(Jul 7) A buffer overflow has been identified in nginx, a small, powerful, scalable web/proxy server, when processing certain chunked transfer encoding requests if proxy_pass to untrusted upstream HTTP servers is used. An attacker may use this flaw to perform denial of service [More…]
Archive for July, 2013
(Jul 6) Multiple security issues have been found in Icedove, Debian’s version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors, use-after-free vulnerabilities, missing permission checks, incorrect memory handling and other implementaton errors may lead to the execution [More…]
(Jul 8) Applications using Raptor could be made to expose sensitive information orrun programs as your login if they opened a specially crafted file.
(Jul 3) PyMongo could be made to crash under certain conditions.
(Jul 4) Several security issues were fixed in the kernel.
(Jul 4) Several security issues were fixed in the kernel.
(Jul 3) Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More…]
(Jul 2) libvirt could be made to crash if it received specially crafted networktraffic.
(Jul 2) Several vulnerabilities were identified in Wordpress, a web blogging tool. As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the Wordpress package to the latest upstream version instead of [More…]
(Jul 3) Module::Signature could be made to run programs if it verified a signature.
(Jul 3) USN-1890-1 introduced a regression in Firefox.
New checks have been added to File System section:
– (Linux) If it’s impossible to read, write, change owner or group inside of DUMP_D folder (by defaults, /var/lib/psa/dumps) the upgrade procedure will be failed.
– (Windows) Check that PleskSQLServer service can be started before upgrade.
(Jul 2) libcurl could be made to crash or run programs as your login if it receivedspecially crafted input.
In the July 2013 survey we received responses from 698,823,509 sites, an increase of 25.8M. Apache and nginx, both open source web servers, have lost market share this month whilst Microsoft gained significantly, up by 2.43 percentage points, to just shy of 20% of worldwide sites. For the second consecutive month, nginx is powering fewer sites […]
The following bugs have been fixed:
[-] Several issues related to the operation of Apache web server were resolved.
[-] Dedicated IIS application pool settings defined in service templates were not propagated to the subscriptions based on those templates.
(Jun 28) Jon Erickson of iSIGHT Partners Labs discovered a heap overflow in xml-security-c, an implementation of the XML Digital Security specification. The fix to address CVE-2013-2154 introduced the possibility of a heap overflow in the processing of malformed XPointer [More…]
Rank Performance Graph OS Outagehh:mm:ss FailedReq% DNS […]