The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x before 0.23.2, and 1.0.x before 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin before 0.20.2+923.197, and other products, allows remote authenticated users to impersonate arbitrary cluster user accounts via unspecified vectors. (CVSS:6.5) (Last Update:2012-12-05)
All posts by 007admin
WatchGuard Recognized as a UTM Market Leader
WatchGuard Recognized as a “Leader” in Latest 2012 Magic Quadrant for Unified Threat Management
lenny backports discontinued
Following the normal Debian Archive lenny-backports is now discontinued. That means that no upload will be possible anymore and lenny-backports(-sloppy) get moved to archive.debian.org. If you haven't updated yet - now is the time to move to squeeze. Some numbers about lenny-backports and lenny-backports-sloppy: - Source packages: lenny-backports: 667 - sloppy: 21 - Uploads: lenny-backports: 1445 - sloppy: 51 - Contributors: lenny-backports: 146 - sloppy: 17 Without all those contributors lenny-backports wouldn't have been possible. Thank you very much for your support! Alex and Rhonda - backports.debian.org ftpmasters P.S. and of course a big thanks to ganneff, without him we wouldn't be able to run the dak monster :)
WatchGuard Wins Security Industry's Global Excellence Award for Medium Enterprise Security Solution
WatchGuard XTM 8 Series Wins as Next-Generation Firewall
CVE-2012-1181
fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via a series of HTTP requests that triggers a process count higher than the intended limit. (CVSS:5.0) (Last Update:2012-09-07)
CVE-2012-0612 (iphone_os, itunes, safari)
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2012-0613 (iphone_os, itunes, safari)
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2012-0614 (iphone_os, itunes, safari)
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2012-0615 (iphone_os, itunes, safari)
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2012-0617 (iphone_os, itunes, safari)
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.