Lucene search
K

9411 matches found

Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.36 views

Amazon Linux AMI : ruby (ALAS-2012-139)

Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the nameerrmesgtostr API function, which marks the string as tainted, a different vulnerability than...

5CVSS8AI score0.02619EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.30 views

Amazon Linux AMI : openssl (ALAS-2011-04)

The MITRE CVE database describes CVE-2011-3207 as : crypto/x509/x509vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. C Tenable...

5CVSS7.6AI score0.05012EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.50 views

Amazon Linux AMI : kernel (ALAS-2011-26)

IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system's networking, preventing legitimate users from accessing its services. CVE-2011-2699 , Important A signedness issue was found in the Linux kernel's CIFS Common Internet File System implementatio...

9.1CVSS7.2AI score0.05798EPSS
Exploits9References15
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.44 views

Amazon Linux AMI : postgresql9 (ALAS-2012-91)

The cryptdes aka DES-based crypt function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an...

4.3CVSS8.1AI score0.05734EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.24 views

Amazon Linux AMI : bind (ALAS-2013-176)

A denial of service flaw was found in the libdns library. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash. CVE-2013-2266 C Tenable Network Security, Inc. The...

7.8CVSS6.4AI score0.42851EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.35 views

Amazon Linux AMI : bind (ALAS-2012-84)

A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory...

8.5CVSS6.6AI score0.13538EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.45 views

Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2012-119)

It was discovered that the Beans component in OpenJDK did not perform permission checks properly. An untrusted Java application or applet could use this flaw to use classes from restricted packages, allowing it to bypass Java sandbox restrictions. CVE-2012-1682 A hardening fix was applied to the...

10CVSS8.2AI score0.12471EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.35 views

Amazon Linux AMI : kernel / nvidia (ALAS-2013-148)

A malicious Network File System version 4 NFSv4 server could return a crafted reply to a GETACL request, causing a denial of service on the client. CVE-2012-2375 , Moderate A divide-by-zero flaw was found in the TCP Illinois congestion control algorithm implementation in the Linux kernel. If the...

7.1CVSS6.7AI score0.03614EPSS
Exploits8References6
Amazon
Amazon
added 2013/02/03 12:0 a.m.20 views

Important: nss

Issue Overview: It was found that a Certificate Authority CA mis-issued two intermediate certificates to customers. These certificates could be used to launch man-in-the-middle attacks. This update renders those certificates as untrusted. This covers all uses of the certificates, including SSL,...

7.1AI score
Exploits0References1
Amazon
Amazon
added 2013/02/03 12:0 a.m.43 views

Medium: mysql51

Issue Overview: This update fixes several vulnerabilities in the MySQL database server. Affected Packages: mysql51 Issue Correction: Run yum update mysql51 or yum update --advisory ALAS-2013-152 to update your system. New Packages: i686: mysql51-5.1.67-1.60.amzn1.i686 ...

4CVSS5.7AI score0.02628EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2007/05/25 12:0 a.m.102 views

OS Identification : Linux Distribution

This plugin attempts to identify the operating system type and version by looking at certain files on the remote operating system e.g., '/etc/redhat-release' on Red Hat. %NASLMINLEVEL 70300 C Tenable, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid25335;...

6AI score
Exploits0
Rows per page
Query Builder