40 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-11176
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mqnotify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a...
Security Bulletin: Multiple vulnerabilities in IPv6 and MQ affect IBM SAN Volume Controller, IBM Storwize and IBM FlashSystem products
Summary Vulnerabilities in the IPv6 and MQ components affect IBM SAN Volume Controller, IBM Storwize and IBM FlashSystem products. Applicable CVEs are CVE-2016-10142 and CVE-2017-11176. Vulnerability Details CVEID: CVE-2016-10142 DESCRIPTION: The IETF IPv6 protocol is vulnerable to a denial of...
Security Bulletin: Vulnerabilities in IPv6 and MQ affect the IBM FlashSystem models 840 and 900
Summary There are vulnerabilities in the IPv6 and MQ components which affect the IBM FlashSystem™ 840 and IBM FlashSystem 900. An exploit of these vulnerabilities CVE-2016-10142 and CVE-2017-11176 could make the system susceptible to attacks which could allow an attacker to trigger a kernel panic...
SUSE CVE-2017-11176
The mqnotify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service use-after-free or possibly have unspecified other impact...
Ubuntu: Security Advisory (USN-3470-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:2389-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
animefreak.tv Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1088246 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
Photon OS 1.0: Linux PHSA-2017-0025
An update of the linux package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0025. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121716;...
Linux Kernel < 4.11.8 - mq_notify: double sock_put() Local Privilege Escalation Exp
Exploit for linux platform in category local exploits / CVE-2017-11176: "mqnotify: double sockput" by LEXFO 2018. DISCLAIMER: The following code is for EDUCATIONAL purpose only. Do not use it on a system without authorizations. WARNING: The exploit WILL NOT work on your target, it requires...
Linux Kernel 4.11.8 - mq_notify: double sock_put() Local Privilege Escalation
Linux Kernel 4.11.8 - mqnotify: double sockput Local Privilege Escalation / CVE-2017-11176: "mqnotify: double sockput" by LEXFO 2018. DISCLAIMER: The following code is for EDUCATIONAL purpose only. Do not use it on a system without authorizations. WARNING: The exploit WILL NOT work on your target...
Linux Kernel < 4.11.8 - 'mq_notify: double sock_put()' Local Privilege Escalation
/ CVE-2017-11176: "mqnotify: double sockput" by LEXFO 2018. DISCLAIMER: The following code is for EDUCATIONAL purpose only. Do not use it on a system without authorizations. WARNING: The exploit WILL NOT work on your target, it requires modifications! Compile with: gcc -fpic -O0 -std=c99 -Wall...
Photon OS 1.0: Libxslt / Linux / Sqlite PHSA-2017-0025 (deprecated)
An update of linux,sqlite-autoconf,libxslt packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0025. The text itself is copyright C...
Security Bulletin: Vulnerabilities in IPv6 and MQ affect the IBM FlashSystem model V840
Summary There are vulnerabilities in the IPv6 and MQ components which affect the IBM FlashSystem™ V840. An exploit of these vulnerabilities CVE-2016-10142 and CVE-2017-11176 could make the system susceptible to attacks which could allow an attacker to trigger a kernel panic or denial of service...
Debian: Security Advisory (DLA-1099-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0174) (BlueBorne) (Dirty COW) (Stack Clash)
The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2017-0174 for details. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were extracted from OracleVM Security Advisory...
SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2920-1) (KRACK) (Stack Clash)
The SUSE Linux Enterprise 12 GA LTS kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-15649: net/packet/afpacket.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of...
Ubuntu: Security Advisory (USN-3470-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3468-1: Linux kernel vulnerabilities
It was discovered that the KVM subsystem in the Linux kernel did not properly bound guest IRQs. A local attacker in a guest VM could use this to cause a denial of service host system crash. CVE-2017-1000252 It was discovered that the Flash-Friendly File System f2fs implementation in the Linux...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3632)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3632 advisory. - mqueue: fix a use-after-free in sysmqnotify Cong Wang Orabug: 26643556 CVE-2017-11176 - ipv6: avoid overflow of offset in ip6find1stfragopt Sabri...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2017-3633)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3633 advisory. - mqueue: fix a use-after-free in sysmqnotify Cong Wang Orabug: 26643562 CVE-2017-11176 - ipv6: avoid overflow of offset in ip6find1stfragopt Sabri...