Säkerhet

Fedora 22 wpa_supplicant-2.4-4.fc22

Linux Security - fre, 2015-07-31 09:47
Kategorier: Säkerhet

Fedora 21 subversion-1.8.13-7.fc21

Linux Security - fre, 2015-07-31 09:47
Kategorier: Säkerhet

Fedora 22 haproxy-1.5.14-1.fc22

Linux Security - fre, 2015-07-31 09:47
Kategorier: Säkerhet

Fedora 22 roundcubemail-1.1.2-1.fc22

Linux Security - fre, 2015-07-31 09:47
Kategorier: Säkerhet

Fedora 21 haproxy-1.5.14-1.fc21

Linux Security - fre, 2015-07-31 09:47
Kategorier: Säkerhet

WordPress Customize Youtube Videos 0.2 Cross Site Scripting

Packet storm - tors, 2015-07-30 15:44
WordPress Customize Youtube Videos plugin version 0.2 suffers from cross site scripting vulnerabilities.
Kategorier: Säkerhet

WordPress Copy Or Move Comments 1.0.0 Cross Site Scripting

Packet storm - tors, 2015-07-30 15:33
WordPress Copy or Move Comments plugin version 1.0.0 suffers from a cross site scripting vulnerability.
Kategorier: Säkerhet

WordPress Advertisement Management 1.0 Cross Site Scripting

Packet storm - tors, 2015-07-30 15:03
WordPress Advertisement Management plugin version 1.0 suffers from a cross site scripting vulnerability.
Kategorier: Säkerhet

Red Hat Security Advisory 2015-1513-01

Packet storm - tors, 2015-07-30 00:22
Red Hat Security Advisory 2015-1513-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.
Kategorier: Säkerhet

phpFileManager 0.9.8 Cross Site Request Forgery

Packet storm - ons, 2015-07-29 21:33
phpFileManager version 0.9.8 suffers from a cross site request forgery vulnerability that can result in a backdoor shell being uploaded.
Kategorier: Säkerhet

WordPress Chief Editor 3.6.1 Cross Site Scripting

Packet storm - ons, 2015-07-29 19:02
WordPress Chief Editor plugin version 3.6.1 suffers from a cross site scripting vulnerability.
Kategorier: Säkerhet

WordPress 1-Click Retweet/Share/Like 5.2 Cross Site Scripting

Packet storm - ons, 2015-07-29 16:44
WordPress 1-click Retweet / Share / Like plugin version 5.2 suffers from a cross site scripting vulnerability.
Kategorier: Säkerhet

Ubuntu Security Notice USN-2691-1

Packet storm - ons, 2015-07-29 03:13
Ubuntu Security Notice 2691-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.
Kategorier: Säkerhet

Ubuntu Security Notice USN-2688-1

Packet storm - ons, 2015-07-29 03:13
Ubuntu Security Notice 2688-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.
Kategorier: Säkerhet

Ubuntu Security Notice USN-2687-1

Packet storm - ons, 2015-07-29 03:13
Ubuntu Security Notice 2687-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.
Kategorier: Säkerhet

Ubuntu Security Notice USN-2689-1

Packet storm - ons, 2015-07-29 03:13
Ubuntu Security Notice 2689-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.
Kategorier: Säkerhet

Red Hat Security Advisory 2015-1512-01

Packet storm - ons, 2015-07-29 03:13
Red Hat Security Advisory 2015-1512-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A heap buffer overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with the CDROM drive enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU process corresponding to the guest.
Kategorier: Säkerhet

Ubuntu Security Notice USN-2690-1

Packet storm - ons, 2015-07-29 03:07
Ubuntu Security Notice 2690-1 - Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.
Kategorier: Säkerhet

Ubuntu Security Notice USN-2693-1

Packet storm - ons, 2015-07-29 03:00
Ubuntu Security Notice 2693-1 - Jonathan Foote discovered that Bind incorrectly handled certain TKEY queries. A remote attacker could use this issue with a specially crafted packet to cause Bind to crash, resulting in a denial of service. Pories Ediansyah discovered that Bind incorrectly handled certain configurations involving DNS64. A remote attacker could use this issue with a specially crafted query to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. Various other issues were also addressed.
Kategorier: Säkerhet

Debian Security Advisory 3319-1

Packet storm - ons, 2015-07-29 02:57
Debian Linux Security Advisory 3319-1 - Jonathan Foote discovered that the BIND DNS server does not properly handle TKEY queries. A remote attacker can take advantage of this flaw to mount a denial of service via a specially crafted query triggering an assertion failure and causing BIND to exit.
Kategorier: Säkerhet