|Paid content will be excluded from the download.
| Matches : 3014
|Sebastian Pohle discovered that upsd, the server of Network UPS Tools is vulnerable to a remote denial of service attack.
A buffer overflow was discovered in OpenConnect, a client for the Cisco AnyConnect VPN, which could result in denial of service.
De Eindbazen discovered that PHP, when run with mod_cgi, will interpret a query string as command line parameters, allowing to execute arbitrary code. Additionally, this update fixes insufficient validation of upload name which lead to corrupted $_FILES indices.
It was discovered that openssl did not correctly handle explicit Initialization Vectors for CBC encryption modes, as used in TLS 1.1, 1.2, and DTLS. An incorrect calculation would lead to an integer underflow and incorrect memory access, causing denial of service
It was discovered that sudo misparsed network masks used in Host and Host_List stanzas. This allowed the execution of commands on hosts, where the user would not be allowed to run the specified command.
Tomas Hoger, Red Hat, discovered that the fix for CVE-2012-2110 for the 0.9.8 series of OpenSSL was incomplete. It has been assigned the CVE-2012-2131 identifier. For reference, the original description of CVE-2012-2110 from DSA-2454-1 is quoted below: CVE-2012-2110 Tavis Ormandy, Google Security Team, discovered a vulnerability in the way DER-encoded ASN.1 data is parsed that can result in a heap ...
Ivano Cristofolini discovered that insufficient security checks in Samba"s handling of LSA RPC calls could lead to privilege escalation by gaining the "take ownership" privilege.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-2121 Benjamin Herrenschmidt and Jason Baron discovered issues with the IOMMU mapping of memory slots used in KVM device assignment. Local users with the ability t ...
Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. CVE-2012-1937 Mozilla developers discovered several memory corruption bugs, which may lead to the execution of arbitrary code. CVE-2012-1940 Abhishek Arya discovered a use-after-free problem when wor ...
Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey. CVE-2012-1937 Mozilla developers discovered several memory corruption bugs, which may lead to the execution of arbitrary code. CVE-2012-1940 Abhishek Arya discovered a use-after-free problem when working with column layout with absolute positioning in a container that changes size, which may le ...
Pages:      Start    6    7    8    9    10    11    12    13    14    15    16    17    18    19    ..   301
© 2013 SecPod Technologies