(Oct 11) Robert Matthews discovered that the Apache FCGID module, a FastCGI implementation for Apache HTTP Server, fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service [More…]
You can subscribe to RSS or Atom feeds, linked from
(Oct 10) Two vulnerabilities were discovered in GnuPG, the GNU privacy guard, a free PGP replacement. The Common Vulnerabilities and Exposures project identifies the following problems: [More…]
(Oct 9) John Fitzpatrick of MWR InfoSecurity discovered an authentication bypass vulnerability in torque, a PBS-derived batch processing queueing system. The torque authentication model revolves around the use of privileged [More…]
(Oct 10) It was discovered that ejabberd, a Jabber/XMPP server, uses SSLv2 and weak ciphers for communication, which are considered insecure. The software offers no runtime configuration options to disable these. This update disables the use of SSLv2 and weak ciphers. [More…]
50 queries. 8.5 mb Memory usage. 0.999 seconds.