[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

254202

 
 

909

 
 

198060

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 5609 Download | Alert*

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix: * It was found that the fix for CVE-2016-4051 released via RHSA-2016:1138 did not properly prevent the stack overflow in the munge_other_line function. A remote attacker could send specially crafted data to the Squid proxy, which would exploit the cachemgr CGI utility, pos ...

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request. Red Hat would like to thank Scott Geary ...

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel"s networking subsystem allowed an off-path attacker to leak certain information about a given connection by creating congestion on the global challenge ACK rate limit counter and then measuring the changes ...

Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix: * An insufficient permission check issue was found in the way IPA server treats certificate revocation requests. An attacker logged in with the "retrieve certificate" permission enabled could use this flaw to revok ...

Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted and Python, but fully able to serve static pages too. Security Fix: * It was discovered that python-twisted-web used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was ...

Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way the AOL Open System for Communication in Realtime protocol plug-in in Pidgin, used by the AOL ICQ and AIM instant messaging systems, escaped certain UTF-8 characters. A remote attacker could use this flaw to crash Pidgi ...

The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. It was discovered that dnsmasq, when used in combination with certain libvirtd configurations, could incorrectly process network packets from network interfaces that were intended to be prohibited. A remote, unauthenticated attacker could exploit this flaw to cause a denial of service via DNS amplification attacks ...

The Core X11 clients packages provide the xorg-x11-utils, xorg-x11-server-utils, and xorg-x11-apps clients that ship with the X Window System. It was found that the x11perfcomp utility included the current working directory in its PATH environment variable. Running x11perfcomp in an attacker-controlled directory would cause arbitrary code execution with the privileges of the user running x11perfco ...

Red Hat Certificate System is an enterprise software system designed to manage enterprise public key infrastructure deployments. PKI Core contains fundamental packages required by Red Hat Certificate System, which comprise the Certificate Authority subsystem. Note: The Certificate Authority component provided by this advisory cannot be used as a standalone server. It is installed and operates as ...

Red Hat Enterprise Linux includes a collection of InfiniBand and iWARP utilities, libraries and development packages for writing applications that use Remote Direct Memory Access technology. A denial of service flaw was found in the way ibacm managed reference counts for multicast connections. An attacker could send specially-crafted multicast packets that would cause the ibacm daemon to crash. ...


Pages:      Start    373    374    375    376    377    378    379    380    381    382    383    384    385    386    ..   560

© SecPod Technologies