[Forgot Password]
Login  Register Subscribe

24003

 
 

131425

 
 

104705

 
 

909

 
 

84119

 
 

133

 
 
Paid content will be excluded from the download.

Filter
Matches : 350 Download | Alert*

Fixed CVE-2013-3709: make the secret token file readable only for the webyast user to avoid forging the session cookie

Fixed CVE-2013-3709: make the secret token file readable only for the webyast user to avoid forging the session cookie

The openSUSE 12.1 kernel was updated to fix a critical security issue and also some reiserfs bugs. CVE-2013-2850: Incorrect strncpy usage in the network listening part of the iscsi target driver could have been used by remote attackers to crash the kernel or execute code. This required the iscsi target running on the machine and the attacker able to make a network connection to it . Bugs: - reiser ...

The openSUSE 12.3 kernel was updated to fix a critical security issue and two reiserfs bugs. CVE-2013-2850: Incorrect strncpy usage in the network listening part of the iscsi target driver could have been used by remote attackers to crash the kernel or execute code. This required the iscsi target running on the machine and the attacker able to make a network connection to it . Bugs fixed: - reiser ...

NRPE allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as check_http, to execute arbitrary commands under the uid that NRPE/nagios is running as . With this update NRPE will deny remote requests containing a bash comm ...

NRPE allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as check_http, to execute arbitrary commands under the uid that NRPE/nagios is running as . With this update NRPE will deny remote requests containing a bash comm ...

This version upgrade of flash-player fixed multiple unspecified code execution vulnerabiliies.

This version upgrade of flash-player fixed multiple unspecified code execution vulnerabilities.

This version upgrade of flash-player fixed multiple unspecified code execution vulnerabiliies.

- added weechat-fix-hook_process-shell-injection.patch which fixes a shell injection vulnerability in the hook_process function - added weechat-fix-buffer-overflow-in-irc-color-decoding.patch which fixes a heap-based overflow when decoding IRC colors in strings


Pages:      Start    21    22    23    24    25    26    27    28    29    30    31    32    33    34    ..   34

© 2013 SecPod Technologies