148 matches found
CVE-2015-0239
CVE-2015-0239 affects the Linux kernel KVM emulation path (arch/x86/kvm/emulate.c). If a guest OS does not initialize SYSENTER MSRs, em_sysenter can trigger using a 16‑bit code segment to emulate SYSENTER, allowing a guest OS user to gain guest privileges or cause a guest crash. The vulnerability...
Ubuntu: Security Advisory (USN-2516-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2515-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2513-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DSA-3170-1 linux - security update
Bulletin has no description...
Ubuntu: Security Advisory (USN-2257-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : Samba vulnerabilities (USN-2257-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2257-1 advisory. Christof Schmitt discovered that Samba incorrectly initialized a certain response field when vfs shadow copy was enabled. A remote authenticated attacker...
USN-2257-1: Samba vulnerabilities
Christof Schmitt discovered that Samba incorrectly initialized a certain response field when vfs shadow copy was enabled. A remote authenticated attacker could use this issue to possibly obtain sensitive information. This issue only affected Ubuntu 13.10 and Ubuntu 14.04 LTS. CVE-2014-0178 It was...
[slackware-security] samba
New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/samba-4.1.9-i486-1slack14.1.txz: Upgraded. This update fixes bugs and security issues, including a flaw in Samba's internal DNS...
Security fix for the ALT Linux 8 package samba-DC version 4.1.8-alt1
June 4, 2014 Alexey Shabalin 4.1.8-alt1 - 4.1.8 - fixed CVE-2014-0239, CVE-2014-0178...
Security fix for the ALT Linux 10 package samba version 4.1.8-alt1
June 4, 2014 Alexey Shabalin 4.1.8-alt1 - 4.1.8 - fixed CVE-2014-0239, CVE-2014-0178...
Security fix for the ALT Linux 8 package samba version 4.1.8-alt1
June 4, 2014 Alexey Shabalin 4.1.8-alt1 - 4.1.8 - fixed CVE-2014-0239, CVE-2014-0178...
CVE-2014-0239
The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service CPU and bandwidth consumption via a forged response packet that triggers a...
CVE-2014-0239
CVE-2014-0239 concerns the internal DNS server in Samba 4.x prior to 4.0.18. The issue arises because the DNS header QR field is not checked before sending a response, enabling a remote attacker to trigger a forged response that can cause a denial of service via a communication loop, consuming CP...
Important: Red Hat Security Advisory: apache-cxf security update
An update for the Apache CXF component of JBoss Portal Platform 6.0.0 which fixes two security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base...
Important: Red Hat Security Advisory: apache-cxf security update
An update for the Apache CXF component of JBoss Enterprise Application Platform 6.0.1 which fixes two security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring Syste...
CVE-2013-0239
CVE-2013-0239 affects Apache CXF: versions before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3. When plaintext UsernameToken WS-SecurityPolicy is enabled, a security header containing a UsernameToken element with no password can bypass authentication. This is an authentication bypass vulnera...
CVE-2012-0239
uaddUpAdmin.asp in Advantech/BroadWin WebAccess before 7.0 does not properly perform authentication, which allows remote attackers to modify an administrative password via a password-change request...
CVE-2012-0239
Summary: CVE-2012-0239 affects Advantech/BroadWin WebAccess prior to version 7.0. The issue is an authentication vulnerability in uaddUpAdmin.asp that allows remote, unauthenticated changes to the administrator password. Impact (as stated): attacker can modify an admin password remotely. Affected...
Microsoft Windows TCP/IP Could Allow Remote Code Execution (974145)
This host is missing a critical security update according to Microsoft Bulletin MS10-009. OpenVAS Vulnerability Test $Id: gbms10-009.nasl 5364 2017-02-20 13:26:07Z cfi $ Microsoft Windows TCP/IP Could Allow Remote Code Execution 974145 Authors: Madhuri D Copyright: Copyright c 2010 Greenbone...