[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

111604

 
 

909

 
 

87312

 
 

136

 
 
Paid content will be excluded from the download.

Filter
Matches : 350 Download | Alert*

NRPE allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as check_http, to execute arbitrary commands under the uid that NRPE/nagios is running as . With this update NRPE will deny remote requests containing a bash comm ...

postgresql was updated to version 9.2.4 : * CVE-2013-1899: Fix insecure parsing of server command-line switches. A connection request containing a database name that begins with "-" could be crafted to damage or destroy files within the server"s data directory, even if the request is eventually rejected. * CVE-2013-1900: Reset OpenSSL randomness state in each postmaster child process. Th ...

NRPE allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as check_http, to execute arbitrary commands under the uid that NRPE/nagios is running as . With this update NRPE will deny remote requests containing a bash comm ...

Perl was updated to fix 3 security issues: - fix rehash denial of service [bnc#804415] [CVE-2013-1667] - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526] - sanitize input in Maketext.pm to avoid code injection [bnc#797060] [CVE-2012-6329]

Pidgin was updated to 2.10.7 to fix various security issues and the bug that IRC did not work at all in 12.3. Changes: - Add pidgin-irc-sasl.patch: link irc module to SASL. Allows the IRC module to be loaded . - Update to version 2.10.7 : + Alien hatchery: - No changes + General: - The configure script will now exit with status 1 when specifying invalid protocol plugins using the --with-static-prp ...

This update fixes a bug which allows an unauthenticated remote attacker to cause a stack overflow in server code, resulting in either server crash or even code execution as the user running firebird.

Perl was updated to fix 3 security issues: - fix rehash denial of service [bnc#804415] [CVE-2013-1667] - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526] - sanitize input in Maketext.pm to avoid code injection [bnc#797060] [CVE-2012-6329] In openSUSE 12.1 also the following non-security bug was fixed: - fix IPC::Open3 bug when "-" is used [bnc#755278]

This update fixes a bug which allows an unauthenticated remote attacker to cause a stack overflow in server code, resulting in either server crash or even code execution as the user running firebird.

seamonkey was updated to version 2.16.1 fixing a severe security issue. * MFSA 2013-29/CVE-2013-0787 Use-after-free in HTML Editor

Mozilla Firefox was updated to 19.0.2 fixing: * MFSA 2013-29/CVE-2013-0787 Use-after-free in HTML Editor could be used for code execution * blocklist updates


Pages:      Start    4    5    6    7    8    9    10    11    12    13    14    15    16    17    ..   34

© SecPod Technologies