[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 11641 Download | Alert*

nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js.

openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL.

nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js.

It was discovered that PHP did not sanitize certain error messages when display_errors is enabled, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or ...

It was discovered that PHP did not properly enforce php_admin_value and php_admin_flag restrictions in the Apache configuration file. A local attacker could create a specially crafted PHP script that would bypass intended security restrictions. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. It was discovered that PHP did not correctly handle certain malformed font files. If a PHP ...

USN-761-1 fixed vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 9.04. Original advisory details: It was discovered that PHP did not sanitize certain error messages when display_errors is enabled, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were t ...

Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user"s session. USN-923-1 disabled SSL/TLS renegotiation by default; this update implements the TLS Renegotiation Indication Extension as defined in RFC 5746, and ...

Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user"s session. It was discovered that Loader-constraint table, Policy/PolicyFile, Inflater/Deflater, drag/drop access, and deserialization did not correctly hand ...

Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user"s session. This update adds backported support for the new RFC5746 renegotiation extension and will use it when both the client and the server support it. ATT ...

USN-860-1 introduced a partial workaround to Apache that disabled client initiated TLS renegotiation in order to mitigate CVE-2009-3555. USN-990-1 introduced the new RFC5746 renegotiation extension in openssl, and completely resolves the issue. After updating openssl, an Apache server will allow both patched and unpatched web browsers to connect, but unpatched browsers will not be able to renegoti ...


Pages:      Start    345    346    347    348    349    350    351    352    353    354    355    356    357    358    ..   1164

© SecPod Technologies