[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108684

 
 

909

 
 

85446

 
 

134

 
 
Paid content will be excluded from the download.

Filter
Matches : 85432 Download | Alert*

Several remote vulnerabilities have been discovered in the zope, a feature-rich web application server written in python, that could lead to arbitrary code execution in the worst case. The Common Vulnerabilities and Exposures project identified the following problems: Due to a programming error an authorization method in the StorageServer component of ZEO was not used as an internal method. This a ...

It was discovered that the AttachFile action in moin, a python clone of WikiWiki, is prone to cross-site scripting attacks . Another cross-site scripting vulnerability was discovered in the antispam feature . For the stable distribution these problems have been fixed in version 1.5.3-1.2etch2. For the testing distribution these problems have been fixed in version 1.7.1-3+lenny1. For the unstable ...

The previous wordpress update introduced a regression when fixing CVE-2008-4769 due to a function that was not backported with the patch. Please note that this regression only affects the oldstable distribution . For reference the original advisory text follows. Several vulnerabilities have been discovered in wordpress, weblog manager. The Common Vulnerabilities and Exposures project identifies th ...

It was discovered that BIND, an implementation of the DNS protocol suite, does not properly check the result of an OpenSSL function which is used to verify DSA cryptographic signatures. As a result, incorrect DNS resource records in zones protected by DNSSEC could be accepted as genuine. For the stable distribution , this problem has been fixed in version 9.3.4-2etch4. For the unstable distributio ...

Several local vulnerabilities have been discovered in the PAM module for MIT Kerberos. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0360 Russ Allbery discovered that the Kerberos PAM module parsed configuration settings from enviromnent variables when run from a setuid context. This could lead to local privilege escalation if an attacker points a set ...

Stefan Esser discovered that Horde, a web application framework providing classes for dealing with preferences, compression, browser detection, connection tracking, MIME, and more, is insufficiently validating and escaping user provided input. The Horde_Form_Type_image form element allows to reuse a temporary filename on reuploads which are stored in a hidden HTML field and then trusted without pr ...

Stefan Cornelius discovered a buffer overflow in devil, a cross-platform image loading and manipulation toolkit, which could be triggered via a crafted Radiance RGBE file. This could potentially lead to the execution of arbitrary code. For the stable distribution , this problem has been fixed in version 1.6.7-5+etch1. For the testing distribution , this problem has been fixed in version 1.6.8-rc2- ...

Martin von Gagern discovered that GNUTLS, an implementation of the TLS/SSL protocol, handles verification of X.509 certificate chains incorrectly if a self-signed certificate is configured as a trusted certificate. This could cause clients to accept forged server certificates as genuine. In addition, this update tightens the checks for X.509v1 certificates which causes GNUTLS to reject certain ce ...

It was discovered that php-net-ping, a PHP PEAR module to execute ping independently of the Operating System, performs insufficient input sanitising, which might be used to inject arguments or execute arbitrary commands on a system that uses php-net-ping. For the stable distribution , this problem has been fixed in version 2.4.2-1+lenny1. For the oldstable distribution , this problem has been fi ...

Certificates with MD2 hash signatures are no longer accepted by OpenSSL, since they"re no longer considered cryptographically secure. For the stable distribution , this problem has been fixed in version 0.9.8g-15+lenny5. For the old stable distribution , this problem has been fixed in version 0.9.8c-4etch9 for openssl and version 0.9.7k-3.1etch5 for openssl097. The OpenSSL 0.9.8 update for oldstab ...


Pages:      Start    7888    7889    7890    7891    7892    7893    7894    7895    7896    7897    7898    7899    7900    7901    ..   8543

© SecPod Technologies