«
Expand/Collapse
125 items tagged "red hat enterprise"
Related tags:
jboss [+],
red [+],
hat [+],
application [+],
mrg [+],
png image format [+],
performance reliability [+],
linux kernel [+],
freetype [+],
font engine [+],
font [+],
bind [+],
secunia [+],
advisory [+],
service vulnerability [+],
security advisory [+],
nfsv4 [+],
mount local [+],
security [+],
xml entity [+],
xen hypervisor [+],
web [+],
v2v [+],
user [+],
target system [+],
system [+],
security response team [+],
sai read capacity [+],
privileged user [+],
network interface card [+],
manager. it [+],
kernel packages [+],
jakarta commons [+],
io ioctl [+],
intel 64 [+],
integer overflow [+],
guest [+],
global file system [+],
escalation [+],
dom document [+],
dns requests [+],
dns queries [+],
disk image [+],
default shell [+],
cryptographic file system [+],
component packages [+],
cid [+],
c api [+],
enterprise [+],
private information [+],
mandriva linux [+],
mandriva [+],
malicious users [+],
linux [+],
information disclosure vulnerability [+],
gnu c library [+],
fedora [+],
c library [+],
enterprise linux [+],
security restrictions [+],
privilege escalation vulnerability [+],
local privilege escalation [+],
platform [+],
jboss enterprise application platform [+],
red hat security [+]
-
-
14:57
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0670-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. When a set user ID application is executed, certain personality flags for controlling the application's behavior are cleared. It was found that those flags were not cleared if the application was made privileged via file system capabilities. A local, unprivileged user could use this flaw to change the behavior of such applications, allowing them to bypass intended restrictions. Note that for default installations, no application shipped by Red Hat for Red Hat Enterprise MRG is made privileged via file system capabilities.
-
14:57
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0670-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. When a set user ID application is executed, certain personality flags for controlling the application's behavior are cleared. It was found that those flags were not cleared if the application was made privileged via file system capabilities. A local, unprivileged user could use this flaw to change the behavior of such applications, allowing them to bypass intended restrictions. Note that for default installations, no application shipped by Red Hat for Red Hat Enterprise MRG is made privileged via file system capabilities.
-
14:57
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0670-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. When a set user ID application is executed, certain personality flags for controlling the application's behavior are cleared. It was found that those flags were not cleared if the application was made privileged via file system capabilities. A local, unprivileged user could use this flaw to change the behavior of such applications, allowing them to bypass intended restrictions. Note that for default installations, no application shipped by Red Hat for Red Hat Enterprise MRG is made privileged via file system capabilities.
-
-
14:32
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0531-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input that, when parsed by an application that uses libtasn1, could cause the application to crash.
-
14:32
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0531-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input that, when parsed by an application that uses libtasn1, could cause the application to crash.
-
14:32
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0531-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input that, when parsed by an application that uses libtasn1, could cause the application to crash.
-
-
18:31
»
Packet Storm Security Advisories
Secunia Security Advisory - Red Hat has issued an update for Red Hat Enterprise MRG. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.
-
-
13:02
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0488-01 - The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. A flaw was found in the way libtasn1 decoded DER data. An attacker could create a carefully-crafted X.509 certificate that, when parsed by an application that uses GnuTLS, could cause the application to crash.
-
13:02
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0488-01 - The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. A flaw was found in the way libtasn1 decoded DER data. An attacker could create a carefully-crafted X.509 certificate that, when parsed by an application that uses GnuTLS, could cause the application to crash.
-
13:02
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0488-01 - The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. A flaw was found in the way libtasn1 decoded DER data. An attacker could create a carefully-crafted X.509 certificate that, when parsed by an application that uses GnuTLS, could cause the application to crash.
-
-
0:23
»
Packet Storm Security Advisories
Secunia Security Advisory - Red Hat has issued an update for Red Hat Enterprise MRG. This fixes multiple vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks.
-
-
16:12
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0476-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. Several cross-site scripting flaws were found in the MRG Management Console. An authorized user on the local network could use these flaws to perform cross-site scripting attacks against MRG Management Console users.
-
16:12
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0476-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. Several cross-site scripting flaws were found in the MRG Management Console. An authorized user on the local network could use these flaws to perform cross-site scripting attacks against MRG Management Console users.
-
16:12
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0476-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. Several cross-site scripting flaws were found in the MRG Management Console. An authorized user on the local network could use these flaws to perform cross-site scripting attacks against MRG Management Console users.
-
16:09
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0477-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. Several cross-site scripting flaws were found in the MRG Management Console. An authorized user on the local network could use these flaws to perform cross-site scripting attacks against MRG Management Console users.
-
16:09
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0477-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. Several cross-site scripting flaws were found in the MRG Management Console. An authorized user on the local network could use these flaws to perform cross-site scripting attacks against MRG Management Console users.
-
16:09
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0477-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. Several cross-site scripting flaws were found in the MRG Management Console. An authorized user on the local network could use these flaws to perform cross-site scripting attacks against MRG Management Console users.
-
-
13:36
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0422-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way the Linux kernel's KVM hypervisor implementation emulated the syscall instruction for 32-bit guests. An unprivileged guest user could trigger this flaw to crash the guest.
-
13:36
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0422-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way the Linux kernel's KVM hypervisor implementation emulated the syscall instruction for 32-bit guests. An unprivileged guest user could trigger this flaw to crash the guest.
-
13:36
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0422-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way the Linux kernel's KVM hypervisor implementation emulated the syscall instruction for 32-bit guests. An unprivileged guest user could trigger this flaw to crash the guest.
-
13:35
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0421-01 - Red Hat Enterprise Virtualization Manager is a visual tool for centrally managing collections of virtual machines running Red Hat Enterprise Linux and Microsoft Windows. These packages also include the Red Hat Enterprise Virtualization Manager REST API, a set of scriptable commands that give administrators the ability to perform queries and operations on Red Hat Enterprise Virtualization Manager. It was found that RESTEasy was vulnerable to XML External Entity attacks. If a remote attacker who is able to access the Red Hat Enterprise Virtualization Manager REST API submitted a request containing an external XML entity to a RESTEasy endpoint, the entity would be resolved, allowing the attacker to read files accessible to the user running the application server. This flaw affected DOM Document and JAXB input.
-
13:35
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0421-01 - Red Hat Enterprise Virtualization Manager is a visual tool for centrally managing collections of virtual machines running Red Hat Enterprise Linux and Microsoft Windows. These packages also include the Red Hat Enterprise Virtualization Manager REST API, a set of scriptable commands that give administrators the ability to perform queries and operations on Red Hat Enterprise Virtualization Manager. It was found that RESTEasy was vulnerable to XML External Entity attacks. If a remote attacker who is able to access the Red Hat Enterprise Virtualization Manager REST API submitted a request containing an external XML entity to a RESTEasy endpoint, the entity would be resolved, allowing the attacker to read files accessible to the user running the application server. This flaw affected DOM Document and JAXB input.
-
13:35
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0421-01 - Red Hat Enterprise Virtualization Manager is a visual tool for centrally managing collections of virtual machines running Red Hat Enterprise Linux and Microsoft Windows. These packages also include the Red Hat Enterprise Virtualization Manager REST API, a set of scriptable commands that give administrators the ability to perform queries and operations on Red Hat Enterprise Virtualization Manager. It was found that RESTEasy was vulnerable to XML External Entity attacks. If a remote attacker who is able to access the Red Hat Enterprise Virtualization Manager REST API submitted a request containing an external XML entity to a RESTEasy endpoint, the entity would be resolved, allowing the attacker to read files accessible to the user running the application server. This flaw affected DOM Document and JAXB input.
-
-
19:49
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0349-01 - On March 01, 2012, all Red Hat Enterprise Linux 4-based products listed transition from the Production Phase to the Extended Life Phase: Red Hat Enterprise Linux AS 4, Red Hat Enterprise Linux ES 4, Red Hat Enterprise Linux WS 4, Red Hat Desktop 4, Red Hat Global File System 4, Red Hat Cluster Suite 4.
-
19:49
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0349-01 - On March 01, 2012, all Red Hat Enterprise Linux 4-based products listed transition from the Production Phase to the Extended Life Phase: Red Hat Enterprise Linux AS 4, Red Hat Enterprise Linux ES 4, Red Hat Enterprise Linux WS 4, Red Hat Desktop 4, Red Hat Global File System 4, Red Hat Cluster Suite 4.
-
19:49
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0349-01 - On March 01, 2012, all Red Hat Enterprise Linux 4-based products listed transition from the Production Phase to the Extended Life Phase: Red Hat Enterprise Linux AS 4, Red Hat Enterprise Linux ES 4, Red Hat Enterprise Linux WS 4, Red Hat Desktop 4, Red Hat Global File System 4, Red Hat Cluster Suite 4.
-
-
14:44
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0109-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host.
-
14:44
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0109-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host.
-
14:44
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0109-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host.
-
-
23:37
»
Packet Storm Security Advisories
Secunia Security Advisory - Red Hat has issued an update for Red Hat Enterprise MRG. This fixes some vulnerabilities, which can be exploited by malicious users to potentially compromise a vulnerable system.
-
-
18:52
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0073-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the 7 year life-cycle of Red Hat Enterprise Linux 4 will end on February 29, 2012 and your subscription services for that version will change. Active Red Hat Enterprise Linux subscribers using Red Hat Enterprise Linux 4 will have the option to upgrade to currently supported versions of Red Hat Enterprise Linux and receive the full benefits of the subscription.
-
18:52
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0073-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the 7 year life-cycle of Red Hat Enterprise Linux 4 will end on February 29, 2012 and your subscription services for that version will change. Active Red Hat Enterprise Linux subscribers using Red Hat Enterprise Linux 4 will have the option to upgrade to currently supported versions of Red Hat Enterprise Linux and receive the full benefits of the subscription.
-
18:52
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0073-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the 7 year life-cycle of Red Hat Enterprise Linux 4 will end on February 29, 2012 and your subscription services for that version will change. Active Red Hat Enterprise Linux subscribers using Red Hat Enterprise Linux 4 will have the option to upgrade to currently supported versions of Red Hat Enterprise Linux and receive the full benefits of the subscription.
-
-
11:55
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1850-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. Using the SG_IO IOCTL to issue SCSI requests to partitions or LVM volumes resulted in the requests being passed to the underlying block device. If a privileged user only had access to a single partition or LVM volume, they could use this flaw to bypass those restrictions and gain read and write access to the entire block device.
-
11:55
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1850-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. Using the SG_IO IOCTL to issue SCSI requests to partitions or LVM volumes resulted in the requests being passed to the underlying block device. If a privileged user only had access to a single partition or LVM volume, they could use this flaw to bypass those restrictions and gain read and write access to the entire block device.
-
11:55
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1850-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. Using the SG_IO IOCTL to issue SCSI requests to partitions or LVM volumes resulted in the requests being passed to the underlying block device. If a privileged user only had access to a single partition or LVM volume, they could use this flaw to bypass those restrictions and gain read and write access to the entire block device.
-
-
18:33
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1813-01 - Updated kernel packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 5.6 Extended Update Support.
-
18:33
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1813-01 - Updated kernel packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 5.6 Extended Update Support.
-
18:33
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1813-01 - Updated kernel packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 5.6 Extended Update Support.
-
-
16:36
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1804-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. OpenID4Java allows you to implement OpenID authentication in your Java applications. OpenID4Java is a Technology Preview. This JBoss Enterprise Web Platform 5.1.2 release for Red Hat Enterprise Linux 4 serves as a replacement for JBoss Enterprise Web Platform 5.1.1. These updated packages include bug fixes and enhancements. JBoss Enterprise Web Platform is a subset of JBoss Enterprise Application Platform. Users are directed to the JBoss Enterprise Application Platform 5.1.2 Release Notes for information on the most significant of these changes.
-
16:36
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1804-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. OpenID4Java allows you to implement OpenID authentication in your Java applications. OpenID4Java is a Technology Preview. This JBoss Enterprise Web Platform 5.1.2 release for Red Hat Enterprise Linux 4 serves as a replacement for JBoss Enterprise Web Platform 5.1.1. These updated packages include bug fixes and enhancements. JBoss Enterprise Web Platform is a subset of JBoss Enterprise Application Platform. Users are directed to the JBoss Enterprise Application Platform 5.1.2 Release Notes for information on the most significant of these changes.
-
16:36
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1804-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. OpenID4Java allows you to implement OpenID authentication in your Java applications. OpenID4Java is a Technology Preview. This JBoss Enterprise Web Platform 5.1.2 release for Red Hat Enterprise Linux 4 serves as a replacement for JBoss Enterprise Web Platform 5.1.1. These updated packages include bug fixes and enhancements. JBoss Enterprise Web Platform is a subset of JBoss Enterprise Application Platform. Users are directed to the JBoss Enterprise Application Platform 5.1.2 Release Notes for information on the most significant of these changes.
-
16:06
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1803-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. OpenID4Java allows you to implement OpenID authentication in your Java applications. OpenID4Java is a Technology Preview. This JBoss Enterprise Web Platform 5.1.2 release for Red Hat Enterprise Linux 5 serves as a replacement for JBoss Enterprise Web Platform 5.1.1. These updated packages include bug fixes and enhancements. JBoss Enterprise Web Platform is a subset of JBoss Enterprise Application Platform. Users are directed to the JBoss Enterprise Application Platform 5.1.2 Release Notes for information on the most significant of these changes.
-
16:06
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1803-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. OpenID4Java allows you to implement OpenID authentication in your Java applications. OpenID4Java is a Technology Preview. This JBoss Enterprise Web Platform 5.1.2 release for Red Hat Enterprise Linux 5 serves as a replacement for JBoss Enterprise Web Platform 5.1.1. These updated packages include bug fixes and enhancements. JBoss Enterprise Web Platform is a subset of JBoss Enterprise Application Platform. Users are directed to the JBoss Enterprise Application Platform 5.1.2 Release Notes for information on the most significant of these changes.
-
16:06
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1803-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. OpenID4Java allows you to implement OpenID authentication in your Java applications. OpenID4Java is a Technology Preview. This JBoss Enterprise Web Platform 5.1.2 release for Red Hat Enterprise Linux 5 serves as a replacement for JBoss Enterprise Web Platform 5.1.1. These updated packages include bug fixes and enhancements. JBoss Enterprise Web Platform is a subset of JBoss Enterprise Application Platform. Users are directed to the JBoss Enterprise Application Platform 5.1.2 Release Notes for information on the most significant of these changes.
-
16:00
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1802-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. OpenID4Java allows you to implement OpenID authentication in your Java applications. OpenID4Java is a Technology Preview. This JBoss Enterprise Web Platform 5.1.2 release for Red Hat Enterprise Linux 6 serves as a replacement for JBoss Enterprise Web Platform 5.1.1. These updated packages include bug fixes and enhancements. JBoss Enterprise Web Platform is a subset of JBoss Enterprise Application Platform. Users are directed to the JBoss Enterprise Application Platform 5.1.2 Release Notes for information on the most significant of these changes.
-
16:00
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1802-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. OpenID4Java allows you to implement OpenID authentication in your Java applications. OpenID4Java is a Technology Preview. This JBoss Enterprise Web Platform 5.1.2 release for Red Hat Enterprise Linux 6 serves as a replacement for JBoss Enterprise Web Platform 5.1.1. These updated packages include bug fixes and enhancements. JBoss Enterprise Web Platform is a subset of JBoss Enterprise Application Platform. Users are directed to the JBoss Enterprise Application Platform 5.1.2 Release Notes for information on the most significant of these changes.
-
16:00
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1802-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. OpenID4Java allows you to implement OpenID authentication in your Java applications. OpenID4Java is a Technology Preview. This JBoss Enterprise Web Platform 5.1.2 release for Red Hat Enterprise Linux 6 serves as a replacement for JBoss Enterprise Web Platform 5.1.1. These updated packages include bug fixes and enhancements. JBoss Enterprise Web Platform is a subset of JBoss Enterprise Application Platform. Users are directed to the JBoss Enterprise Application Platform 5.1.2 Release Notes for information on the most significant of these changes.
-
-
15:56
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1615-03 - virt-v2v is a tool for converting and importing virtual machines to libvirt-managed KVM, or Red Hat Enterprise Virtualization. Using virt-v2v to convert a guest that has a password-protected VNC console to a KVM guest removed that password protection from the converted guest: after conversion, a password was not required to access the converted guest's VNC console. Now, converted guests will require the same VNC console password as the original guest. Note that when converting a guest to run on Red Hat Enterprise Virtualization, virt-v2v will display a warning that VNC passwords are not supported.
-
15:56
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1615-03 - virt-v2v is a tool for converting and importing virtual machines to libvirt-managed KVM, or Red Hat Enterprise Virtualization. Using virt-v2v to convert a guest that has a password-protected VNC console to a KVM guest removed that password protection from the converted guest: after conversion, a password was not required to access the converted guest's VNC console. Now, converted guests will require the same VNC console password as the original guest. Note that when converting a guest to run on Red Hat Enterprise Virtualization, virt-v2v will display a warning that VNC passwords are not supported.
-
15:56
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1615-03 - virt-v2v is a tool for converting and importing virtual machines to libvirt-managed KVM, or Red Hat Enterprise Virtualization. Using virt-v2v to convert a guest that has a password-protected VNC console to a KVM guest removed that password protection from the converted guest: after conversion, a password was not required to access the converted guest's VNC console. Now, converted guests will require the same VNC console password as the original guest. Note that when converting a guest to run on Red Hat Enterprise Virtualization, virt-v2v will display a warning that VNC passwords are not supported.
-
-
13:33
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1506-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the regular 7 year life-cycle of Red Hat Enterprise Linux 4 will end on February 29, 2012. After this date, Red Hat will discontinue the regular subscription services for Red Hat Enterprise Linux 4.
-
13:33
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1506-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the regular 7 year life-cycle of Red Hat Enterprise Linux 4 will end on February 29, 2012. After this date, Red Hat will discontinue the regular subscription services for Red Hat Enterprise Linux 4.
-
13:33
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1506-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the regular 7 year life-cycle of Red Hat Enterprise Linux 4 will end on February 29, 2012. After this date, Red Hat will discontinue the regular subscription services for Red Hat Enterprise Linux 4.
-
-
6:44
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2011-178 - Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library, including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object in a subdirectory of the current working directory during execution of a setgid program that has in RUNPATH. Various other issues have also been addressed. The updated packages have been patched to correct these issues.
-
6:44
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2011-178 - Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library, including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object in a subdirectory of the current working directory during execution of a setgid program that has in RUNPATH. Various other issues have also been addressed. The updated packages have been patched to correct these issues.
-
-
15:24
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1459-01 - Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. Users of bind97 are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon will be restarted automatically.
-
15:24
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1459-01 - Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. Users of bind97 are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon will be restarted automatically.
-
15:24
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1459-01 - Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. Users of bind97 are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon will be restarted automatically.
-
-
18:27
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1455-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. The freetype packages for Red Hat Enterprise Linux 4 provide both the FreeType 1 and FreeType 2 font engines. The freetype packages for Red Hat Enterprise Linux 5 and 6 provide only the FreeType 2 font engine. Multiple input validation flaws were found in the way FreeType processed CID-keyed fonts. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
-
18:27
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1455-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. The freetype packages for Red Hat Enterprise Linux 4 provide both the FreeType 1 and FreeType 2 font engines. The freetype packages for Red Hat Enterprise Linux 5 and 6 provide only the FreeType 2 font engine. Multiple input validation flaws were found in the way FreeType processed CID-keyed fonts. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
-
18:27
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1455-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. The freetype packages for Red Hat Enterprise Linux 4 provide both the FreeType 1 and FreeType 2 font engines. The freetype packages for Red Hat Enterprise Linux 5 and 6 provide only the FreeType 2 font engine. Multiple input validation flaws were found in the way FreeType processed CID-keyed fonts. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
-
-
15:56
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1402-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. The freetype packages for Red Hat Enterprise Linux 4 provide both the FreeType 1 and FreeType 2 font engines. The freetype packages for Red Hat Enterprise Linux 5 and 6 provide only the FreeType 2 font engine. Multiple input validation flaws were found in the way FreeType processed bitmap font files. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
-
15:56
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1402-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. The freetype packages for Red Hat Enterprise Linux 4 provide both the FreeType 1 and FreeType 2 font engines. The freetype packages for Red Hat Enterprise Linux 5 and 6 provide only the FreeType 2 font engine. Multiple input validation flaws were found in the way FreeType processed bitmap font files. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
-
15:56
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1402-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. The freetype packages for Red Hat Enterprise Linux 4 provide both the FreeType 1 and FreeType 2 font engines. The freetype packages for Red Hat Enterprise Linux 5 and 6 provide only the FreeType 2 font engine. Multiple input validation flaws were found in the way FreeType processed bitmap font files. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
-
-
18:55
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1401-01 - The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Red Hat Enterprise Linux. A buffer overflow flaw was found in the Xen hypervisor SCSI subsystem emulation. An unprivileged, local guest user could provide a large number of bytes that are used to zero out a fixed-sized buffer via a SAI READ CAPACITY SCSI command, overwriting memory and causing the guest to crash. Other bugs were also addressed.
-
18:55
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1401-01 - The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Red Hat Enterprise Linux. A buffer overflow flaw was found in the Xen hypervisor SCSI subsystem emulation. An unprivileged, local guest user could provide a large number of bytes that are used to zero out a fixed-sized buffer via a SAI READ CAPACITY SCSI command, overwriting memory and causing the guest to crash. Other bugs were also addressed.
-
18:55
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1401-01 - The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Red Hat Enterprise Linux. A buffer overflow flaw was found in the Xen hypervisor SCSI subsystem emulation. An unprivileged, local guest user could provide a large number of bytes that are used to zero out a fixed-sized buffer via a SAI READ CAPACITY SCSI command, overwriting memory and causing the guest to crash. Other bugs were also addressed.
-
-
15:42
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1292-01 - The jakarta-commons-daemon-jsvc package includes jsvc, a service wrapper that allows Java applications to be run as daemons. It was found that jsvc did not correctly drop capabilities after starting an application. If an administrator used jsvc to run an application, and also used the "-user" option to specify a user for it to run as, the application correctly ran as that user but did not drop its increased capabilities, allowing it access to all files and directories accessible to the root user. Note: This flaw does not affect Red Hat Enterprise Linux 5 and 6, as the jakarta-commons-daemon-jsvc packages for those products are not built with capabilities support.
-
15:42
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1292-01 - The jakarta-commons-daemon-jsvc package includes jsvc, a service wrapper that allows Java applications to be run as daemons. It was found that jsvc did not correctly drop capabilities after starting an application. If an administrator used jsvc to run an application, and also used the "-user" option to specify a user for it to run as, the application correctly ran as that user but did not drop its increased capabilities, allowing it access to all files and directories accessible to the root user. Note: This flaw does not affect Red Hat Enterprise Linux 5 and 6, as the jakarta-commons-daemon-jsvc packages for those products are not built with capabilities support.
-
15:42
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1292-01 - The jakarta-commons-daemon-jsvc package includes jsvc, a service wrapper that allows Java applications to be run as daemons. It was found that jsvc did not correctly drop capabilities after starting an application. If an administrator used jsvc to run an application, and also used the "-user" option to specify a user for it to run as, the application correctly ran as that user but did not drop its increased capabilities, allowing it access to all files and directories accessible to the root user. Note: This flaw does not affect Red Hat Enterprise Linux 5 and 6, as the jakarta-commons-daemon-jsvc packages for those products are not built with capabilities support.
-
-
14:21
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1253-01 - Updated kernel-rt packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise MRG 2.0. The Red Hat Security Response Team has rated this update as having important security impact.
-
14:21
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1253-01 - Updated kernel-rt packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise MRG 2.0. The Red Hat Security Response Team has rated this update as having important security impact.
-
14:21
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1253-01 - Updated kernel-rt packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise MRG 2.0. The Red Hat Security Response Team has rated this update as having important security impact.
-
-
23:34
»
Packet Storm Security Advisories
Secunia Security Advisory - Red Hat has issued an update for Red Hat Enterprise MRG. This fixes a security issue, which can be exploited by malicious, local users to disclose potentially sensitive information.
-
-
19:33
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1249-01 - Updated Grid component packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.0 for Red Hat Enterprise Linux 5.
-
19:33
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1249-01 - Updated Grid component packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.0 for Red Hat Enterprise Linux 5.
-
19:33
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1249-01 - Updated Grid component packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.0 for Red Hat Enterprise Linux 5.
-
-
14:25
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1241-01 - eCryptfs is a stacked, cryptographic file system. It is transparent to the underlying file system and provides per-file granularity. eCryptfs is released as a Technology Preview for Red Hat Enterprise Linux 5 and 6. The setuid mount.ecryptfs_private utility allows users to mount an eCryptfs file system. This utility can only be run by users in the "ecryptfs" group. A race condition flaw was found in the way mount.ecryptfs_private checked the permissions of a requested mount point when mounting an encrypted file system. A local attacker could possibly use this flaw to escalate their privileges by mounting over an arbitrary directory.
-
14:25
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1241-01 - eCryptfs is a stacked, cryptographic file system. It is transparent to the underlying file system and provides per-file granularity. eCryptfs is released as a Technology Preview for Red Hat Enterprise Linux 5 and 6. The setuid mount.ecryptfs_private utility allows users to mount an eCryptfs file system. This utility can only be run by users in the "ecryptfs" group. A race condition flaw was found in the way mount.ecryptfs_private checked the permissions of a requested mount point when mounting an encrypted file system. A local attacker could possibly use this flaw to escalate their privileges by mounting over an arbitrary directory.
-
14:25
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1241-01 - eCryptfs is a stacked, cryptographic file system. It is transparent to the underlying file system and provides per-file granularity. eCryptfs is released as a Technology Preview for Red Hat Enterprise Linux 5 and 6. The setuid mount.ecryptfs_private utility allows users to mount an eCryptfs file system. This utility can only be run by users in the "ecryptfs" group. A race condition flaw was found in the way mount.ecryptfs_private checked the permissions of a requested mount point when mounting an encrypted file system. A local attacker could possibly use this flaw to escalate their privileges by mounting over an arbitrary directory.
-
14:19
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1239-01 - This is the End of Life notification for Red Hat Enterprise Linux Extended Update Support Add-On (EUS) 4.7.
-
14:19
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1239-01 - This is the End of Life notification for Red Hat Enterprise Linux Extended Update Support Add-On (EUS) 4.7.
-
14:19
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1239-01 - This is the End of Life notification for Red Hat Enterprise Linux Extended Update Support Add-On (EUS) 4.7.
-
-
20:14
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1197-01 - Updated libvirt packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remotely managing virtualized systems. An integer overflow flaw was found in libvirtd's RPC call handling. An attacker able to establish read-only connections to libvirtd could trigger this flaw by calling virDomainGetVcpus() with specially-crafted parameters, causing libvirtd to crash.
-
20:14
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1197-01 - Updated libvirt packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remotely managing virtualized systems. An integer overflow flaw was found in libvirtd's RPC call handling. An attacker able to establish read-only connections to libvirtd could trigger this flaw by calling virDomainGetVcpus() with specially-crafted parameters, causing libvirtd to crash.
-
20:14
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1197-01 - Updated libvirt packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remotely managing virtualized systems. An integer overflow flaw was found in libvirtd's RPC call handling. An attacker able to establish read-only connections to libvirtd could trigger this flaw by calling virDomainGetVcpus() with specially-crafted parameters, causing libvirtd to crash.
-
-
17:57
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1111-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the Extended Update Support for Red Hat Enterprise Linux 5 Update 4 has ended.
-
17:57
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1111-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the Extended Update Support for Red Hat Enterprise Linux 5 Update 4 has ended.
-
17:57
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1111-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the Extended Update Support for Red Hat Enterprise Linux 5 Update 4 has ended.
-
-
19:37
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1105-01 - The libpng packages contain a library of functions for creating and manipulating PNG image format files. A buffer overflow flaw was found in the way libpng processed certain PNG image files. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash or, potentially, execute arbitrary code with the privileges of the user running the application. Note: The application behavior required to exploit CVE-2011-2690 is rarely used. No application shipped with Red Hat Enterprise Linux behaves this way, for example.
-
19:37
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1105-01 - The libpng packages contain a library of functions for creating and manipulating PNG image format files. A buffer overflow flaw was found in the way libpng processed certain PNG image files. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash or, potentially, execute arbitrary code with the privileges of the user running the application. Note: The application behavior required to exploit CVE-2011-2690 is rarely used. No application shipped with Red Hat Enterprise Linux behaves this way, for example.
-
19:37
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1105-01 - The libpng packages contain a library of functions for creating and manipulating PNG image format files. A buffer overflow flaw was found in the way libpng processed certain PNG image files. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash or, potentially, execute arbitrary code with the privileges of the user running the application. Note: The application behavior required to exploit CVE-2011-2690 is rarely used. No application shipped with Red Hat Enterprise Linux behaves this way, for example.
-
19:22
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1104-01 - The libpng packages contain a library of functions for creating and manipulating PNG image format files. A buffer overflow flaw was found in the way libpng processed certain PNG image files. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash or, potentially, execute arbitrary code with the privileges of the user running the application. Note: The application behavior required to exploit CVE-2011-2690 is rarely used. No application shipped with Red Hat Enterprise Linux behaves this way, for example.
-
19:22
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1104-01 - The libpng packages contain a library of functions for creating and manipulating PNG image format files. A buffer overflow flaw was found in the way libpng processed certain PNG image files. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash or, potentially, execute arbitrary code with the privileges of the user running the application. Note: The application behavior required to exploit CVE-2011-2690 is rarely used. No application shipped with Red Hat Enterprise Linux behaves this way, for example.
-
19:22
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1104-01 - The libpng packages contain a library of functions for creating and manipulating PNG image format files. A buffer overflow flaw was found in the way libpng processed certain PNG image files. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash or, potentially, execute arbitrary code with the privileges of the user running the application. Note: The application behavior required to exploit CVE-2011-2690 is rarely used. No application shipped with Red Hat Enterprise Linux behaves this way, for example.
-
-
8:21
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1090-01 - The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. A flaw was found that allowed napi_reuse_skb() to be called on VLAN packets. An attacker on the local network could trigger this flaw by sending specially-crafted packets to a target system, possibly causing a denial of service.
-
8:21
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1090-01 - The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. A flaw was found that allowed napi_reuse_skb() to be called on VLAN packets. An attacker on the local network could trigger this flaw by sending specially-crafted packets to a target system, possibly causing a denial of service.
-
8:21
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1090-01 - The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. A flaw was found that allowed napi_reuse_skb() to be called on VLAN packets. An attacker on the local network could trigger this flaw by sending specially-crafted packets to a target system, possibly causing a denial of service.
-
-
7:37
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1073-01 - Bash is the default shell for Red Hat Enterprise Linux. It was found that certain scripts bundled with the Bash documentation created temporary files in an insecure way. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrary files accessible to the victim running the scripts.
-
7:37
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1073-01 - Bash is the default shell for Red Hat Enterprise Linux. It was found that certain scripts bundled with the Bash documentation created temporary files in an insecure way. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrary files accessible to the victim running the scripts.
-
7:37
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1073-01 - Bash is the default shell for Red Hat Enterprise Linux. It was found that certain scripts bundled with the Bash documentation created temporary files in an insecure way. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrary files accessible to the victim running the scripts.
-
-
19:16
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-0945-01 - The Enterprise Web Platform is for mid-size workloads, focusing on light and rich Java applications. Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform. This JBoss Enterprise Web Platform 5.1.1 release for Red Hat Enterprise Linux 4, 5, and 6 serves as a replacement for JBoss Enterprise Web Platform 5.1.0. These updated packages include the bug fixes detailed in the release notes, which are linked to from the References section of this erratum. Various other issues were also addressed.
-
19:16
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-0945-01 - The Enterprise Web Platform is for mid-size workloads, focusing on light and rich Java applications. Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform. This JBoss Enterprise Web Platform 5.1.1 release for Red Hat Enterprise Linux 4, 5, and 6 serves as a replacement for JBoss Enterprise Web Platform 5.1.0. These updated packages include the bug fixes detailed in the release notes, which are linked to from the References section of this erratum. Various other issues were also addressed.
-
19:16
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-0945-01 - The Enterprise Web Platform is for mid-size workloads, focusing on light and rich Java applications. Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform. This JBoss Enterprise Web Platform 5.1.1 release for Red Hat Enterprise Linux 4, 5, and 6 serves as a replacement for JBoss Enterprise Web Platform 5.1.0. These updated packages include the bug fixes detailed in the release notes, which are linked to from the References section of this erratum. Various other issues were also addressed.
-
-
6:39
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-0938-01 - Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary.
-
6:39
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-0938-01 - Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary.
-
6:39
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-0938-01 - Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary.
-
-
18:20
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-0926-01 - Updated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. A flaw was discovered in the way BIND handled certain DNS requests. A remote attacker could use this flaw to send a specially-crafted DNS request packet to BIND, causing it to exit unexpectedly due to a failed assertion.
-
18:20
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-0926-01 - Updated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. A flaw was discovered in the way BIND handled certain DNS requests. A remote attacker could use this flaw to send a specially-crafted DNS request packet to BIND, causing it to exit unexpectedly due to a failed assertion.
-
18:20
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-0926-01 - Updated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. A flaw was discovered in the way BIND handled certain DNS requests. A remote attacker could use this flaw to send a specially-crafted DNS request packet to BIND, causing it to exit unexpectedly due to a failed assertion.
-
-
17:25
»
Packet Storm Security Exploits
The seunshare setuid root utility from policycore-utils as distributed by Red Hat Enterprise Linux and Fedora can be manipulated to perform privilege escalation attacks.
-
17:25
»
Packet Storm Security Recent Files
The seunshare setuid root utility from policycore-utils as distributed by Red Hat Enterprise Linux and Fedora can be manipulated to perform privilege escalation attacks.
-
17:25
»
Packet Storm Security Misc. Files
The seunshare setuid root utility from policycore-utils as distributed by Red Hat Enterprise Linux and Fedora can be manipulated to perform privilege escalation attacks.
-
-
21:06
»
Packet Storm Security Advisories
Secunia Security Advisory - Red Hat has acknowledged a vulnerability in Red Hat Enterprise MRG, which can be exploited by malicious people to compromise a vulnerable system.
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Hack a Day
Wirevolution