Recent Posts
- WMI Anti-spyware Enumeration
- WMI Anti-virus Enumeration
- WMI Firewall Enumeration
- ZeuS Botnet Still Mutating, Still on the Move
- Google Picasa Detection (Windows)
Categories
- Apple Security Updates
- CVE Vulnerabilities
- Debian Advisories
- Fedora Advisories
- Foresight Advisories
- FreeBSD Advisories
- Gentoo Advisories
- Linux Vulnerabilities
- Mandriva Advisories
- Microsoft Security Response Center
- Microsoft Vulnerabilities
- Nessus Plugin Updates
- Product Updates
- Red Hat Advisories
- Slackware Advisories
- Suse Advisories
- Ubuntu Advisories
SSA-2010-069-01 pidgin
Synopsis : The remote host is missing the SSA-2010-069-01 security update Description : New pidgin packages are available for Slackware 12.0, 12.1, 12.2, 13.0, and -current to fix denial of service issues. More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423 Solution : Update the packages that are referenced in the security advisory. Risk factor : Medium / CVSS Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
See the rest here:
SSA-2010-069-01 pidgin
[DSA2009] DSA-2009-1 tdiary
Synopsis : The remote host is missing the DSA-2009 security update Description : It was discovered that tdiary, a communication-friendly weblog system, is prone to a cross-site scripting vulnerability due to insufficient input sanitising in the TrackBack transmission plugin.
Visit link:
[DSA2009] DSA-2009-1 tdiary
[DSA2010] DSA-2010-1 kvm
Synopsis : The remote host is missing the DSA-2010 security update Description : Several local vulnerabilities have been discovered in kvm, a full virtualization system. The Common Vulnerabilities and Exposures project identifies the following problems: Gleb Natapov discovered issues in the KVM subsystem where missing permission checks (CPL/IOPL) permit a user in a guest system to denial of service a guest (system crash) or gain escalated privileges with the guest. CVE-2010-0309 Marcelo Tosatti fixed an issue in the PIT emulation code in the KVM subsystem that allows privileged users in a guest domain to cause a denial of service (crash) of the host system.
Read more:
[DSA2010] DSA-2010-1 kvm
[DSA2011] DSA-2011-1 dpkg
Synopsis : The remote host is missing the DSA-2011 security update Description : William Grant discovered that the dpkg-source component of dpkg, the low-level infrastructure for handling the installation and removal of Debian software packages, is vulnerable to path traversal attacks. A specially crafted Debian source package can lead to file modification outside of the destination directory when extracting the package content. For the stable distribution (lenny), this problem has been fixed in version 1.14.29.
Continue reading here:
[DSA2011] DSA-2011-1 dpkg
MDVA-2010:098: urpmi
Synopsis : The remote host is missing the patch for the advisory MDVA-2010:098 (urpmi). Description : Fix packages signature management when a package is in 2 sub-repositories same version but different signature. This problem occured when local media were used
Go here to read the rest:
MDVA-2010:098: urpmi
MDVSA-2010:058: php
Synopsis : The remote host is missing the patch for the advisory MDVSA-2010:058 (php). Description : Multiple vulnerabilities has been found and corrected in php: * Improved LCG entropy. (Rasmus, Samy Kamkar) * Fixed safe_mode validation inside tempnam() when the directory path does not end with a /)
See the article here:
MDVSA-2010:058: php
MDVSA-2010:059: virtualbox
Synopsis : The remote host is missing the patch for the advisory MDVSA-2010:059 (virtualbox).
See more here:
MDVSA-2010:059: virtualbox
MDVSA-2010:060: squid
Synopsis : The remote host is missing the patch for the advisory MDVSA-2010:060 (squid). Description : A vulnerability has been found and corrected in squid: The htcpHandleTstRequest function in htcp.c in Squid 2.x and 3.0 through 3.0.STABLE23 allows remote attackers to cause a denial of service (crash) via crafted packets to the HTCP port, which triggers a NULL pointer dereference (CVE-2010-0639). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.
Go here to read the rest:
MDVSA-2010:060: squid
Solaris 9 (sparc) : 117143-02
Synopsis : The remote host is missing Sun Security Patch number 117143-02 Description : SunOS 5.9: xntpd Patch. Date this patch was last updated by Sun : Mar/09/10 See also : http://sunsolve.sun.com/search/document.do?assetkey=1-21-117143-02-1 Solution : You should install this patch for your system to be up-to-date
See original here:
Solaris 9 (sparc) : 117143-02
Solaris 9 (x86) : 117144-02
Synopsis : The remote host is missing Sun Security Patch number 117144-02 Description : SunOS 5.9_x86: xntpd Patch. Date this patch was last updated by Sun : Mar/09/10 See also : http://sunsolve.sun.com/search/document.do?assetkey=1-21-117144-02-1 Solution : You should install this patch for your system to be up-to-date
See the original post:
Solaris 9 (x86) : 117144-02