Recent Posts
- SnortReport nmap.php target Parameter Arbitrary Command Execution
- Privacy in iTunes Ping
- Mandriva: 2010:170: wget
- New Bento 3 Project Manager
- Gentoo: 201009-01: wxGTK: User-assisted execution of arbitrary code
Categories
- Apple Security Updates
- CVE Vulnerabilities
- Debian Advisories
- Fedora Advisories
- Foresight Advisories
- FreeBSD Advisories
- Gentoo Advisories
- Linux Vulnerabilities
- Mandriva Advisories
- Microsoft Security Response Center
- Microsoft Vulnerabilities
- Nessus Plugin Updates
- Product Updates
- Red Hat Advisories
- Slackware Advisories
- Suse Advisories
- Ubuntu Advisories
Solaris 10 (sparc) : 143592-05
Synopsis : The remote host is missing Sun Security Patch number 143592-05 Description : SunOS 5.10: ipf ipfs ippool patch. Date this patch was last updated by Sun : Sep/01/10 See also : http://sunsolve.sun.com/search/document.do?assetkey=1-21-143592-05-1 Solution : You should install this patch for your system to be up-to-date.
Continued here:
Solaris 10 (sparc) : 143592-05
MDVSA-2010:168: openssl
Synopsis : The remote host is missing the patch for the advisory MDVSA-2010:168 (openssl). Description : A vulnerability has been found and corrected in openssl: Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted private key with an invalid prime
Link:
MDVSA-2010:168: openssl
Fedora 14 2010-13960
Synopsis : The remote host is missing the patch for the advisory FEDORA-2010-13960. Description : XULRunner provides the XUL Runtime environment for Gecko applications. Update Information: Update to new upstream Firefox version 3.6.7, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/firefox36.html#firefox3.6.7 Solution : Update the affected package(s) using, for example, ‘yum update’
Original post:
Fedora 14 2010-13960
Fedora 14 2010-13923
Synopsis : The remote host is missing the patch for the advisory FEDORA-2010-13923. Description : X.Org X11 X Window System xinit startup scripts Update Information: Fix ownership of executables Solution : Update the affected package(s) using, for example, ‘yum update’. Risk factor : High
Excerpt from:
Fedora 14 2010-13923
Fedora 14 2010-13474
Synopsis : The remote host is missing the patch for the advisory FEDORA-2010-13474. Description : Provides a set of daemons to manage access to remote directories and authentication mechanisms
Read this article:
Fedora 14 2010-13474
Fedora 14 2010-13239
Synopsis : The remote host is missing the patch for the advisory FEDORA-2010-13239. Description : LVM2 includes all of the support for handling read/write operations on physical volumes (hard disks, RAID-Systems, magneto optical, etc., multiple devices (MD), see mdadd(8) or even loop devices, see losetup(8)), creating volume groups (kind of virtual disks) from one or more physical volumes and creating one or more logical volumes (kind of logical partitions) in volume groups. Update Information: This update fixes some minor problems as listed in the changelog.
Follow this link:
Fedora 14 2010-13239
Fedora 14 2010-12320
Synopsis : The remote host is missing the patch for the advisory FEDORA-2010-12320. Description : This package is a PEAR library for using a Central Authentication Service. Update Information: Security fixes * Fix a session hijacking hole CVE-2010-2795 [PHPCAS-61] * callbackurl in proxy mode should be urlencoded, possible XSS CVE-2010-2796 [PHPCAS-67] Bug fixes * Fix warnings for SAML responses without attributes [PHPCAS-59] * Fix duplicate SAML debug output [PHPCAS-64] * Providing a new ST/PT/SA during an authenticated session will be ignored and a warning will be issued to the debug log.
View post:
Fedora 14 2010-12320
[DSA2100] DSA-2100-1 openssl
Synopsis : The remote host is missing the DSA-2100 security update Description : George Guninski discovered a double free in the ECDH code of the OpenSSL crypto library, which may lead to denial of service and potentially the execution of arbitrary code. For the stable distribution (lenny), this problem has been fixed in version 0.9.8g-15+lenny8.
Visit link:
[DSA2100] DSA-2100-1 openssl
[DSA2101] DSA-2101-1 wireshark
Synopsis : The remote host is missing the DSA-2101 security update Description : Several implementation errors in the dissector of the Wireshark network traffic analyzer for the ASN.1 BER protocol and in the SigComp Universal Decompressor Virtual Machine may lead to the execution of arbitrary code. For the stable distribution (lenny), these problems have been fixed in version 1.0.2-3+lenny10.
See original here:
[DSA2101] DSA-2101-1 wireshark
Fedora 12 2010-13403
Synopsis : The remote host is missing the patch for the advisory FEDORA-2010-13403. Description : Socat is a relay for bidirectional data transfer between two independent data channels
Continued here:
Fedora 12 2010-13403