[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6530 Download | Alert*

It was discovered that openssl did not correctly handle explicit Initialization Vectors for CBC encryption modes, as used in TLS 1.1, 1.2, and DTLS. An incorrect calculation would lead to an integer underflow and incorrect memory access, causing denial of service

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.1.63, which includes additional changes, such as performance improvements and corrections for data loss defects. The packages in Debian stable are not known to be affected by this vulnerability. It is addressed in this update nonetheless, so future re ...

Timo Warns discovered that the EAP-TLS handling of freeradius, a high-performance and highly configurable RADIUS server, is not properly performing length checks on user-supplied input before copying to a local stack buffer. As a result, an unauthenticated attacker can exploit this flaw to crash the daemon or execute arbitrary code via crafted certificates.

A vulnerability has been found in the Apache HTTPD Server: CVE-2012-4557 A flaw was found when mod_proxy_ajp connects to a backend server that takes too long to respond. Given a specific configuration, a remote attacker could send certain requests, putting a backend server into an error state until the retry timeout expired. This could lead to a temporary denial of service. In addition, this updat ...

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.1.66, which includes additional changes, such as performance improvements and corrections for data loss defects. Additionally, CVE-2012-5611 has been fixed in this upload. The vulnerability is a stack-based buffer overflow in acl_get when checking use ...

Multiple denial of service vulnerabilities have been discovered in the xen hypervisor. One of the issue could even lead to privilege escalation from guest to host. Some of the recently published Xen Security Advisories are not fixed by this update and should be fixed in a future release. CVE-2011-3131 : DoS using I/OMMU faults from PCI-passthrough guest A VM that controls a PCI[E] device directl ...

Two vulnerabilities were discovered in the implementation of the Perl programming language: CVE-2012-5195 The "x" operator could cause the Perl interpreter to crash if very long strings were created. CVE-2012-5526 The CGI module does not properly escape LF characters in the Set-Cookie and P3P headers. In addition, this update adds a warning to the Storable documentation that this package ...

It was discovered that the CGI module for Perl does not filter LF characters in the Set-Cookie and P3P headers, potentially allowing attackers to inject HTTP headers.

Marko Myllynen discovered that elinks, a powerful text-mode browser, incorrectly delegates user credentials during GSS-Negotiate.

Jann Horn discovered that users of the CUPS printing system who are part of the lpadmin group could modify several configuration parameters with security impact. Specifically, this allows an attacker to read or write arbitrary files as root which can be used to elevate privileges. This update splits the configuration file /etc/cups/cupsd.conf into two files: cupsd.conf and cups-files.conf. While t ...


Pages:      Start    291    292    293    294    295    296    297    298    299    300    301    302    303    304    ..   652

© SecPod Technologies