[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

251782

 
 

909

 
 

196543

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 195805 Download | Alert*

Multiple vulnerabilities has been found and corrected in mysql: MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b"" token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service by using this token in a SQL statement . MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE ...

Multiple vulnerabilities have been identified and fixed in ruby: Cross-site scripting vulnerability in the WEBrick HTTP server in Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page . The FileUtils.remove_entry_secure method in Ruby allows local users to delete arbitrary files via a symlink attack . The safe-level feature in Ruby ...

Multiple vulnerabilities were discovered and corrected in subversion: The mod_dav_svn Apache HTTPD server module will dereference a NULL pointer if asked to deliver baselined WebDAV resources which can lead to a DoS . The mod_dav_svn Apache HTTPD server module may in certain cenarios enter a logic loop which does not exit and which allocates emory in each iteration, ultimately exhausting all the ...

A vulnerability was discovered and corrected in curl: The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests . Packages for 2009.0 are provided as of the Extended Maintenance Program

This advisory updates wireshark to the latest version , fixing one security issue: The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service via malformed packets .

A vulnerability has been identified and fixed in php: The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders . The php-ini-5.3.8 package was missing with the MDVSA-2011:165 advisory a ...

A vulnerability has been discovered and corrected in freetype2: FreeType allows remote attackers to execute arbitrary code or cause a denial of service via a crafted font . A regression was found in freetype2 in Mandriva Enterprise Server 5 that caused ugly font rendering with firefox . Additionally, improvements conserning the LZW handling was added. The updated packages have been patched to co ...

A vulnerability was discovered and corrected in openssl: The elliptic curve cryptography subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calcu ...

A vulnerability has been discovered and corrected in ipmitool: ipmievd as used in the ipmitool package uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file . In Mandriva the ipmievd daemon from the ipmitool package does not have an initscript to start and stop the service, however one could rather easily craft an initscrip ...

Multiple vulnerabilities has been discovered and corrected in openssl: The elliptic curve cryptography subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a ...


Pages:      Start    7787    7788    7789    7790    7791    7792    7793    7794    7795    7796    7797    7798    7799    7800    ..   19580

© SecPod Technologies