165 matches found
Debian: Security Advisory (DSA-2323-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu Update for radvd USN-1257-1
Ubuntu Update for Linux kernel vulnerabilities USN-1257-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12571.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for radvd USN-1257-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...
USN-1257-1: radvd vulnerabilities
Vasiliy Kulikov discovered that radvd incorrectly parsed the NDOPTDNSSLINFORMATION option. A remote attacker could exploit this with a specially-crafted request and cause the radvd daemon to crash, or possibly execute arbitrary code. The default compiler options for affected releases should reduc...
Fedora 16 : radvd-1.8.2-2.fc16 (2011-13989)
update to latest upstream radvd-1.8.2 fixes CVE-2011-3601, CVE-2011-3602, CVE-2011-3603, CVE-2011-3604, CVE-2011-= 3605 ---------------------------------------------------------------------- -----= Note that Tenable Network Security has extracted the preceding description block directly from the...
[SECURITY] [DSA 2323-1] radvd security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2323-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez October 26, 2011 http://www.debian.org/security/faq -...
Fedora Update for radvd FEDORA-2011-14022
Check for the Version of radvd OpenVAS Vulnerability Test Fedora Update for radvd FEDORA-2011-14022 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
Fedora Update for radvd FEDORA-2011-14000
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
[SECURITY] [DSA 2323-1] radvd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2323-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez October 26, 2011 http://www.debian.org/security/faq -...
Fedora 14 : radvd-1.8.2-2.fc14 (2011-14000)
update to latest upstream radvd-1.8.2 fixes CVE-2011-3601, CVE-2011-3602, CVE-2011-3603, CVE-2011-3604, CVE-2011-= 3605 ---------------------------------------------------------------------- -----= Note that Tenable Network Security has extracted the preceding description block directly from the...
DSA-2323-1 radvd - several
Bulletin has no description...
Security fix for the ALT Linux 6 package radvd version 1.8.2-alt1
Oct. 7, 2011 Vladimir V Kamarzin 1.8.2-alt1 - 1.8.2. Security fixes: + CVE-2011-3601 + CVE-2011-3602 + CVE-2011-3603 + CVE-2011-3604 + CVE-2011-3605...
CVE-2011-3602
Directory traversal vulnerability in device-linux.c in the router advertisement daemon radvd before 1.8.2 allows local users to overwrite arbitrary files, and remote attackers to overwrite certain files, via a .. dot dot in an interface name. NOTE: this can be leveraged with a symlink to overwrit...
CVE-2010-3602
The vulnerability is an XSS in mojoPortal’s ProfileView.aspx affecting versions 2.3.4.3 and 2.3.5.1, exploitable via the User ID parameter to inject arbitrary script/HTML. The root cause is untrusted input handling in the ProfileView.aspx workflow. Exploit details, exploitability specifics, and a...
CVE-2010-3602
Cross-site scripting XSS vulnerability in ProfileView.aspx in mojoPortal 2.3.4.3 and 2.3.5.1 allows remote attackers to inject arbitrary web script or HTML via the User ID parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-3602
creationtimestamp| type| source ---|---|--- 2010-09-16 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/15018...
openSUSE Security Update : unbound (unbound-2015)
Unbound did not check signatures on NSEC3 records which allowed attackers who could spoof DNS responses to bypass DNSSEC. CVE-2009-3602: CVSS v2 Base Score: 7.5 HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
[SECURITY] [DSA 1963-1] New unbound packages fix DNSSEC validation
------------------------------------------------------------------------ Debian Security Advisory DSA-1963-1 [email protected] http://www.debian.org/security/ Florian Weimer December 23, 2009 http://www.debian.org/security/faq -...
CVE-2009-3602
Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses...
CVE-2009-3602
Unbound (DNS resolver) versions before 1.3.4 are affected by CVE-2009-3602 due to incorrect verification of NSEC3 signatures, allowing remote attackers to cause secure delegations to be downgraded via DNS spoofing or related DNS attacks when handling crafted responses. Public disclosures and advi...
CVE-2008-3602
admin/wradmin.php in PHP-Ring Webring System aka uPHPringwebsite 0.9.1 allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie to 1...