Download
| Alert*
|
oval:org.secpod.oval:def:1300302
Updated apache-mod_security packages fix security vulnerability: Martin Holst Swende discovered a flaw in the way mod_security handled chunked requests. A remote attacker could use this flaw to bypass intended mod_security restrictions, allowing them to send requests containing content that should h ... oval:org.secpod.oval:def:1300301 Updated libxml2 packages fix security vulnerability: It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attack ... oval:org.secpod.oval:def:1300300 Multiple vulnerabilities has been discovered and corrected in cups: lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf . Cross-site script ... oval:org.secpod.oval:def:1300314 Updated curl packages fix security vulnerabilities: Paras Sethia discovered that libcurl would sometimes mix up multiple HTTP and HTTPS connections with NTLM authentication to the same server, sending requests for one user over the connection authenticated as a different user . libcurl can in some c ... oval:org.secpod.oval:def:1300313 Multiple vulnerabilities has been discovered and corrected in python-django: Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly include the Vary: Cookie or Cache-Control header in responses, which allows remote attackers to obtain sensitive informa ... oval:org.secpod.oval:def:1300306 Updated emacs packages fix security vulnerabilities: Steve Kemp discovered multiple temporary file handling issues in Emacs. A local attacker could use these flaws to perform symbolic link attacks against users running Emacs . oval:org.secpod.oval:def:1300304 Updated libpng packages fix security vulnerabilities: An integer overflow leading to a heap-based buffer overflow was found in the png_set_sPLT and png_set_text_2 API functions of libpng. An attacker could create a specially-crafted image file and render it with an application written to explicitly ... oval:org.secpod.oval:def:1300204 Updated apache-mod_security packages fix security vulnerability: When ModSecurity receives a request body with a size bigger than the value set by the SecRequestBodyInMemoryLimit and with a Content-Type that has no request body processor mapped to it, ModSecurity will systematically crash on every c ... oval:org.secpod.oval:def:1300203 Updated perl-Proc-ProcessTable package fixes security vulnerability: ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS . oval:org.secpod.oval:def:1300214 A security vulnerability was discovered and fixed in php-radius. Fix a security issue in radius_get_vendor_attr by enforcing checks of the VSA length field against the buffer size . The updated packages have been upgraded to the 1.2.7 version which is not affected by this issue. oval:org.secpod.oval:def:1300208 Updated lcms packages fix security vulnerability: Three buffer overflows in Little CMS version 1.19 that could possibly be exploited through user input . oval:org.secpod.oval:def:1300226 A vulnerability has been discovered and corrected in perl-Crypt-DSA: The Crypt::DSA module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determine the signing key of a signed message, via a br ... oval:org.secpod.oval:def:1300104 Multiple vulnerabilities has been discovered and corrected in icedtea-web: An uninitialized pointer use flaw was found in IcedTea-Web web browser plugin. A malicious web page could use this flaw make IcedTea-Web browser plugin pass invalid pointer to a web browser. Depending on the browser used, it ... oval:org.secpod.oval:def:1300225 Multiple vulnerabilities has been discovered and corrected in cacti: Multiple cross-site scripting vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via the step parameter to install/index.php or the id parameter to cacti/host.php . SQL inje ... oval:org.secpod.oval:def:1300102 A vulnerability has been discovered and corrected in krb5: The MIT krb5 KDC daemon can free an uninitialized pointer while processing an unusual AS-REQ, corrupting the process heap and possibly causing the daemon to abnormally terminate. An attacker could use this vulnerability to execute malicious ... oval:org.secpod.oval:def:1300219 Updated python-django package fixes security vulnerability: The is_safe_url function has been modified to properly recognize and reject URLs which specify a scheme other than HTTP or HTTPS, to prevent cross-site scripting attacks through redirecting to other schemes, such as javascript. . oval:org.secpod.oval:def:1300218 Multiple vulnerabilities has been discovered and corrected in mysql: MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service v ... oval:org.secpod.oval:def:1300217 SQL injection and shell escaping issues were discovered and fixed in cacti . The updated packages have been upgraded to the 0.8.8b version which is not vulnerable to these issues. oval:org.secpod.oval:def:1300216 Multiple vulnerabilities has been discovered and corrected in phpmyadmin: * XSS due to unescaped HTML Output when executing a SQL query . * 5 XSS vulnerabilities in setup, chart display, process list, and logo link. If a crafted version.json would be presented, an XSS could be introduced . * Full pa ... oval:org.secpod.oval:def:1300114 A vulnerability has been discovered and corrected in acpid: Helmut Grohne and Michael Biebl discovered that ACPI scripts were executed with a permissive file mode creation mask . A local attacker could read files and modify directories created by ACPI scripts that did not set a strict umask . The up ... oval:org.secpod.oval:def:1300234 A vulnerability has been discovered and corrected in proftpd: Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service via a large response count value in an authentication request, which triggers a large memory allocation . The upd ... oval:org.secpod.oval:def:1300112 Multiple cross-site request forgery and cross-site scripting flaws has been found and corrected in GLPI . This advisory provides the latest version of GLPI which are not vulnerable to these issues. Additionally the latest versions of the corresponding plugins are also being provided. oval:org.secpod.oval:def:1300233 A vulnerability has been discovered and corrected in davfs2: Davfs2, a filesystem client for WebDAV, calls the function system insecurely while is setuid root. This might allow a privilege escalation . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300111 Multiple cross-site scripting vulnerabilities was discovered by using the Database structure page with a crafted table name . This upgrade provides the latest phpmyadmin version to address this vulnerability. oval:org.secpod.oval:def:1300232 Multiple vulnerabilities has been discovered and corrected in roundcubemail: Multiple cross-site scripting vulnerabilities in Roundcube webmail before 0.9.3 allow user-assisted remote attackers to inject arbitrary web script or HTML via the body of a message visited in new or draft mode, related ... oval:org.secpod.oval:def:1300231 A vulnerability has been discovered and corrected in python-django: Rainer Koirikivi discovered a directory traversal vulnerability with 'ssi' template tags in python-django, a high-level Python web development framework. It was shown that the handling of the 'ALLOWED_INCLUDE_ROOTS� ... oval:org.secpod.oval:def:1300109 A vulnerability was found and corrected in openldap: slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300229 A vulnerability has been discovered and corrected in python-setuptools/python-virtualenv: easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbi ... oval:org.secpod.oval:def:1300107 A vulnerability was found and corrected in libxml2: Multiple integer overflows in libxml2, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300106 Multiple vulnerabilities was found and corrected in Wireshark: It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file . It may be possible to make Wireshark consume excessive CPU resources by injecting a ... oval:org.secpod.oval:def:1300227 Updated subversion package fixes security vulnerability: svnserve takes a --pid-file option which creates a file containing the process id it is running as. It does not take steps to ensure that the file it has been directed at is not a symlink. If the pid file is in a directory writeable by unprivi ... oval:org.secpod.oval:def:1300006 A vulnerability has been found and corrected in ASF APR: tables/apr_hash.c in the Apache Portable Runtime library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service via cra ... oval:org.secpod.oval:def:1300127 A security issue was identified and fixed in dhcp: ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced . The up ... oval:org.secpod.oval:def:1300248 Multiple vulnerabilities was found and corrected in Wireshark: The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a den ... oval:org.secpod.oval:def:1300247 A vulnerability was found and corrected in memcached: Memcached is vulnerable to a denial of service as it can be made to crash when it receives a specially crafted packet over the network . The updated packages for Enterprise Server 5 has beed patched to resolve this flaw. The updated packages for ... oval:org.secpod.oval:def:1300004 A vulnerability has been found and corrected in libxml2: A heap-based buffer overflow in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300124 Multiple security issues were identified and fixed in OpenJDK : Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and a security-in-depth issue that is not ... oval:org.secpod.oval:def:1300245 A vulnerability has been discovered and corrected in mozilla NSS: Mozilla Network Security Services before 3.15.2 does not ensure that data structures are initialized before read operations, which allow remote attackers to cause a denial of service or possibly have unspecified other impact via vect ... oval:org.secpod.oval:def:1300002 A vulnerability has been found and corrected in perl: Eval injection in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300123 Multiple vulnerabilities has been found and corrected in ffmpeg. This advisory provides updated versions which resolves various security issues. oval:org.secpod.oval:def:1300001 Mandriva Enterprise Server 5.2 is installed oval:org.secpod.oval:def:1300243 A vulnerability has been discovered and corrected in roundcubemail: It was discovered that roundcube does not properly sanitize the _session parameter in steps/utils/save_pref.inc during saving preferences. The vulnerability can be exploited to overwrite configuration settings and subsequently allow ... oval:org.secpod.oval:def:1300000 A vulnerability has been found and corrected in libtasn1: The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:1300120 Security issues were identified and fixed in mozilla firefox: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume ... oval:org.secpod.oval:def:1300119 Multiple vulnerabilities has been found and corrected in tetex: The Gfx::getPos function in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service via unknown vectors that trigger an uninitialized pointer dereference . The FoFiType1::parse function in fofi/FoFiTy ... oval:org.secpod.oval:def:1300118 Multiple vulnerabilities has been discovered and corrected in python-django: The django.http.HttpResponseRedirect and django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2 and 1.4.x before 1.4.1 do not validate the scheme of a redirect target, which might allow remote attackers ... oval:org.secpod.oval:def:1300117 A vulnerability has been discovered and corrected in openslp: The extension parser in slp_v2message.c in OpenSLP 1.2.1 allows remote attackers to cause a denial of service via a packet with a next extension offset that references this extension or a previous extension . The updated packages have be ... oval:org.secpod.oval:def:1300130 A security issue was identified and fixed in gc: Multiple integer overflows in the GC_generic_malloc and calloc funtions in malloc.c, and the GC_generic_malloc_ignore_off_page function in mallocx.c in Boehm-Demers-Weiser GC before 7.2 make it easier for context-dependent attackers to perform mem ... oval:org.secpod.oval:def:1300017 Multiple vulnerabilities has been found and corrected in t1lib: A heap-based buffer overflow flaw was found in the way AFM font file parser, used for rendering of DVI files, in GNOME evince document viewer and other products, processed line tokens from the given input stream. A remote attacker could ... oval:org.secpod.oval:def:1300138 Multiple security issues were identified and fixed in OpenJDK : * S6631398, CVE-2012-3216: FilePermission improved path checking * S7093490: adjust package access in rmiregistry * S7143535, CVE-2012-5068: ScriptEngine corrected permissions * S7167656, CVE-2012-5077: Multiple Seeders are being create ... oval:org.secpod.oval:def:1300137 A security issue were identified and fixed in mozilla firefox: Mozilla security researcher moz_bug_r_a4 reported a regression where security wrappers are unwrapped without doing a security check in defaultValue. This can allow for improper access access to the Location object. In versions 15 and ear ... oval:org.secpod.oval:def:1300015 Multiple security issues were identified and fixed in OpenJDK : Fix issues in java sound . Fix in AtomicReferenceArray . Add property to limit number of request headers to the HTTP Server . Incorect checking for graphics rendering object . Multiple unspecified vulnerabilities allows remote attackers ... oval:org.secpod.oval:def:1300136 A vulnerability has been found and corrected in graphicsmagick: The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service via a crafted PNG file that trigger ... oval:org.secpod.oval:def:1300257 A vulnerability has been discovered and corrected in mozilla NSS: Google notified Mozilla that an intermediate certificate, which chains up to a root included in Mozillas root store, was loaded into a man-in-the-middle traffic management device. This certificate was issued by Agence nationale de la ... oval:org.secpod.oval:def:1300135 A vulnerability has been found and corrected in bacula: The dump_resource function in dird/dird_conf.c in Bacula before 5.2.11 does not properly enforce ACL rules, which allows remote authenticated users to obtain resource dump information via unspecified vectors . The updated packages have been pat ... oval:org.secpod.oval:def:1300013 Multiple vulnerabilities has been found and corrected in openssl: The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack . Double free vu ... oval:org.secpod.oval:def:1300254 A vulnerability was found and corrected in ruby: Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a ... oval:org.secpod.oval:def:1300011 A File Inclusion vulnerability was discovered and corrected in GLPI. This advisory provides the latest version of GLPI that is not vulnerable to this issue. oval:org.secpod.oval:def:1300132 Security issues were identified and fixed in mozilla firefox: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume ... oval:org.secpod.oval:def:1300253 Updated curl packages fix security vulnerability: Scott Cantor discovered that curl, a file retrieval tool, would disable the CURLOPT_SSLVERIFYHOST check when the CURLOPT_SSL_VERIFYPEER setting was disabled. This would also disable ssl certificate host name checks when it should have only disabled v ... oval:org.secpod.oval:def:1300010 Multiple vulnerabilities has been found and corrected in phpmyadmin: It was possible to conduct XSS using a crafted database name . The show_config_errors.php scripts did not validate the presence of the configuration file, so an error message shows the full path of this file, leading to possible fu ... oval:org.secpod.oval:def:1300131 A vulnerability has been found and corrected in imagemagick: The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service via a crafted PNG file that triggers inco ... oval:org.secpod.oval:def:1300008 Multiple vulnerabilities has been discovered and corrected in pidgin: The pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin before 2.10.2 allows remote attackers to cause a denial of service by changing a nickname while in an XMPP chat room . The msn_oim_report_to_user function in oim.c ... oval:org.secpod.oval:def:1300007 Multiple vulnerabilities has been found and corrected in libvorbis: A specially-crafted Ogg Vorbis media format file could cause an application using libvorbis to crash or, possibly, execute arbitrary code when opened . If a specially-crafted Ogg Vorbis media file was opened by an application using ... oval:org.secpod.oval:def:1300140 A vulnerability has been discovered and corrected in icedtea-web: A buffer overflow flaw was found in the IcedTea-Web plug-in. Visiting a malicious web page could cause a web browser using the IcedTea-Web plug-in to crash or, possibly, execute arbitrary code . The updated packages have been upgraded ... oval:org.secpod.oval:def:1300261 Updated links package fixes security vulnerability: Mikulas Patocka discovered an integer overflow in the parsing of HTML tables in the Links web browser. This can only be exploited when running Links in graphical mode . oval:org.secpod.oval:def:1300148 A vulnerability has been discovered and corrected in apache-mod_security: ModSecurity <= 2.6.8 is vulnerable to multipart/invalid part ruleset bypass, this was fixed in 2.7.0 . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300026 A vulnerability has been found and corrected in samba: The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to e ... oval:org.secpod.oval:def:1300147 Multiple host header poisoning flaws were found and fixed in Django. The updated packages have been upgraded to the 1.3.5 version which is not affected by these issues. oval:org.secpod.oval:def:1300266 Updated librsvg and gtk+3.0 packages fix security vulnerability: librsvg before version 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference . For Business Server 1 gtk+3.0 has been patched to cop ... oval:org.secpod.oval:def:1300023 A vulnerability has been found and corrected in GLPI: The autocompletion functionality in GLPI before 0.80.2 does not blacklist certain username and password fields, which allows remote attackers to obtain sensitive information via a crafted POST request . This advisory provides the latest version o ... oval:org.secpod.oval:def:1300144 A vulnerability was found and corrected in libxml2: A heap-buffer overflow was found in the way libxml2 decoded certain XML entitites. A remote attacker could provide a specially-crafted XML file, which once opened in an application linked against libxml would cause that application to crash, or, po ... oval:org.secpod.oval:def:1300265 Multiple vulnerabilities has been discovered and corrected in nagios: Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a ... oval:org.secpod.oval:def:1300264 A vulnerability has been discovered and corrected in nrpe: Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor before 2.14 might allow remote attackers to execute arbitrary shell commands via $ shell metacharacters, which are processed by bash . The updated packages have ... oval:org.secpod.oval:def:1300021 A vulnerability has been found and corrected in t1lib: t1lib 5.1.2 and earlier uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a specially crafted Type 1 font in a PDF document . The updated packages have been patched t ... oval:org.secpod.oval:def:1300142 Multiple security issue were identified and fixed in mozilla firefox: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we ... oval:org.secpod.oval:def:1300263 Multiple vulnerabilities has been discovered and corrected in memcached: The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service via a request to delete a key, which does n ... oval:org.secpod.oval:def:1300139 Multiple security issue were identified and fixed in mozilla firefox: Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object , w ... oval:org.secpod.oval:def:1300031 A potential memory corruption has been found and corrected in libpng . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300273 Updated graphviz packages fix security vulnerabilities: Multiple buffer overflow vulnerabilities in graphviz due to an error within the yyerror function which can be exploited to cause a stack-based buffer overflow via a specially crafted file and the acceptance of an arbitrarily long digit list b ... oval:org.secpod.oval:def:1300030 A vulnerability has been found and corrected in samba: A file existence dislosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw ... oval:org.secpod.oval:def:1300272 Updated perl-Proc-Daemon package fixes security vulnerability: It was reported that perl-Proc-Daemon, when instructed to write a pid file, does that with a umask set to 0, so the pid file ends up with mode 666, allowing any user on the system to overwrite it . oval:org.secpod.oval:def:1300039 Multiple vulnerabilities has been found and corrected in apache : The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cau ... oval:org.secpod.oval:def:1300037 Multiple vulnerabilities has been found and corrected in cacti: SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter . Various vulnerabilities were discovered and fixed in the 0.8.7i version . ... oval:org.secpod.oval:def:1300036 It was discovered that SQLAlchemy did not sanitize values for the limit and offset keywords for SQL select statements. If an application using SQLAlchemy accepted values for these keywords, and did not filter or sanitize them before passing them to SQLAlchemy, it could allow an attacker to perform a ... oval:org.secpod.oval:def:1300278 Updated libpng and libpng12 packages fix security vulnerability: The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service via a PLTE chunk of zero bytes or a NULL palette, related to pngrtran.c and pngset.c . oval:org.secpod.oval:def:1300277 Multiple vulnerabilities has been discovered and corrected in pidgin: The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service via crafted byte sequences . Multiple integer signedness errors in ... oval:org.secpod.oval:def:1300034 A vulnerability has been found and corrected in fcgi: The FCGI module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers . The updat ... oval:org.secpod.oval:def:1300276 Updated libgadu packages fix security vulnerability: A malicious server or man-in-the-middle could send a large value for Content-Length and cause an integer overflow which could lead to a buffer overflow in Gadu-Gadu HTTP parsing . oval:org.secpod.oval:def:1300033 Security issues were identified and fixed in mozilla firefox: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access if SVG elements were removed during a DOMAttrModified event h ... oval:org.secpod.oval:def:1300275 Updated ffmpeg packages fix security vulnerabilities: This updates provides ffmpeg version 0.5.13 and 0.10.11, which fixes several unspecified security vulnerabilities and other bugs which were corrected upstream. oval:org.secpod.oval:def:1300032 A vulnerability has been found and corrected in sudo: A flaw exists in the IP network matching code in sudo versions 1.6.9p3 through 1.8.4p4 that may result in the local host being matched even though it is not actually part of the network described by the IP address and associated netmask listed in ... oval:org.secpod.oval:def:1300029 A vulnerability has been found and corrected in libsoup: Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e in a URI . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300284 Updated freeradius package fixes security vulnerability: SSHA processing in freeradius before 2.2.3 runs into a stack-based buffer overflow in the freeradius rlm_pap module if the password source uses an unusually long hashed password . oval:org.secpod.oval:def:1300283 A directory traversal attack was reported against libtar, a C library for manipulating tar archives. The application does not validate the filenames inside the tar archive, allowing to extract files in arbitrary path. An attacker can craft a tar file to override files beyond the tar_extract_glob and ... oval:org.secpod.oval:def:1300282 A vulnerability has been discovered and corrected in phpmyadmin: Cross-site scripting vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action . This upgrade provides the latest phpmyad ... oval:org.secpod.oval:def:1300048 A vulnerability has been found and corrected in cyrus-imapd: The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service via a crafted References header in an e-mail message . The upda ... oval:org.secpod.oval:def:1300047 Multiple vulnerabilities has been found and corrected in libzip: libzip uses an incorrect loop construct, which can result in a heap overflow on corrupted zip files . libzip has a numeric overflow condition, which, for example, results in improper restrictions of operations within the bounds of a ... oval:org.secpod.oval:def:1300289 Multiple vulnerabilities was discovered and corrected in webmin: Multiple XSS, CSRF, and arbitrary code execution vulnerabilities that impact Webmin versions prior to 1.620 . The 1.680 version fixed security issues that could be exploited by un-trusted Webmin users in the PHP Configuration and Webal ... oval:org.secpod.oval:def:1300045 A vulnerability has been found and corrected in ruby: Ruby before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service via crafted input to an application that maintains a hash ... oval:org.secpod.oval:def:1300044 Security issues were identified and fixed in mozilla firefox and thunderbird: An integer overflow in the libpng library can lead to a heap-buffer overflow when decompressing certain PNG images. This leads to a crash, which may be potentially exploitable . The mozilla firefox and thunderbird packages ... oval:org.secpod.oval:def:1300165 Multiple vulnerabilities was found and corrected in Wireshark: * DRDA dissector infinite loop . * USB dissector infinite loop * ISAKMP dissector crash * iSCSI dissector infinite loop * WTP dissector infinite loop * RTCP dissector inifinte loop * ICMPv6 dissector infinite loop * Infinite and large lo ... oval:org.secpod.oval:def:1300174 ClamAV 0.97.7 addresses several reported potential security bugs. Thanks to Felix Groebert, Mateusz Jurczyk and Gynvael Coldwind of the Google Security Team for finding and reporting these issues. oval:org.secpod.oval:def:1300295 A vulnerability has been discovered and corrected in jbigkit: Stack-based buffer overflow in the jbg_dec_in function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted image file . The updated packages for ... oval:org.secpod.oval:def:1300173 A vulnerability has been found and corrected in nagios: Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via ... oval:org.secpod.oval:def:1300051 A vulnerability has been found and corrected in nagios: Cross-site scripting vulnerability in statusmap.c in statusmap.cgi in Nagios 3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the layer parameter . The updated packages have been patched to correct this issu ... oval:org.secpod.oval:def:1300293 Updated yaml packages fix security vulnerabilities: Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially-crafted tag that, when parsed ... oval:org.secpod.oval:def:1300170 Multiple vulnerabilities has been discovered and corrected in pidgin: The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted mxit or mxit/imagestrips pathname . Buffer overflow in http.c in the MXit protocol plugin in l ... oval:org.secpod.oval:def:1300058 Security issues were identified and fixed in mozilla firefox and thunderbird: Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors ... oval:org.secpod.oval:def:1300299 Updated python-lxml packages fix security vulnerability: The clean_html function, provided by the lxml.html.clean module, did not properly clean HTML input if it included non-printed characters . A remote attacker could use this flaw to serve malicious content to an application using the clean_html ... oval:org.secpod.oval:def:1300177 Multiple XXS vulnerabilities was found and corrected in awstats . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300297 Updated nagios packages fix security vulnerability: Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a denial of service via a long m ... oval:org.secpod.oval:def:1300054 Multiple vulnerabilities has been found and corrected in roundcubemail: The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging ... oval:org.secpod.oval:def:1300175 A vulnerability has been found and corrected in proftpd: ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the MKD or XMKD commands . The updated packages have been patched to corr ... oval:org.secpod.oval:def:1300296 A vulnerability has been discovered and corrected in dovecot: Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service via an incomplete SSL/TLS handshake for an IMAP/POP3 c ... oval:org.secpod.oval:def:1300185 Multiple unspecified vulnerabilites has been found and corrected in mysql. Please read the Oracle Critical Patch Updates pages for further information. The updated packages provides the latest supported mysql version from the 5.1.x branch . Additionally the mysql 5.0 client libraries is also being p ... oval:org.secpod.oval:def:1300184 A vulnerability has been found and corrected in libarchive: Fabian Yamaguchi reported a read buffer overflow flaw in libarchive on 64-bit systems where sizeof is equal to 8. In the archive_write_zip_data function in libarchive/ archive_write_set_format_zip.c, the "s" parameter is of type s ... oval:org.secpod.oval:def:1300061 Security issues were identified and fixed in mozilla firefox and thunderbird: An integer overflow in the libpng library can lead to a heap-buffer overflow when decompressing certain PNG images. This leads to a crash, which may be potentially exploitable . The mozilla firefox and thunderbird packages ... oval:org.secpod.oval:def:1300182 Multiple vulnerabilities has been discovered and corrected in icedtea-web: It was discovered that the IcedTea-Web plug-in incorrectly used the same class loader instance for applets with the same value of the codebase attribute, even when they originated from different domains. A malicious applet co ... oval:org.secpod.oval:def:1300060 A vulnerability has been found and corrected in ocsinventory: Cross-site scripting vulnerability in ocsinventory in OCS Inventory NG 2.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors . The updated packages have been patched to correct this issu ... oval:org.secpod.oval:def:1300181 Updated libxslt packages fix security vulnerability: Nicholas Gregoire discovered that libxslt incorrectly handled certain empty values. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could cause libxslt to crash, causing a denial of s ... oval:org.secpod.oval:def:1300180 Multiple vulnerabilities has been found and corrected in poppler: poppler before 0.22.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via vectors that trigger an invalid memory access in splash/Splash.cc, poppler/Function.cc, and poppler/Stre ... oval:org.secpod.oval:def:1300069 Multiple vulnerabilities has been discovered and corrected in pidgin: A series of specially crafted file transfer requests can cause clients to reference invalid memory. The user must have accepted one of the file transfer requests . Incoming messages with certain characters or character encodings c ... oval:org.secpod.oval:def:1300189 A vulnerability has been found and corrected in util-linux: An information disclosure flaw was found in the way the mount command reported errors. A local attacker could use this flaw to determine the existence of files and directories they do not have access to . Additionally for Mandriva Enterpris ... oval:org.secpod.oval:def:1300067 Security issues were identified and fixed in mozilla firefox: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume ... oval:org.secpod.oval:def:1300186 Multiple vulnerabilities has been found and corrected in roundcubemail: Cross-site scripting vulnerability in Roundcube Webmail 0.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the signature in an email . A local file inclusion flaw was found in the way RoundCube ... oval:org.secpod.oval:def:1300074 A vulnerability has been discovered and corrected in nut: Buffer overflow in the addchar function in common/parseconf.c in upsd in Network UPS Tools before 2.6.4 allows remote attackers to execute arbitrary code or cause a denial of service via a long string containing non-printable characters . T ... oval:org.secpod.oval:def:1300073 A vulnerability has been discovered and corrected in acpid: acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service via a crafted application that performs ... oval:org.secpod.oval:def:1300072 A vulnerability has been discovered and corrected in tomcat5: Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service via a request that contains many parameters and ... oval:org.secpod.oval:def:1300193 ClamAV 0.97.8 addresses several reported potential security bugs. oval:org.secpod.oval:def:1300071 Multiple vulnerabilities has been discovered and corrected in ncpfs: ncpfs 2.2.6 and earlier attempts to use ncpmount to append to the /etc/mtab file and ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigge ... oval:org.secpod.oval:def:1300192 A vulnerability has been found and corrected in apache-mod_security: ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, aka an ... oval:org.secpod.oval:def:1300070 Multiple vulnerabilities has been discovered and corrected in util-linux: mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a proce ... oval:org.secpod.oval:def:1300191 Multiple vulnerabilities has been discovered and corrected in krb5: The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_crypto_openssl.c in the PKINIT implementation in the Key Distribution Center in MIT Kerberos 5 before 1.10.4 and 1.11.x before 1.11.1 does not properly handle err ... oval:org.secpod.oval:def:1300190 A vulnerability has been found and corrected in fuse: FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulner ... oval:org.secpod.oval:def:1300198 Multiple vulnerabilities has been discovered and corrected in socat: A heap based buffer overflow vulnerability has been found with data that happens to be output on the READLINE address. Successful exploitation may allow an attacker to execute arbitrary code with the privileges of the socat process ... oval:org.secpod.oval:def:1300197 Updated openvpn package fixes security vulnerability: OpenVPN 2.3.0 and earlier running in UDP mode are subject to chosen ciphertext injection due to a non-constant-time HMAC comparison function. Plaintext recovery may be possible using a padding oracle attack on the CBC mode cipher implementation o ... oval:org.secpod.oval:def:1300082 This is a bugfix release that upgrades clamav to the latest version that resolves the following security issues: The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may ... oval:org.secpod.oval:def:1300087 A vulnerability has been discovered and corrected in krb5: Fix a kadmind denial of service issue , which could only be triggered by an administrator with the create privilege . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300096 Security issues were identified and fixed in mozilla firefox and thunderbird: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances ... oval:org.secpod.oval:def:1300095 A vulnerability has been discovered and corrected in perl-DBD-Pg: Two format string flaws were found in the way perl-DBD-Pg. A rogue server could provide a specially-crafted database warning or specially-crafted DBD statement, which once processed by the perl-DBD-Pg interface would lead to perl-DBD- ... oval:org.secpod.oval:def:1300094 A vulnerability has been discovered and corrected in apache-mod_auth_openid: mod_auth_openid before 0.7 for Apache uses world-readable permissions for /tmp/mod_auth_openid.db, which allows local users to obtain session ids . The updated packages have been upgraded to the latest version which is not ... oval:org.secpod.oval:def:1300091 A vulnerability has been discovered and corrected in pidgin: Incorrect handing of inline images in incoming instant messages can cause a buffer overflow and in some cases can be exploited to execute arbitrary code . This update provides pidgin 2.10.6, which is not vulnerable to this issue. oval:org.secpod.oval:def:1300099 Multiple vulnerabilities has been discovered and corrected in ISC DHCP: An error in the handling of malformed client identifiers can cause a DHCP server running affected versions to enter a state where further client requests are not processed and the server process loops endlessly, consuming all a ... oval:org.secpod.oval:def:1300098 A vulnerability has been discovered and corrected in python-pycrypto: PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks ... oval:org.secpod.oval:def:1300081 Multiple security issues were identified and fixed in OpenJDK : * S7079902, CVE-2012-1711: Refine CORBA data models * S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations * S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement * S7143606, CVE-2012-1717: File.createTempFile ... oval:org.secpod.oval:def:1300260 Updated pixman package fixes security vulnerability: Bryan Quigley discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, an attacker could cause a denial of service via application crash . oval:org.secpod.oval:def:1300169 Multiple vulnerabilities has been found and corrected in coreutils: Long line inputs could trigger a segfault in the sort, uniq and join utilities . The updated packages have been patched to correct these issues. oval:org.secpod.oval:def:1300239 Updated libtar packages fixes security vulnerability: Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding a specially-crafted archive, it could cause the libtar executable or an application using libtar to crash or, potent ... oval:org.secpod.oval:def:1300159 Multiple vulnerabilities has been found and corrected in squid : Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service via invalid Content-Length headers, long ... oval:org.secpod.oval:def:1300149 A vulnerability was found and corrected in libtiff: A stack-based buffer overflow was found in the way libtiff handled DOTRANGE tags. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, ex ... oval:org.secpod.oval:def:1300143 Multiple vulnerabilities was found and corrected in libtiff: Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format . ppm2tiff does n ... oval:org.secpod.oval:def:1300108 A vulnerability was found and corrected in libtiff: A heap-based buffer overflow flaw was found in the way tiff2pdf, a TIFF image to a PDF document conversion tool, of libtiff, a library of functions for manipulating TIFF image format files, performed write of TIFF image content into particular PDF ... oval:org.secpod.oval:def:1300105 A Security issue was identified and fixed in openoffice.org: Multiple heap-based buffer overflow flaws were found in the XML manifest encryption tag parsing code of openoffice.org. An attacker could create a specially-crafted file in the Open Document Format for Office Applications format which whe ... oval:org.secpod.oval:def:1300078 Security issues were identified and fixed in openoffice.org: An integer overflow vulnerability in the openoffice.org graphic loading code could allow a remote attacker to cause a denial of service or potentially execute arbitrary code . An integer overflow flaw, leading to buffer overflow, was foun ... oval:org.secpod.oval:def:1300024 A vulnerability has been found and corrected in libtiff: An integer overflow was discovered in the libtiff/tiff_getimage.c file in the tiff library which could cause execution of arbitrary code using a specially crafted TIFF image file . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300052 A vulnerability has been found and corrected in cvs: A heap-based buffer overflow flaw was found in the way the CVS client handled responses from HTTP proxies. A malicious HTTP proxy could use this flaw to cause the CVS client to crash or, possibly, execute arbitrary code with the privileges of the ... oval:org.secpod.oval:def:1300012 Multiple flaws were found in FreeType. Specially crafted files could cause application crashes or potentially execute arbitrary code . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300028 A vulnerability has been found and corrected in phpldapadmin: Cross-site scripting vulnerability in lib/QueryRender.php in phpLDAPadmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the base parameter in a query_engine action to cmd.php . The updated packages ... oval:org.secpod.oval:def:1300022 A vulnerability has been found and corrected in samba: Heap-based buffer overflow in process.c in smbd in Samba allows remote attackers to cause a denial of service or possibly execute arbitrary code via a Batched request that triggers infinite recursion . The updated packages have been patched to ... oval:org.secpod.oval:def:1300053 A vulnerability has been found and corrected in libpng: A heap-based buffer overflow flaw was found in the way libpng processed compressed chunks in PNG image files. An attacker could create a specially-crafted PNG image file that, when opened, could cause an application using libpng to crash or, po ... oval:org.secpod.oval:def:1300121 Multiple vulnerabilities has been found and corrected in ffmpeg: The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file . cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:1300055 Multiple vulnerabilities has been found and corrected in ffmpeg: The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file . cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:1300016 Multiple vulnerabilities has been found and corrected in apache: Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file w ... oval:org.secpod.oval:def:1300179 Multiple vulnerabilities has been found and corrected in groff: contrib/pdfmark/pdfroff.sh in GNU troff before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file . The gendef.sh, doc/fixinfo.sh, and contrib/gdiffmk/tests/runtests.in scripts ... oval:org.secpod.oval:def:1300110 Multiple vulnerabilities was found and corrected in busybox: The decompress function in ncompress allows remote attackers to cause a denial of service , and possibly execute arbitrary code, via crafted data that leads to a buffer underflow . A missing DHCP option checking / sanitization flaw was rep ... oval:org.secpod.oval:def:1300133 Multiple vulnerabilities has been discovered and corrected in libxslt: Unspecified vulnerability in XSLT allows remote attackers to obtain potentially sensitive information about heap memory addresses via unknown vectors . libxslt 1.1.26 and earlier does not properly manage memory, which might allow ... oval:org.secpod.oval:def:1300125 A security issue was identified and fixed in ghostscript: An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library . An attacker could create a specially-crafted PostScript or PDF file with embedded images that w ... oval:org.secpod.oval:def:1300116 Multiple vulnerabilities has been discovered and corrected in gimp: A heap-based buffer overflow flaw, leading to invalid free, was found in the way KISS CEL file format plug-in of Gimp, the GNU Image Manipulation Program, performed loading of certain palette files. A remote attacker could provide a ... oval:org.secpod.oval:def:1300101 A vulnerability has been discovered and corrected in apache-mod_security: ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type heade ... oval:org.secpod.oval:def:1300089 A vulnerability has been discovered and corrected in exif: An integer overflow in the function jpeg_data_load_data in the exif program could cause a data read beyond the end of a buffer, causing an application crash or leakage of potentially sensitive information when parsing a crafted JPEG file . T ... oval:org.secpod.oval:def:1300092 Multiple vulnerabilities has been discovered and corrected in libexif: A heap-based out-of-bounds array read in the exif_entry_get_value function in libexif/exif-entry.c in libexif 0.6.20 and earlier allows remote attackers to cause a denial of service or possibly obtain potentially sensitive inform ... oval:org.secpod.oval:def:1300269 A vulnerability has been discovered and corrected in ejabberd: xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type. NOTE: this issue is due to an incomplete fi ... oval:org.secpod.oval:def:1300093 A vulnerability has been discovered and corrected in libxslt: The XSL implementation in libxslt allows remote attackers to cause a denial of service via unspecified vectors . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300014 Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially-crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library to crash or, potentially, execute arbi ... oval:org.secpod.oval:def:1300038 Multiple vulnerabilities has been found and corrected in imagemagick: Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working dir ... oval:org.secpod.oval:def:1300040 A vulnerability has been found and corrected in GnuTLS: gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service via a crafted record, as demonstrated by a craf ... oval:org.secpod.oval:def:1300009 A vulnerability has been found and corrected in libxslt: libxslt allows remote attackers to cause a denial of service via unspecified vectors . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300059 A vulnerability has been found and corrected in openssl: OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108 . The upda ... oval:org.secpod.oval:def:1300019 A vulnerability has been found and corrected in GnuTLS: Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denia ... oval:org.secpod.oval:def:1300242 Updated icu packages fix security vulnerabilities: It was discovered that ICU contained a race condition affecting multi-threaded applications. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the use ... oval:org.secpod.oval:def:1300202 Multiple vulnerabilities has been found and corrected in apache: mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP r ... oval:org.secpod.oval:def:1300215 Multiple security issues was identified and fixed in mozilla firefox: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we ... oval:org.secpod.oval:def:1300209 A vulnerability has been found and corrected in apache : mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service via a MERGE request in which the URI is configured for handling by the ... oval:org.secpod.oval:def:1300206 Multiple security issues was identified and fixed in mozilla firefox: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we ... oval:org.secpod.oval:def:1300205 Multiple vulnerabilities has been discovered and corrected in ruby: The safe-level feature in Ruby 1.8.7 allows context-dependent attackers to modify strings via the NameError#to_s method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005 . lib/rexml/text. ... oval:org.secpod.oval:def:1300224 A vulnerability has been discovered and corrected in curl: libcurl is vulnerable to a case of bad checking of the input data which may lead to heap corruption. The function curl_easy_unescape decodes URL encoded strings to raw binary data. URL encoded octets are represented with \%HH combinations wh ... oval:org.secpod.oval:def:1300223 A vulnerability has been discovered and corrected in php: * Fixed PHP bug #65236 . The updated packages have been upgraded to the 5.3.27 version which is not vulnerable to this issue. The php-timezonedb package has been updated to the 2013.4 version. Additionally, some packages which requires so ha ... oval:org.secpod.oval:def:1300220 A vulnerability has been discovered and corrected in mesa: Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XF86DRIOpenConnection and XF86DRIGetClientDriverName functio ... oval:org.secpod.oval:def:1300235 Multiple vulnerabilities has been discovered and corrected in openswan: The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the ipseclive.conn and ipsec.olts.remote.log ... oval:org.secpod.oval:def:1300113 Multiple vulnerabilities was found and corrected in Wireshark: The DCP ETSI dissector could trigger a zero division . The MongoDB dissector could go into a large loop . The XTP dissector could go into an infinite loop . The AFP dissector could go into a large loop . The RTPS2 dissector could overflo ... oval:org.secpod.oval:def:1300230 A vulnerability has been discovered and corrected in gdm: GNOME Display Manager before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/ . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300228 Multiple security issues was identified and fixed in mozilla firefox: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we ... oval:org.secpod.oval:def:1300129 A security issue was identified and fixed in xinetd: builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1 . Th ... oval:org.secpod.oval:def:1300128 Multiple vulnerabilities has been found and corrected in apache : Insecure handling of LD_LIBRARY_PATH was found that could lead to the current working directory to be searched for DSOs. This could allow a local user to execute code as root if an administrator runs apachectl from an untrusted direct ... oval:org.secpod.oval:def:1300146 A vulnerability was discovered and corrected in perl-CGI: CGI.pm module before 3.63 for Perl does not properly escape newlines in Set-Cookie or P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm . The updated packages have b ... oval:org.secpod.oval:def:1300145 A vulnerability was discovered and corrected in cups: CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitr ... oval:org.secpod.oval:def:1300151 Multiple vulnerabilites has been found and corrected in tomcat5: The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce values instead of nonce and nc values, whic ... oval:org.secpod.oval:def:1300150 Multiple security issue were identified and fixed in mozilla firefox: Google reported to Mozilla that TURKTRUST, a certificate authority in Mozillas root program, had mis-issued two intermediate certificates to customers. The issue was not specific to Firefox but there was evidence that one of the c ... oval:org.secpod.oval:def:1300158 Multiple vulnerabilities has been found and corrected in freetype2: A Null pointer de-reference flaw was found in the way Freetype font rendering engine handled Glyph bitmap distribution format fonts. A remote attacker could provide a specially-crafted BDF font file, which once processed in an appl ... oval:org.secpod.oval:def:1300155 Multiple security issues were identified and fixed in OpenJDK : * S6563318, CVE-2013-0424: RMI data sanitization * S6664509, CVE-2013-0425: Add logging context * S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time * S6776941: CVE-2013-0427: Improve thread po ... oval:org.secpod.oval:def:1300153 A vulnerability has been found and corrected in perl: Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code ... oval:org.secpod.oval:def:1300042 A potentially exploitable vulnerability has been discovered in the OpenSSL function asn1_d2i_read_bio that affects S/MIME or CMS applications using the built in MIME parser SMIME_read_PKCS7 or SMIME_read_CMS . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300163 A vulnerability has been found and corrected in libxml2: A denial of service flaw was found in the way libxml2 performed string substitutions when entity values for entity references replacement was enabled. A remote attacker could provide a specially-crafted XML file that, when processed by an appl ... oval:org.secpod.oval:def:1300161 Multiple vulnerabilities has been found and corrected in apache : Various XSS flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp . XSS in mod_proxy_balancer manager interface . Additionally the ASF bug 53219 was resolved which p ... oval:org.secpod.oval:def:1300160 Multiple security issues were identified and fixed in OpenJDK : * S8006446: Restrict MBeanServer access * S8006777: Improve TLS handling of invalid messages * S8007688: Blacklist known bad certificate * S7123519: problems with certification path * S8007393: Possible race condition after JDK-6664509 ... oval:org.secpod.oval:def:1300167 Multiple security issues were identified and fixed in OpenJDK : The 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via vectors that trigger a read or writ ... oval:org.secpod.oval:def:1300164 Multiple vulnerabilities has been found and corrected in openssl: OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote attackers to cause a denial of service via an invalid key . The TLS protocol ... oval:org.secpod.oval:def:1300172 Multiple vulnerabilities has been found and corrected in sudo: sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically-proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo use ... oval:org.secpod.oval:def:1300050 Multiple vulnerabilities has been found and corrected in openssl: The implementation of Cryptographic Message Syntax and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data v ... oval:org.secpod.oval:def:1300171 A security issue was identified and fixed in mozilla firefox: VUPEN Security, via TippingPoint's Zero Day Initiative, reported a use-after-free within the HTML editor when content script is run by the document.execCommand function while internal editor operations are occurring. This could allow ... oval:org.secpod.oval:def:1300178 Multiple security issues was identified and fixed in mozilla firefox: Security researcher Mariusz Mlynski reported a method to use browser navigations through history to load an arbitrary website with that page's baseURI property pointing to another site instead of the seemingly loaded one. The ... oval:org.secpod.oval:def:1300056 A vulnerability has been found and corrected in openssl: A flaw in the OpenSSL handling of CBC mode ciphersuites in DTLS can be exploited in a denial of service attack on both clients and servers . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300183 Multiple security issues were identified and fixed in OpenJDK : Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption . Multiple improper permission check ... oval:org.secpod.oval:def:1300188 Multiple vulnerabilities has been found and corrected in subversion: Subversion's mod_dav_svn Apache HTTPD server module will use excessive amounts of memory when a large number of properties are set or deleted on a node. This can lead to a DoS. There are no known instances of this problem bein ... oval:org.secpod.oval:def:1300187 Updated curl packages fix security vulnerability: libcurl is vulnerable to a cookie leak vulnerability when doing requests across domains with matching tails. This vulnerability can be used to hijack sessions in targetted attacks since registering domains using a known domain's name as an endin ... oval:org.secpod.oval:def:1300196 A vulnerability has been discovered and corrected in krb5: The kpasswd service provided by kadmind was vulnerable to a UDP ping-pong attack . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300195 Multiple security issues was identified and fixed in mozilla firefox: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we ... oval:org.secpod.oval:def:1300194 Multiple vulnerabilities has been discovered and corrected in glibc: Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to ... oval:org.secpod.oval:def:1300083 A vulnerability has been discovered and corrected in net-snmp: An array index error, leading to out-of heap-based buffer read flaw was found in the way net-snmp agent performed entries lookup in the extension table. When certain MIB subtree was handled by the extend directive, a remote attacker havi ... oval:org.secpod.oval:def:1300305 Updated struts packages fix security vulnerability: It was found that the Struts 1 ActionForm object allowed access to the 'class' parameter, which is directly mapped to the getClass method. A remote attacker could use this flaw to manipulate the ClassLoader used by an application server r ... oval:org.secpod.oval:def:1300201 Multiple vulnerabilities has been found and corrected in subversion: If a filename which contains a newline character is committed to a repository using the FSFS format, the resulting revision is corrupt. This can lead to disruption for users of the repository . Subversion's svnserve server pr ... oval:org.secpod.oval:def:1300200 Multiple vulnerabilities has been found and corrected in wireshark: * The ASN.1 BER dissector could crash . * The CAPWAP dissector could crash . * The HTTP dissector could overrun the stack . * The DCP ETSI dissector could crash . This advisory provides the latest version of Wireshark which is not ... oval:org.secpod.oval:def:1300212 A vulnerability has been found and corrected in samba: Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service via a malformed packet . The updated packages ... oval:org.secpod.oval:def:1300211 A vulnerability has been discovered and corrected in bind: The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:1300210 Multiple vulnerabilities has been discovered and corrected in squid: Due to incorrect data validation Squid is vulnerable to a buffer overflow attack when processing specially crafted HTTP requests. This problem allows any trusted client or client script who can generate HTTP requests to trigger a b ... oval:org.secpod.oval:def:1300207 Updated wireshark package fixes security vulnerabilities: The Bluetooth SDP dissector could go into a large loop . The DIS dissector could go into a large loop . The DVB-CI dissector could crash . The GSM RR dissector could go into a large loop . The GSM A Common dissector could crash . The Netmon ... oval:org.secpod.oval:def:1300100 A vulnerability was discovered and corrected in bind: High numbers of queries with DNSSEC validation enabled can cause an assertion failure in named, caused by using a bad cache data structure before it has been initialized . The updated packages have been upgraded to bind 9.7.6-P2 and 9.8.3-P2 whic ... oval:org.secpod.oval:def:1300221 A vulnerability has been discovered and corrected in gnupg and in libgcrypt: Yarom and Falkner discovered that RSA secret keys in applications using GnuPG 1.x, and using the libgcrypt library, could be leaked via a side channel attack, where a malicious local user could obtain private key informatio ... oval:org.secpod.oval:def:1300237 Multiple vulnerabilities has been discovered and corrected in gnupg: GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared as if it has all bits set , which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey . Spec ... oval:org.secpod.oval:def:1300236 Multiple vulnerabilities was found and corrected in Wireshark: The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dch_id value, which allows remote attackers to cause a denial of se ... oval:org.secpod.oval:def:1300240 Updated xinetd package fixes security vulnerability: It was found that xinetd ignored the user and group configuration directives for services running under the tcpmux-server service. This flaw could cause the associated services to run as root. If there was a flaw in such a service, a remote attack ... oval:org.secpod.oval:def:1300126 A vulnerability was discovered and corrected in bind: A nameserver can be caused to exit with a REQUIRE exception if it can be induced to load a specially crafted resource record . The updated packages have been upgraded to bind 9.7.6-P3 which is not vulnerable to this issue. oval:org.secpod.oval:def:1300246 Multiple vulnerabilities was found and corrected in glibc: Integer overflow in string/strcoll_l.c in the GNU C Library 2.17 and earlier allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow ... oval:org.secpod.oval:def:1300244 Multiple vulnerabilities has been discovered and corrected in x11-server: The fbComposite function in fbpict.c in the Render extension in the X server in X.Org X11R7.1 allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via a crafted request, related to ... oval:org.secpod.oval:def:1300241 Multiple security issues was identified and fixed in mozilla firefox: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we ... oval:org.secpod.oval:def:1300250 Updated java-1.6.0-openjdk packages fix security vulnerabilities: Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the pri ... oval:org.secpod.oval:def:1300258 A vulnerability has been discovered and corrected in gnupg: Genkin, Shamir and Tromer discovered that RSA key material could be extracted by using the sound generated by the computer during the decryption of some chosen ciphertexts . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300256 Multiple vulnerabilities was found and corrected in Wireshark: The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service vi ... oval:org.secpod.oval:def:1300134 A vulnerability was discovered and corrected in bind: A certain combination of records in the RBT could cause named to hang while populating the additional section of a response. [RT #31090] . The updated packages have been upgraded to bind 9.7.6-P4 and 9.8.3-P4 which is not vulnerable to this issue ... oval:org.secpod.oval:def:1300249 Updated krb5 package fixes security vulnerabily: If a KDC serves multiple realms, certain requests can cause setup_server_realm to dereference a null pointer, crashing the KDC. This can be triggered by an unauthenticated user . oval:org.secpod.oval:def:1300262 Multiple vulnerabilities has been discovered and corrected in gimp: Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a large red, green, or blue color mask i ... oval:org.secpod.oval:def:1300268 A vulnerability has been discovered and corrected in libxfont: Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a long string in a charact ... oval:org.secpod.oval:def:1300152 A vulnerability has been found and corrected in gnupg: Versions of GnuPG <= 1.4.12 are vulnerable to memory access violations and public keyring database corruption when importing public keys that have been manipulated. An OpenPGP key can be fuzzed in such a way that gpg segfaults when importing ... oval:org.secpod.oval:def:1300270 A vulnerability has been discovered and corrected in ISC BIND: The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service via a crafted DNS que ... oval:org.secpod.oval:def:1300279 A vulnerability has been discovered and corrected in openldap: The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service by unbinding immediately after a search request, which triggers rwm_conn_destroy to f ... oval:org.secpod.oval:def:1300157 Multiple vulnerabilities has been found and corrected in samba : The Samba Web Administration Tool in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a FRAME or IFRAME element . Cross-site request forgery vulnerabilit ... oval:org.secpod.oval:def:1300274 Updated x11-server package fixes security vulnerability: Bryan Quigley discovered an integer underflow in the Xorg X server which could lead to denial of service or the execution of arbitrary code . oval:org.secpod.oval:def:1300162 Multiple vulnerabilities has been discovered and corrected in php: PHP does not validate the configration directive soap.wsdl_cache_dir before writing SOAP wsdl cache files to the filesystem. Thus an attacker is able to write remote wsdl files to arbitrary locations . PHP allows the use of external ... oval:org.secpod.oval:def:1300280 A vulnerabilitt has been discovered and corrected in mysql: Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service and possibly execute arbitrary code via a long server version string . The updated packages have been ... oval:org.secpod.oval:def:1300287 Multiple vulnerabilities has been found and corrected in apache : XML parsing code in mod_dav incorrectly calculates the end of the string when removing leading spaces and places a NUL character outside the buffer, causing random crashes. This XML parsing code is only used with DAV provider modules ... oval:org.secpod.oval:def:1300285 This advisory provides the latest version of subversion which is not vulnerable to this issue. oval:org.secpod.oval:def:1300292 Multiple vulnerabilities was found and corrected in Wireshark: * The NFS dissector could crash. Discovered by Moshe Kaplan . * The RLC dissector could crash . * The MPEG file parser could overflow a buffer. Discovered by Wesley Neelen . This advisory provides the latest version of Wireshark which i ... oval:org.secpod.oval:def:1300176 A security issue was identified and fixed in ISC BIND: libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service via a crafted regular expression, as demonstrated b ... oval:org.secpod.oval:def:1300075 A vulnerability was discovered and corrected in bind: ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial ... oval:org.secpod.oval:def:1300199 A vulnerability has been discovered and corrected in gnutls: A flaw was found in the way GnuTLS decrypted TLS record packets when using CBC encryption. The number of pad bytes read form the packet was not checked against the cipher text size, resulting in an out of bounds read. This could cause a TL ... oval:org.secpod.oval:def:1300097 Multiple vulnerabilities has been discovered and corrected in php: Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an overflow . The SQLite functionality in ... oval:org.secpod.oval:def:1300090 A vulnerability has been discovered and corrected in automake: A race condition in automake could allow a local attacker to run arbitrary code with the privileges of the user running make distcheck . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300168 Multiple vulnerabilities has been found and corrected in openssh: The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by ... oval:org.secpod.oval:def:1300251 Updated libjpeg packages fix security vulnerabilities: A Heap-based buffer overflow was found in the way libjpeg-turbo decompressed certain corrupt JPEG images in which the component count was erroneously set to a large value. An attacker could create a specially-crafted JPEG image that, when opened ... oval:org.secpod.oval:def:1300259 A vulnerability has been discovered and corrected in php: The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse notBefore and notAfter timestamps in X.509 certificates, which allows remote attackers to ex ... oval:org.secpod.oval:def:1300252 Multiple security issues was identified and fixed in mozilla NSPR, NSS and firefox: Mozilla Network Security Services before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified ot ... oval:org.secpod.oval:def:1300271 Updated net-snmp packages fix security vulnerability: Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service by causing the AgentX subagent to timeout . oval:org.secpod.oval:def:1300307 Updated libtasn1 packages fix security vulnerabilities: Multiple buffer boundary check issues were discovered in libtasn1 library, causing it to read beyond the boundary of an allocated buffer. An untrusted ASN.1 input could cause an application using the library to crash . It was discovered that li ... oval:org.secpod.oval:def:1300315 Updated gnutls packages fix security vulnerability: A flaw was found in the way GnuTLS parsed session ids from Server Hello packets of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session id value and trigger a buffer overflow in a connecting TLS/SSL clie ... oval:org.secpod.oval:def:1300286 Updated gnutls packages fix security vulnerability: It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a speciall ... oval:org.secpod.oval:def:1300309 A vulnerability has been discovered and corrected in nspr: Mozilla Netscape Portable Runtime before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service via vectors involving the sprintf and console functions . The updated nspr packages have been upgraded to the 4. ... oval:org.secpod.oval:def:1300267 A vulnerability has been discovered and corrected in Mozilla NSS: The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X. ... oval:org.secpod.oval:def:1300291 A vulnerability has been found and corrected in mozilla NSS: In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2 . The updated packages have been upgraded to the latest NSP ... oval:org.secpod.oval:def:1300115 Multiple vulnerabilities has been discovered and corrected in postgresql: Prevent access to external files/URLs via contrib/xml2's xslt_process . libxslt offers the ability to read and write both files and URLs through stylesheet commands, thus allowing unprivileged database users to both read ... oval:org.secpod.oval:def:1300018 Multiple vulnerabilities has been discovered and corrected in postgresql: Permissions on a function called by a trigger are not properly checked . Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file . This advisory provides the latest version of Postgr ... oval:org.secpod.oval:def:1300154 A vulnerability has been discovered and corrected in postgresql: PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with incor ... oval:org.secpod.oval:def:1300086 Multiple vulnerabilities has been discovered and corrected in libtiff: libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application link ... oval:org.secpod.oval:def:1300035 An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially-crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had ac ... oval:org.secpod.oval:def:1300049 An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially-crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had ac ... oval:org.secpod.oval:def:1300043 A memory leak and a hash table collision flaw in expat could cause denial os service attacks . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1300222 A vulnerability has been discovered and corrected in php: The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, ... oval:org.secpod.oval:def:1300166 Multiple vulnerabilities has been found and corrected in gnutls: A flaw was found in the way the TLS/SSL protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session . This could force the server to process an at ... oval:org.secpod.oval:def:1300079 Multiple vulnerabilities has been discovered and corrected in postgresql: Fix incorrect password transformation in contrib/pgcrypto's DES crypt function . If a password string contained the byte value 0x80, the remainder of the password was ignored, causing the password to be much weaker than i ... oval:org.secpod.oval:def:1300080 Multiple vulnerabilities has been identified and fixed in php: There is a programming error in the DES implementation used in crypt in ext/standard/crypt_freesec.c when handling input which contains characters that can not be represented with 7-bit ASCII. When the input contains characters with only ... oval:org.secpod.oval:def:1300255 Updated subversion package fixes security vulnerabilities: mod_dontdothat allows you to block update REPORT requests against certain paths in the repository. It expects the paths in the REPORT request to be absolute URLs. Serf based clients send relative URLs instead of absolute URLs in many cases. ... oval:org.secpod.oval:def:1300213 Updated java-1.6.0-openjdk packages fix security vulnerabilities: Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machin ... oval:org.secpod.oval:def:1300027 This is a bugfix and security advisory that upgrades php to the latest 5.3.13 version for Mandriva Linux Enterprise 5.2 which resolves numerous upstream bugs in php. Please refer to the following Mandriva advisories for further information: MDVA-2012:004, MDVSA-2011:165, MDVSA-2011:166, MDVSA-2011:1 ... oval:org.secpod.oval:def:1300308 Multiple vulnerabilities has been discovered and corrected in openssl: The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service via a DTLS hello message in an invalid DTLS handsh ... oval:org.secpod.oval:def:1300122 Multiple vulnerabilities has been found and corrected in fetchmail: Fetchmail version 6.3.9 enabled all SSL workarounds which contains a switch to disable a countermeasure against certain attacks against block ciphers that permit guessing the initialization vectors, providing that an attacker can m ... oval:org.secpod.oval:def:1300281 A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info function or, possibly, execute arbitra ... oval:org.secpod.oval:def:1300085 Multiple vulnerabilities has been discovered and corrected in python: The _ssl module would always disable the CBC IV attack countermeasure . A flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially-crafted name t ... oval:org.secpod.oval:def:1300238 Multiple vulnerabilities has been discovered and corrected in mysql: Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a Security Fix, aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented ... oval:org.secpod.oval:def:1300156 Multiple vulnerabilites has been found and corrected in mysql: sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with ... oval:org.secpod.oval:def:1300076 Security issues were identified and fixed in mozilla firefox and thunderbird: Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 ... oval:org.secpod.oval:def:1300084 A vulnerability has been discovered and corrected in libxml2: An Off-by-one error in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors . The updated packages have been patched to correct this issue. |
