was discovered in rpcbind. A remote, unauthenticated attacker could possibly exploit this flaw to crash the rpcbind service (denial of service) by performing a series of UDP and TCP calls.

oval:org.secpod.oval:def:1501395
The SMB1 implementation in smbd in Samba allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.

oval:org.secpod.oval:def:1501270
The KVM subsystem in the Linux kernel allow guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.

oval:org.secpod.oval:def:1501271
Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.

oval:org.secpod.oval:def:1501273
The libpng packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE and png_set_PLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to ...

oval:org.secpod.oval:def:1501264
libxml2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-termin ...

oval:org.secpod.oval:def:1501281
Multiple integer underflows in Grub2 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get function in grub-core/normal/auth.c or the (2) grub_password_get func ...

oval:org.secpod.oval:def:1501508
OCamel does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.

oval:org.secpod.oval:def:1501632
The libguestfs packages contain a library, which is used for accessing and modifying virtual machine disk images. Virt-v2v converts guests from a foreign hypervisor to run on KVM. The following packages have been upgraded to a newer upstream version: libguestfs , virt-v2v . Security Fix: * An inte ...

oval:org.secpod.oval:def:1501335
An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restr ...

oval:org.secpod.oval:def:1501388
Xerces-C is a validating XML parser written in a portable subset of C++. It was discovered that the Xerces-C XML parser did not properly process certain XML input. By providing specially crafted XML data to an application using Xerces-C for XML processing, a remote attacker could exploit this flaw t ...

oval:org.secpod.oval:def:1501489
The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtu ...

oval:org.secpod.oval:def:1501507
The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list o ...

oval:org.secpod.oval:def:1501468
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, information leak or data loss. CVE-2013-4312 Tetsuo Handa discovered that users can use pipes queued on local sockets to allocate an unfair share of kernel memory, leading to ...

oval:org.secpod.oval:def:1501299
An information leak flaw was found in the way the OpenSSH client roaming feature was implemented. A malicious server could potentially use this flaw to leak portions of memory (possibly including private SSH keys) of a successfully authenticated OpenSSH client.

oval:org.secpod.oval:def:1501391
A type confusion issue was found in the way libssh2 generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters.

oval:org.secpod.oval:def:1501647
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ...

oval:org.secpod.oval:def:1501587
Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted and Python, but fully able to serve static pages too. Security Fix: * It was discovered that python-twisted-web used the value of the Proxy header from ...

oval:org.secpod.oval:def:1501748
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix: * It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a spec ...

oval:org.secpod.oval:def:1501343
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Multiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbi ...

oval:org.secpod.oval:def:1501621
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.

oval:org.secpod.oval:def:1501622
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.

oval:org.secpod.oval:def:1501332
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

oval:org.secpod.oval:def:1501341
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Re ...

oval:org.secpod.oval:def:1501405
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Mu ...

oval:org.secpod.oval:def:1501385
firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website.

oval:org.secpod.oval:def:1501866
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501520
Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: * A flaw was found in the way Samba initiated signed DCE/RPC connectio ...

oval:org.secpod.oval:def:1501462
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 38.8.0. Security Fix: * Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitr ...

oval:org.secpod.oval:def:1501439
Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.1.0 ESR. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with t ...

oval:org.secpod.oval:def:1501512
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.2.0. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute a ...

oval:org.secpod.oval:def:1501493
Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.2.0. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the p ...

oval:org.secpod.oval:def:1501566
Multiple unspecified vulnerabilities in Mozilla thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to Http2Session::Shutdown and SpdySession31::Shutdown, and other vectors.

oval:org.secpod.oval:def:1501736
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501444
Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Security Fix: * It was discovered that Mercurial failed to properly check Git sub-repository URLs. A Mercurial repository that includes a Git sub-repository with a sp ...

oval:org.secpod.oval:def:1501643
The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: * A stack overflow vulnerability was ...

oval:org.secpod.oval:def:1501471
It was found that libndp did not properly validate and check the origin of Neighbor Discovery Protocol (NDP) messages. An attacker on a non-local network could use this flaw to advertise a node as a router, allowing them to perform man-in-the-middle attacks on a connecting client, or disrupt the net ...

oval:org.secpod.oval:def:1501478
It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to launch a container could use this flaw to escalate their privileges to root within the launched container.

oval:org.secpod.oval:def:1501453
KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix: * An out-of-bounds read/write access flaw was found in the way QEMU"s VGA emulation with VESA BIOS Extensions su ...

oval:org.secpod.oval:def:1501484
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix: * A buffer overflow flaw was found in the way the Squid cachemgr.cgi utility processed remotely relayed Squid input. When the CGI interface utility is used, a remote attacke ...

oval:org.secpod.oval:def:1501633
The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fix: * It was found that wget used a file name provided by the server for the downloaded file when following an HTTP redirect to a FTP server resource. This could cause wget to create a file wi ...

oval:org.secpod.oval:def:1501577
Oracle Linux : Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501541
Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code, cross-site scriping, information disclosure and bypass of the same-origin policy.

oval:org.secpod.oval:def:1501591
Multiple unspecified vulnerabilities in thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

oval:org.secpod.oval:def:1501575
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially,execute arbitrary code with the privileges of the user running Firefox

oval:org.secpod.oval:def:1501637
Fontconfig is designed to locate fonts within the system and select them according to requirements specified by applications. Security Fix: * It was found that cache files were insufficiently validated in fontconfig. A local attacker could create a specially crafted cache file to trigger arbitrary f ...

oval:org.secpod.oval:def:1501547
QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ...

oval:org.secpod.oval:def:1501656
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * It was found that the libcurl library did not prevent TLS session resumption when the client certificate had changed. An attac ...

oval:org.secpod.oval:def:1501630
PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a newer upstream version: postgresql . Security Fix: * A flaw was found in the way PostgreSQL server handled certain SQL statements containing CASE/WHEN commands. A remote, authentic ...

oval:org.secpod.oval:def:1501653
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * A v ...

oval:org.secpod.oval:def:1501554
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel"s networking subsystem allowed an off-path attacker to leak certain information about a given connection b ...

oval:org.secpod.oval:def:1501556
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * It ...

oval:org.secpod.oval:def:1501574
Oracle Linux : Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:36754
The host is installed with Linux kernel and is prone to a TCP session hijack vulnerability. A flaw is present in the application, which fails to handle a blind in-window attack. Successful exploitation allows man-in-the-middle attackers to hijack TCP sessions.

oval:org.secpod.oval:def:1501631
Nettle is a cryptographic library that is designed to fit easily in almost any context: In cryptographic toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like lsh or GnuPG, or even in kernel space. Security Fix: * Multiple flaws were found in the way nettle imple ...

oval:org.secpod.oval:def:1501603
linux: Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501601
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Linux kernel built with the 802.1Q/802.1ad VLAN OR Virtual eXtensible Local Area Network with Transparent Ethernet Bridging GRO support, is vulnerable to a stack overflow issue. It could occur while ...

oval:org.secpod.oval:def:1501738
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501714
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes ...

oval:org.secpod.oval:def:1500725
Updated bash packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ...

oval:org.secpod.oval:def:1500733
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the Fo ...

oval:org.secpod.oval:def:1500744
Updated bash packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ...

oval:org.secpod.oval:def:1502036
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:34300
The host is installed with Adobe Flash Player before 18.0.0.352 or 19.x through 21.x before 21.0.0.242 or Adobe AIR before 21.0.0.215 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow atta ...

oval:org.secpod.oval:def:34301
The host is installed with Adobe Flash Player before 18.0.0.352 or 19.x through 21.x before 21.0.0.242 or Adobe AIR before 21.0.0.215 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow at ...

oval:org.secpod.oval:def:1500952
An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application.

oval:org.secpod.oval:def:1500639
It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server.

oval:org.secpod.oval:def:1500637
It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server.

oval:org.secpod.oval:def:1501240
The remote host is missing a patch containing a security fix, which affects the following package(s): file

oval:org.secpod.oval:def:1501245
The remote host is missing a patch containing a security fix, which affects the following package(s): curl

oval:org.secpod.oval:def:1500734
Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for each v ...

oval:org.secpod.oval:def:1500932
The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly maintain security-context handles, which allows remote authenticated use ...

oval:org.secpod.oval:def:1501018
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A ...

oval:org.secpod.oval:def:1501005
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ...

oval:org.secpod.oval:def:1500989
The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the ...

oval:org.secpod.oval:def:1500988
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the ...

oval:org.secpod.oval:def:1500990
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the ...

oval:org.secpod.oval:def:1501139
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the "--ssl" option. A man-in-the- ...

oval:org.secpod.oval:def:1501082
KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. A heap buffer overflow flaw was found in the way QEMU"s IDE subsystem handled I/O buffer access while processing certain ATAPI ...

oval:org.secpod.oval:def:1501042
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, ...

oval:org.secpod.oval:def:1501204
A buffer overflow flaw was found in the way the Linux kernel's virtio-net subsystem handled certain fraglists when the GRO (Generic Receive Offload) functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or, ...

oval:org.secpod.oval:def:1501160
KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An information leak flaw was found in the way QEMU"s RTL8139 emulation implementation processed network packets under RTL8139 ...

oval:org.secpod.oval:def:1501206
Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

oval:org.secpod.oval:def:1501276
git : arbitrary code execution via crafted URLs

oval:org.secpod.oval:def:1501384
A heap-based buffer overflow flaw was found in the way NSS parsed certain ASN.1 structures. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash, or execute arbitrary code, using the permissions of the user running an applicatio ...

oval:org.secpod.oval:def:1501650
Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix: * An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU"s ...

oval:org.secpod.oval:def:1501440
Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way NSS verified certain ECDSA signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery ...

oval:org.secpod.oval:def:1501669
It was found that Diffie Hellman Client key exchange handling in NSS was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group.

oval:org.secpod.oval:def:1501546
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to ...

oval:org.secpod.oval:def:1501720
The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * It was found that the ghostscript functions getenv, filenameforall and .libfile did not h ...

oval:org.secpod.oval:def:1501899
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501898
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501901
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501921
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501832
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501835
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501857
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501844
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501842
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501774
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501780
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsocko ...

oval:org.secpod.oval:def:1501783
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsocko ...

oval:org.secpod.oval:def:1501784
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsocko ...

oval:org.secpod.oval:def:1501888
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501924
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501914
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501859
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501867
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501868
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501869
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501875
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501876
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501908
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501927
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500648
Two integer overflow flaws were found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use either of these flaws to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on th ...

oval:org.secpod.oval:def:1500765
An information leak flaw was found in the way QEMU's VGA emulator accessed frame buffer memory for high resolution displays. A privileged guest user could use this flaw to leak memory contents of the host to the guest by setting the display to use a high resolution in the guest.

oval:org.secpod.oval:def:1500937
Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions.

oval:org.secpod.oval:def:1501007
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was discovered that the ChunkedInputFilter in Tomcat did not fail subsequent attempts to read input after malformed chunked encoding was detected. A remote attacker could possibly use this flaw to make T ...

oval:org.secpod.oval:def:1500895
Updated glibc packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from t ...

oval:org.secpod.oval:def:1500924
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

oval:org.secpod.oval:def:1501023
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A flaw was found in the way the TLS protocol composes the Diffie-Hellman key exchange. A man-in-the-middle attacker could use thi ...

oval:org.secpod.oval:def:1501109
Important: Oracle Linux 7 java-1.6.0-openjdk security update.

oval:org.secpod.oval:def:1501051
Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way the TLS protocol composes the Diffie-Hellman key exchange. A man-in-the-middle attacker could use this flaw to force the us ...

oval:org.secpod.oval:def:1501062
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certa ...

oval:org.secpod.oval:def:1501200
The Network Time Protocol is used to synchronize a computer"s time with a referenced time source. It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use this flaw to send a crafted Kiss-of-Death packet to an ntpd client that ...

oval:org.secpod.oval:def:1501243
The remote host is missing a patch containing a security fix, which affects the following package(s): ntp

oval:org.secpod.oval:def:1501087
The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote ...

oval:org.secpod.oval:def:1501300
A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to imp ...

oval:org.secpod.oval:def:1501306
A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to imp ...

oval:org.secpod.oval:def:1501322
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to cra ...

oval:org.secpod.oval:def:1501297
A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to imp ...

oval:org.secpod.oval:def:1501664
The Network Time Protocol is used to synchronize a computer"s time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: * It was found that when NTP was configure ...

oval:org.secpod.oval:def:1501328
It was discovered that ntpd as a client did not correctly check the originate timestamp in received packets. A remote attacker could use this flaw to send a crafted packet to an ntpd client that would effectively disable synchronization with the server, or push arbitrary offset/delay measurements to ...

oval:org.secpod.oval:def:1501326
A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system.

oval:org.secpod.oval:def:1501350
The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges o ...

oval:org.secpod.oval:def:1501485
he Network Time Protocol is used to synchronize a computer"s time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: * It was found that when NTP was configured ...

oval:org.secpod.oval:def:1501434
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to comp ...

oval:org.secpod.oval:def:1501435
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to comp ...

oval:org.secpod.oval:def:1501456
The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Security Fix: * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to comp ...

oval:org.secpod.oval:def:1501559
The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Security Fix: * An insufficient bytecode verification flaw was discovered in the Hotspot component in OpenJDK. An untrusted Java application or applet could use this flaw t ...

oval:org.secpod.oval:def:1501518
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * Multiple flaws were discovered in the Hotspot and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to complete ...

oval:org.secpod.oval:def:1501523
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: * Multiple flaws were discovered in the Hotspot and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to complete ...

oval:org.secpod.oval:def:1501611
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on th ...

oval:org.secpod.oval:def:1501615
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on th ...

oval:org.secpod.oval:def:1501616
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on t ...

oval:org.secpod.oval:def:1501648
It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions. It was discov ...

oval:org.secpod.oval:def:1501605
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An untrusted Jav ...

oval:org.secpod.oval:def:1501732
It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine"s memory and completely bypass Java sandbox restrictions. * It was discov ...

oval:org.secpod.oval:def:1501769
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501744
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote atta ...

oval:org.secpod.oval:def:1501874
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500761
Updated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue and fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System ba ...

oval:org.secpod.oval:def:1500897
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ...

oval:org.secpod.oval:def:1500816
Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the C ...

oval:org.secpod.oval:def:1500820
Updated ntp packages that fix several security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ...

oval:org.secpod.oval:def:1501014
The kexec-tools packages contain the /sbin/kexec binary and utilities that together form the user-space component of the kernel"s kexec feature. The /sbin/kexec binary facilitates a new kernel to boot using the kernel"s kexec feature either on a normal or a panic reboot. The kexec fastboot mechanism ...

oval:org.secpod.oval:def:1500960
It was discovered that the IPA extdom Directory Server plug-in did not correctly perform memory reallocation when handling user account information. A request for a list of groups for a user that belongs to a large number of groups would cause a Directory Server to crash. It was discovered that the ...

oval:org.secpod.oval:def:1500907
This Critical Patch Update contains new security fixes for mariadb. 3 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.

oval:org.secpod.oval:def:1501038
CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. A string reference count bug was found in cupsd, causing premature freeing of string objects. An attacker can submit a malicious print job that exploits this flaw to dismantle ACLs protecting privileged operation ...

oval:org.secpod.oval:def:1501224
The remote host is missing a patch containing a security fix, which affects the following package(s): grep

oval:org.secpod.oval:def:1501543
The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ...

oval:org.secpod.oval:def:1501040
The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access o ...

oval:org.secpod.oval:def:1500959
The setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache messages are returned, an alert can be generated that provides information about the problem and helps to track its resolution. It was found that setroubleshoot did not sanitize file names supplied ...

oval:org.secpod.oval:def:1501002
A flaw was found in the way Red Hat Directory Server performed authorization of modrdn operations. An unauthenticated attacker able to issue an ldapmodrdn call to the directory server could use this flaw to perform unauthorized modifications of entries in the directory server.

oval:org.secpod.oval:def:1501028
abrt is a tool to help users to detect defects in applications and to create a bug report with all information needed by maintainer to fix it. It uses plugin system to extend its functionality.

oval:org.secpod.oval:def:1501066
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java ...

oval:org.secpod.oval:def:1501228
The remote host is missing a patch containing a security fix, which affects the following package(s): rest

oval:org.secpod.oval:def:1501256
The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message, a similar issue to CVE-2015-2 ...

oval:org.secpod.oval:def:1501043
Libreswan is an implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network . A fl ...

oval:org.secpod.oval:def:1501275
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer derefernce flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked cou ...

oval:org.secpod.oval:def:1501036
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could ...

oval:org.secpod.oval:def:1501090
Moderate: Oracle Linux 7 clutter security update

oval:org.secpod.oval:def:1501203
A flaw was discovered in the way Libreswan's IKE daemon processed IKE KE payloads. A remote attacker could send specially crafted IKE payload with a KE payload of g^x=0 that, when processed, would lead to a denial of service (daemon crash).

oval:org.secpod.oval:def:1501094
The libuser library implements a standardized interface for manipulating and administering user and group accounts. Sample applications that are modeled after applications from the shadow password suite are included in these packages. Two flaws were found in the way the libuser library handled the / ...

oval:org.secpod.oval:def:1501342
polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes.

oval:org.secpod.oval:def:1501234
The remote host is missing a patch containing a security fix, which affects the following package(s): openhpi

oval:org.secpod.oval:def:1501238
The remote host is missing a patch containing a security fix, which affects the following package(s): openldap

oval:org.secpod.oval:def:1501241
The remote host is missing a patch containing a security fix, which affects the following package(s): squid

oval:org.secpod.oval:def:1501020
Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container.

oval:org.secpod.oval:def:1501253
The flaws were found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their p ...

oval:org.secpod.oval:def:1501348
The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A stack-based buffer overflow was found in the way th ...

oval:org.secpod.oval:def:1501237
The remote host is missing a patch containing a security fix, which affects the following package(s): grub2

oval:org.secpod.oval:def:1501258
Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blo ...

oval:org.secpod.oval:def:1501260
libreport only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the (1) backtrace, (2) cmdline, (3) environ, (4) open_fds, (5) maps, (6) smaps, (7) hostname, (8) remote, (9) ks.cfg, or (10) a ...

oval:org.secpod.oval:def:1501232
The remote host is missing a patch containing a security fix, which affects the following package(s): openssh

oval:org.secpod.oval:def:1501424
MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs and ...

oval:org.secpod.oval:def:1501475
Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501423
Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC. A memory leak flaw was found in the krb5_unparse_name function of the MIT Kerberos kadmind service. An authenticated attacker could r ...

oval:org.secpod.oval:def:1501530
Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501752
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501312
Multiple flaws were discovered in the Networking and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions.

oval:org.secpod.oval:def:1501421
Kernel update : x86/iopl/64: properly context-switch IOPL on Xen PV (Andy Lutomirski) and fs/hugetlbfs/inode.c: fix bugs in hugetlb_vmtruncate_list() (Mike Kravetz)

oval:org.secpod.oval:def:1501340
An infinite-loop vulnerability was discovered in the 389 directory server, where the server failed to correctly handle unexpectedly closed client connections. A remote attacker able to connect to the server could use this flaw to make the directory server consume an excessive amount of CPU and stop ...

oval:org.secpod.oval:def:1501652
A race condition vulnerability was discovered in NetworkManager. Temporary files were created insecurely when saving or updating connection settings, which could allow local users to read connection secrets such as VPN passwords or WiFi keys.

oval:org.secpod.oval:def:1501661
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a newer upstream version: squid . Security Fix: * Incorrect boundary checks were found in the way squid handled headers in HTTP responses, wh ...

oval:org.secpod.oval:def:1501641
The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable ...

oval:org.secpod.oval:def:1501454
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. This package contains Windows libraries and development tools.

oval:org.secpod.oval:def:1501627
The mod_nss module provides strong cryptography for the Apache HTTP Server via the Secure Sockets Layer and Transport Layer Security protocols, using the Network Security Services security library. The following packages have been upgraded to a newer upstream version: mod_nss . Security Fix: * A ...

oval:org.secpod.oval:def:1501406
OpenSSH is OpenBSD"s SSH protocol implementation. These packages include the core files necessary for both the OpenSSH client and server. It was discovered that the OpenSSH server did not sanitize data received in requests to enable X11 forwarding. An authenticated client with restricted SSH access ...

oval:org.secpod.oval:def:1501662
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos ...

oval:org.secpod.oval:def:1501570
A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled with C ...

oval:org.secpod.oval:def:1501596
linux: Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501597
linux: Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501713
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes ...

oval:org.secpod.oval:def:1501676
Several vulnerabilities have been discovered in Linux Kernel and dtrace-modules

oval:org.secpod.oval:def:1501680
Several vulnerabilities have been discovered in Linux Kernel and dtrace-modules

oval:org.secpod.oval:def:1501505
The setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache messages are returned, an alert can be generated that provides information about the problem and helps to track its resolution. The setroubleshoot-plugins package provides a set of analysis plugins ...

oval:org.secpod.oval:def:1501635
389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. The following packages have been upgraded to a newer upstream version: 389-ds-base . Security Fix: * It was ...

oval:org.secpod.oval:def:1501660
Libreswan is an implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network . Secu ...

oval:org.secpod.oval:def:1501564
An insufficient permission check issue was found in the way IPA server treats certificate revocation requests. An attacker logged in with the 'retrieve certificate' permission enabled could use this flaw to revoke certificates, possibly triggering a denial of service attack.

oval:org.secpod.oval:def:1501646
firewalld is a firewall service daemon that provides a dynamic customizable firewall with a D-Bus interface. The following packages have been upgraded to a newer upstream version: firewalld . Security Fix: * A flaw was found in the way firewalld allowed certain firewall configurations to be modifie ...

oval:org.secpod.oval:def:1501640
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb . Security Fix: * It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. ...

oval:org.secpod.oval:def:1501659
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was found that the Linux kernel"s IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a deni ...

oval:org.secpod.oval:def:1501558
Security vulnerabilities are present in kernel-uek and dtrace-modules

oval:org.secpod.oval:def:1501693
The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix: * It was discovered that the sudo noexec restricti ...

oval:org.secpod.oval:def:1501719
It was discovered that the default IdM password policies that lock out accounts after a certain number of failed login attempts were also applied to host and service accounts. A remote unauthenticated user could use this flaw to cause a denial of service attack against kerberized services. * It was ...

oval:org.secpod.oval:def:1501663
RESTEasy contains a JBoss project that provides frameworks to help build RESTful Web Services and RESTful Java applications. It is a fully certified and portable implementation of the JAX-RS specification. Security Fix: * It was discovered that under certain conditions RESTEasy could be forced to pa ...

oval:org.secpod.oval:def:1501645
The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix: * It was discovered that the default sudo configur ...

oval:org.secpod.oval:def:1501665
The policycoreutils packages contain the core policy utilities required to manage a SELinux environment. Security Fix: * It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use thi ...

oval:org.secpod.oval:def:1501638
The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ...

oval:org.secpod.oval:def:1501677
A vulnerability was found in ipsilon in the SAML2 provider's handling of sessions. An attacker able to hit the logout URL could determine what service providers other users are logged in to and terminate their sessions.

oval:org.secpod.oval:def:1501757
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501883
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501765
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501731
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501755
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501722
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix: * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer"s VMware ...

oval:org.secpod.oval:def:1501801
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501725
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fix: * Multiple flaws were discovered in GStreamer"s FLC/FLI/FLX ...

oval:org.secpod.oval:def:1501724
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fix: * Multiple flaws were discovered in GStreamer"s FLC/FLI/FLX m ...

oval:org.secpod.oval:def:1501800
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501918
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501919
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501600
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application dep ...

oval:org.secpod.oval:def:1501379
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to dec ...

oval:org.secpod.oval:def:1501386
A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled. It was discovered that the SSL ...

oval:org.secpod.oval:def:1502034
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500782
Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ...

oval:org.secpod.oval:def:1501221
The remote host is missing a patch containing a security fix, which affects the following package(s): wireshark

oval:org.secpod.oval:def:1501529
Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1500680
The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.

oval:org.secpod.oval:def:1501536
Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1500687
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.

oval:org.secpod.oval:def:1501316
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.

oval:org.secpod.oval:def:1501314
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.

oval:org.secpod.oval:def:1501207
The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets.

oval:org.secpod.oval:def:1500770
include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdev_printk and its related logging implementation, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) by sending invalid packets to a VxLAN interface.

oval:org.secpod.oval:def:1501865
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500660
Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c.

oval:org.secpod.oval:def:1500790
Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) ...

oval:org.secpod.oval:def:1501495
The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.

oval:org.secpod.oval:def:1501251
Race condition in the IPC object implementation in the Linux kernel allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c.

oval:org.secpod.oval:def:1501494
The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.

oval:org.secpod.oval:def:1501143
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet.

oval:org.secpod.oval:def:1501267
The KVM subsystem in the Linux kernel allow guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.

oval:org.secpod.oval:def:1501033
The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

oval:org.secpod.oval:def:1501164
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the kernel"s implementation of the Berkeley Packet Filter . A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly ...

oval:org.secpod.oval:def:1501452
net/sctp/sm_sideeffect.c in the Linux kernel before does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.

oval:org.secpod.oval:def:1501219
The get_bitmap_file function in drivers/md/md.c in the Linux kernel before does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call.

oval:org.secpod.oval:def:1501345
The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges o ...

oval:org.secpod.oval:def:1501102
linux: Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501472
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way the Linux kernel"s ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 ce ...

oval:org.secpod.oval:def:1501123
The get_bitmap_file function in drivers/md/md.c in the Linux kernel does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call.

oval:org.secpod.oval:def:1501006
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A buffer overflow flaw was found in the way the Linux kernel"s Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use ...

oval:org.secpod.oval:def:1500903
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.

oval:org.secpod.oval:def:1501294
It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system.

oval:org.secpod.oval:def:1501050
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate ...

oval:org.secpod.oval:def:1501063
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ...

oval:org.secpod.oval:def:1500838
A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled duplicate Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system.

oval:org.secpod.oval:def:1500846
An information leak flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled access of the user control's state. A local, privileged user could use this flaw to leak kernel memory to user space.

oval:org.secpod.oval:def:1500972
The InfiniBand (IB) implementation in the Linux kernel package does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by lev ...

oval:org.secpod.oval:def:1500622
The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation.

oval:org.secpod.oval:def:1500864
It was found that the parse_rock_ridge_inode_internal() function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link (CL) tags. An attacker with physical access to the system could use a specially crafted ISO image to crash t ...

oval:org.secpod.oval:def:1500870
A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled duplicate Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system.

oval:org.secpod.oval:def:1500998
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root bina ...

oval:org.secpod.oval:def:1500939
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveragin ...

oval:org.secpod.oval:def:1500704
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.

oval:org.secpod.oval:def:1500949
Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call.

oval:org.secpod.oval:def:37213
The host is installed with MySQL 5.1.73 and earlier on OEL 6, mariadb 5.5.50 and earlier on OEL 7 or MySQL 5.0.95 and earlier on OEL 5 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle MySQL logging functions. Successful exploi ...

oval:org.secpod.oval:def:1500736
Updated xerces-j2 packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ...

oval:org.secpod.oval:def:36263
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ...

oval:org.secpod.oval:def:36262
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ...

oval:org.secpod.oval:def:36261
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ...

oval:org.secpod.oval:def:36260
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ...

oval:org.secpod.oval:def:36269
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a cross-protocol cross-site scripting vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attack ...

oval:org.secpod.oval:def:36268
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ...

oval:org.secpod.oval:def:36267
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a cross-protocol cross-site scripting vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attack ...

oval:org.secpod.oval:def:36266
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to compr ...

oval:org.secpod.oval:def:36265
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to cause a sys ...

oval:org.secpod.oval:def:36264
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to discl ...

oval:org.secpod.oval:def:36259
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ...

oval:org.secpod.oval:def:36258
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to an user interface spoofing vulnerability. A flaw is present in the application, which improperly validates security origins. Successful exploitation could allow attackers to us ...

oval:org.secpod.oval:def:36257
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which improperly processes of SVG. Successful exploitation could allow attackers to disclose imag ...

oval:org.secpod.oval:def:36270
The host is missing a security update according to Apple advisory APPLE-SA-2016-07-18-5. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted website. Successful exploitation allows attackers to crash the service, disclose th ...

oval:org.secpod.oval:def:1501263
It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections libra ...

oval:org.secpod.oval:def:1501346
An insecure temporary file use flaw was found in the way sos created certain sosreport files. A local attacker could possibly use this flaw to perform a symbolic link attack to reveal the contents of sosreport files, or in some cases modify arbitrary files and escalate their privileges on the system ...

oval:org.secpod.oval:def:1501583
Several vulnerabilities were discovered in OpenSSL: CVE-2016-2177 Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/ CVE-2016-2178 Cesar Pereida, Billy Brumley and ...

oval:org.secpod.oval:def:1501772
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501894
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500635
A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd ch ...

oval:org.secpod.oval:def:1500647
It was found that a fix for a previous security flaw introduced a regression that could cause a denial of service in Tomcat 7. A remote attacker could use this flaw to consume an excessive amount of CPU on the Tomcat server by sending a specially crafted request to that server. It was found that whe ...

oval:org.secpod.oval:def:1500676
It was found that, in certain circumstances, it was possible for a malicious web application to replace the XML parsers used by Apache Tomcat to process XSLTs for the default servlet, JSP documents, tag library descriptors (TLDs), and tag plug-in configuration files. The injected XML parser(s) could ...

oval:org.secpod.oval:def:1501506
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an appl ...

oval:org.secpod.oval:def:1501654
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running t ...

oval:org.secpod.oval:def:1501634
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * A flaw was found in the way certain error conditions were handled by bzread function in PHP. An attacker could use this flaw to upload a specially crafted bz2 archive which, when parsed via the vuln ...

oval:org.secpod.oval:def:1501657
Poppler is a Portable Document Format rendering library, used by applications such as Evince. Security Fix: * A heap-buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use poppler to crash or, potentially, execute arbi ...

oval:org.secpod.oval:def:1501917
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501651
The GIMP is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. The following packages have been upgraded to a newer upstream ve ...

oval:org.secpod.oval:def:1501819
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501820
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502042
Several security issues were fixed in Linux kernel, python-perf and perf.

oval:org.secpod.oval:def:1502045
Several security issues were fixed in Linux Kernel and dtrace-modules.

oval:org.secpod.oval:def:1502043
Several security issues were fixed in Linux kernel, python-perf and perf.

oval:org.secpod.oval:def:1502050
Several security issues were fixed in Linux Kernel.

oval:org.secpod.oval:def:1501934
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502041
Several security issues were fixed in java-1.8.0-openjdk.

oval:org.secpod.oval:def:1501864
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501827
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501741
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501649
A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes.

oval:org.secpod.oval:def:1501532
The golang packages provide the Go programming language compiler. The following packages have been upgraded to a newer upstream version: golang . Security Fix: * An input-validation flaw was discovered in the Go programming language built in CGI implementation, which set the environment variable "HT ...

oval:org.secpod.oval:def:1501723
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix: * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer"s VMware ...

oval:org.secpod.oval:def:1501658
The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix: * It was found that util-linux"s libblkid library did not properly handle Ext ...

oval:org.secpod.oval:def:1501545
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb . Security Fix: * This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws c ...

oval:org.secpod.oval:def:1501467
PCRE is a Perl-compatible regular expression library. Security Fix: * Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make an application using PCRE process a specially crafted regular expression could use these flaws to cause the application to c ...

oval:org.secpod.oval:def:1501499
ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: * It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially cra ...

oval:org.secpod.oval:def:1501458
ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: * It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a s ...

oval:org.secpod.oval:def:1501739
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501629
The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND handled responses con ...

oval:org.secpod.oval:def:1501400
The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed signature records for DNAME reco ...

oval:org.secpod.oval:def:1501588
The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND constructed a response ...

oval:org.secpod.oval:def:1501327
apl_42.c in ISC BIND allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.

oval:org.secpod.oval:def:1501280
A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive server t ...

oval:org.secpod.oval:def:1501076
The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIN ...

oval:org.secpod.oval:def:1500935
named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor manage ...

oval:org.secpod.oval:def:1501855
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501568
The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. ...

oval:org.secpod.oval:def:1501685
Expat is a C library for parsing XML documents. Security Fix: * An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, pos ...

oval:org.secpod.oval:def:1501516
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly ...

oval:org.secpod.oval:def:1502033
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501837
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501655
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. The following packages have been upgraded to a newer upstream version: tomcat . Security Fix: * A CSRF flaw was found in Tomcat"s the index pages for the Manager and Host Manager applications. These applic ...

oval:org.secpod.oval:def:1501829
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501035
The wpa_supplicant package contains an 802.1X Supplicant with support for WEP, WPA, WPA2 , and various EAP authentication methods. It implements key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A ...

oval:org.secpod.oval:def:1500831
An updated wpa_supplicant package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ...

oval:org.secpod.oval:def:1502020
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502037
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502044
Several security issues were fixed in wget.

oval:org.secpod.oval:def:1501833
The advisory is missing the security advisory description. For more information please visit the reference link

*CPE
cpe:/o:oracle:linux:7

© 2013 SecPod Technologies