Search Results

Search found 1066 results on 43 pages for 'vulnerability scanning'.

Page 2/43 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Multiple vulnerabilities in Pidgin

    - by RitwikGhoshal
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2010-4528 Improper Input Validation vulnerability 4.0 Pidgin Solaris 10 SPARC: 147992-02 X86: 147993-02 CVE-2011-1091 Denial of service(DOS) vulnerability 4.0 CVE-2011-2943 Denial of service(DOS) vulnerability 4.3 CVE-2011-3184 Resource Management Errors vulnerability 4.3 CVE-2011-3185 Improper Input Validation vulnerability 9.3 CVE-2011-4601 Improper Input Validation vulnerability 5.0 CVE-2011-4602 Improper Input Validation vulnerability 5.0 CVE-2011-4603 Improper Input Validation vulnerability 5.0 CVE-2011-4922 Information Exposure vulnerability 2.1 CVE-2011-4939 Permissions, Privileges, and Access Controls vulnerability 6.4 CVE-2012-1178 Resource Management Errors vulnerability 5.0 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • How do I stop Sophos anti virus from scanning directories that are under source control

    - by user26453
    From googling it seems its well known that SophosAV as well as other AV programs have issues with how they interact and can inhibit source control utilities like TortoiseHG or TortoiseSVN. One solution is to exclude directories under source control from on-access scanning as detailed here on Sophos's support site. There is a corollary article that mentions some issues related to this, namely the need to place multiple entries for exclusions based on the possibility of the location being accessed through the short vs. long name (e.g., Progra~1 vs. "Program Files"). One other twist is I am using a junction to relocate my user directory, C:\Users\Username, to a second hard drive, E:. Since I am not sure how this interacts I have included the source control directory as they are nested in both locations. As a result, I have included the two exclusions for the on-access scanning exclusions (and to be on the safe side on-demand exclusions as well, although this should only come into play when I select a parent directory of the exclusion to be scanned on-demand, but still). You'll notice I have no need to add extra exclusions for those locations based on short vs. long name distinctions. The two exclusion I have then, for both on-access and on-demand scanning exclusions are: C:\Users\Username\source-control-directory E:\source-control-directory However, this does not seem to work as TortoiseHG still lags terribly in response to any request as AV software starts scanning when the directory is accessed via TortoiseHG. I can verify without a doubt that Sophos is causing the problems: I can completely disable on-access scanning. Once this is done TortoiseHG responds very fast to all operations. I cannot leave this disabled obviously, but since the exclusion don't seem to be working, what next?

    Read the article

  • How to stop SophosAV from scanning directories under source control

    - by user26453
    From googling it seems its well known that SophosAV as well as other AV programs have issues with how they interact and can inhibit source control utilities like TortoiseHG or TortoiseSVN. One solution is to exclude directories under source control from on-access scanning as detailed here on Sophos's support site. There is a corollary article that mentions some issues related to this, namely need to place multiple entries for exclusions based on the possibility of the location being accessed through the short vs. long name (e.g., Progra~1 vs. "Program Files"). One other twist is I am using a junction to relocate my user directory, C:\Users\Username, to a second hard drive, E:. Since I am not sure how this interacts I have included the source control directory as they are nested in both locations. As a result, I have included the two exclusions for the on-access scanning exclusions (and to be on the safe side on-demand exclusions as well, although this should only come into play when I select a parent directory of the exclusion to be scanned on-demand, but still). You'll notice I have no need to add extra exclusions for those locations based on short vs. long name distinctions. The two exclusion I have then, for both on-access and on-demand scanning exclusions are: C:\Users\Username\source-control-directory E:\source-control-directory However, this does not seem to work as TortoiseHG still lags terribly in response to any request as AV software starts scanning when the directory is accessed via TortoiseHG. I can verify without a doubt that Sophos is causing the problems: I can completely disable on-access scanning. Once this is done TortoiseHG responds very fast to all operations. I cannot leave this disabled obviously, but since the exclusion don't seem to be working, what next?

    Read the article

  • Is scanning the ports considered harmful?

    - by Manoj R
    If any application is scanning the ports of other machines, to find out whether any particular service/application is running, will it be considered harmful? Is this treated as hacking? How else can one find out on which port the desired application is running (without the user input)? Let's say I only know the port range in which the other application could be running, but not the exact port. In this case, my application ping each of the port in range to check whether the other application is listening on it, using already defined protocol. Is this a normal design? Or is this considered harmful for the security?

    Read the article

  • Security vulnerability and nda's [closed]

    - by Chris
    I want to propose a situation and gain insight from the communities thoughts. A customer, call them Customer X has a contract with a vendor, Vendor Y to provide an application and services. Customer X discovers a serious authentication vulnerability in Vendor Y's software. Vendor Y and Customer X has a discussion. Vendor Y acknowledges/confirms flaw. Vendor Y confirms they will put effort to fix. Customer X requests Vendor Y to inform all customers impacted by this. Vendor agrees. Fast forward 2 months, and the flaw has not been fixed. Patches were applied to mitigate but the flaw still exists. However, no customers were informed of issue. At this point customer X contacts Vendor Y to determine the status and understand why customer's were not informed. The vendor nicely reminds the customer they are under an NDA and are still working on the issue. A few questions/discussion pieces out of this. By discussing a software flaw with a vendor, does this imply you have agreed to any type of NDA disclosure? Additionally, what rights as does Customer X have to inform other customers of this vulnerability if vendor does not appear willing to comply? I (the op) am under the impression that when this situation occurs, you are supposed to notify vendor of issue, provide them with ample time to respond and if no response you are able to do what you wish with the information. I am thinking back to the MIT/subway incident where they contacted transit authorities, transit authorities didn't respond in a timely fashion so the students disclosed the information publicly on their own. Few things to note about this: I am not the customer in above situation, also lets assume for purposes of keeping discussion inline that customer X has no intentions of disclosing information, they are merely concerned and interested in making sure other customers are aware until it is fixed so they do not expierence a major security breach. (More information can be supplied if needed to add context to question. )

    Read the article

  • Lexmark X5650 doesn't print (scanning works)

    - by unor
    I want to use a Lexmark X5650 under Ubuntu. When I connect it via USB, Ubuntu recognizes the device, but can't find a driver. On the Lexmark support site, you can select "Unix/Linux" and then "Ubuntu 9.04", "9.10", "10.04" and "10.10". However, all versions lead to the same driver: lexmark-08z-series-driver-1.0-1.i386.deb.sh.tar.gz (Last updated: 2012-04-13). While installing this driver, the installer asks me to connect the device. As soon as I connect it via USB, Ubuntu now adds the printer automatically. So after the installation completed, I had 2 printers set up. But I can't print anything (I tried it with both printer configurations). Scanning works fine, though. So I guess the driver installation and the device connection are successful. When I try to print something, the print job is listed in the printing queue, but nothing happens. After some time, I get an error message which starts a debug wizard, but in the end it reads something like "Sorry, couldn't find the reason". I had several different error messages (unfortunately, I didn't record them), one was approximately like "printer cannot communicate with computer". Another said that my color ink was low (which is true, but black is full). Another said there was an input/output error. I tried it with Ubuntu 11.10. Because I read that some people had success with 10.04., I installed it in QEMU and installed the driver there, too. Same problem, though. I'd like to upgrade to 12.04, if it should work there for any reason, but I read that for some people this printer stopped working in 12.04 :/ So, it would be best if the printer would work in 12.04. If that's not possible, I'd be fine with starting a QEMU virtual machine with any GNU/Linux distribution that works with my printer.

    Read the article

  • CVE-2014-3520 Privilege Escalation vulnerability in OpenStack Keystone

    - by Ritwik Ghoshal
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2014-3520 Privilege Escalation vulnerability 3.5 OpenStack Identity (Keystone) Solaris 11.2 11.2.1.5.0 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2011-2896 Buffer overflow vulnerability in GIMP

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-2896 Buffer Overflow vulnerability 5.1 GIMP Image Editor Solaris 10 SPARC: 147988-01 X86: 147989-01 Solaris 11 Express snv_151a + 7079990 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2010-1634 Integer Overflow vulnerability in Python

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2010-1634 Integer Overflow vulnerability 5.0 Python Solaris 10 SPARC: 143506-03 X86: 143507-03 Solaris 11 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2011-2895 Buffer Overflow vulnerability in X.Org

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-2895 Buffer Overflow vulnerability 9.3 X.Org Solaris 10 SPARC: 125719-41 119059-60 X86: 119060-59 125720-51 Solaris 9 Contact Support Solaris 8 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2004-1010 Buffer Overflow vulnerability in Zip utility

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2004-1010 Buffer Overflow vulnerability 10.0 Zip Solaris 10 SPARC: 147378-01 X86: 147379-01 Solaris 9 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2011-4313 Denial of Service Vulnerability in BIND Domain Name Server

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4313 Denial of Service vulnerability 5 BIND DNS software Solaris 11 Contact support Solaris 10 SPARC: IDR148282-01 X86: IDR148283-01 Solaris 8 SPARC: IDR148278-01 X86: IDR148279-01 Solaris 9 SPARC: IDR148280-01 X86: IDR148281-01 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2014-0591 Buffer Errors vulnerability in Bind

    - by Ritwik Ghoshal
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2014-0591 Buffer Errors vulnerability 2.6 Bind Solaris 10 SPARC: 119783-28 X86: 119784-28 Solaris 11.1 11.1.16.5.0 Solaris 9 SPARC: 112837-30 X86: 114265-29 Please Note: The patches mentioned above will upgrade Bind to 9.6-ESV-R10-P2. This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2006-4514 Buffer overflow vulnerability in Gnome Structured File library (libgsf)

    - by RitwikGhoshal
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2006-4514 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 7.5 Gnome Structured File library (libgsf) Solaris 10 SPARC: 149108-01 X86: 149109-01 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2011-4862 Buffer Overflow vulnerability in Telnet

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4862 Buffer Overflow vulnerability 7.5 Telnet Solaris 10 SPARC: 148657-01 X86: 148658-01 Solaris 11 11/11 SRU 04 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2012-3410 stack-based buffer overflow vulnerability in Bash

    - by RitwikGhoshal
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-3410 Buffer overflow vulnerability 4.6 Bash Solaris 11 Contact Support Solaris 10 SPARC: 126546-04 X86: 126547-04 Solaris 9 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2012-2763 Buffer overflow vulnerability in Gimp

    - by RitwikGhoshal
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-2763 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 7.5 Gimp Solaris 11 11/11 SRU 11.4 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2012-1712 Path Traversal Vulnerability in Sun GlassFish Web Space Server

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-1712 Path Traversal Vulnerability 5.0 Liferay Sun GlassFish Web Space Server 10.0 Update 7 Patch 2 SPARC X86 Linux Windows Oracle acknowledges with thanks, Christian Schneider for bringing this issue to our attention. This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2008-6536 Unspecified vulnerability in 7-zip

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2008-6536 Unspecified vulnerability 10.0 7-zip Solaris 10 SPARC: 137321-02 x86: 137322-02 Solaris 9 SPARC: 137477-02 x86: 137478-02 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2011-4128 Buffer Overflow vulnerability in gnutls

    - by Umang_D
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4128 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 4.3 gnutls Solaris 11 11/11 SRU 12.4 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2008-3529 Buffer overflow vulnerability in libxml2

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2008-3529 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0 libxml2 Solaris 10 SPARC: 125731-07 X86: 125732-07 Solaris 9 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2011-3256 Denial of Service (DoS) vulnerability in FreeType 2

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-3256 Denial of Service (DoS) vulnerability 4.3 FreeType 2 Library Solaris 11 Contact Support Solaris 10 SPARC: 119812-13 X86: 119813-15 Solaris 9 Contact Support Solaris 8 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2011-1937 Cross-site scripting (XSS) vulnerability in Webmin

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-1937 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 Webmin Solaris 10 SPARC: 145006-03 X86: 145007-03 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >