Veeam Cloud Connect - Compiling Provider/Tenant Logs for Support Cases

Veeam Service Provider Console 8 New Feature Starting in Veeam Service Provider Console 8, it is now possible for Service Providers to create a support case from within the Veeam Service Provider Console console. This new feature also includes automatic log collection during case creation. Purpos...

USN-2843-3: Linux kernel (Raspberry Pi 2) vulnerabilities

郭永刚 discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl on /dev/ppp could cause a denial of service system crash. CVE-2015-7799 Dmitry Vyukov discovered that the Linux kernel's keyring...

USN-2843-2 linux-lts-wily vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

F5 Networks BIG-IP : Java commons-collections library vulnerability (K30518307)

CVE-2015-4852 Java applications that have an endpoint that accepts serialized Java objects, an attacker can combine serializable collections to create arbitrary remote code execution. Based on the FoxGlove, an attack can be done via RMI or HTTP. The vulnerability is actually in InvokerTransformer...

kernel: Keyrings crash triggerable by unprivileged user

It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system...

USN-2829-2 linux-lts-vivid vulnerabilities

It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service system crash. CVE-2015-5283 Dmitry Vyukov discovered that the Linux kernel's keyring handler...

Understanding Garbage Collection and Coalesce Process Troubleshooting

Summary In most cases, customers have experienced issues with coalescing snapshots after deleting snapshots. At times we do notsee the reclaimed space once a snapshot is deleted. Even with an SR rescan to manually get the Garbage Collection GC to kick-in does not reclaim space. This article...

Security Advisory - DoS Vulnerability in Huawei LogCenter

Huawei LogCenter has a DoS vulnerability. After login to the LogCenter, an attacker can add abnormal device information to the log collection module. The LogCenter system does not verify input device information. As a result, the log collection module denies services. Vulnerability ID:...

USN-2824-1 linux-lts-utopic vulnerability

Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service system crash...

USN-2823-1 linux vulnerabilities

It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service system crash. CVE-2015-5283 Dmitry Vyukov discovered that the Linux kernel's keyring handler...

Today NSA has Stopped its Bulk Phone Surveillance Program

Rejoice! From this morning, you can call freely to anyone, talk anything without any fear of being spied by the United States National Security Agency NSA, as the agency is not allowed to collect bulk phone records. Until now we all are aware of the NSA's bulk phone surveillance program – thanks ...

[SECURITY] [DLA 352-1] libcommons-collections3-java security update

Package : libcommons-collections3-java Version : 3.2.1-4+deb6u1 The Apache commons collection suffered from security issues, making applications to accept serialized objects from untrusted sources. Remote attackers might take advantage of these issues to execute arbitrary Java functions and even...

DLA-352-1 libcommons-collections3-java - security update

Bulletin has no description...

OpenJDK: incorrect access control context used in DGCImpl (RMI, 8080688)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883...

X (Formerly Twitter): Add tweet to collection CSRF

Hi Team, I have found a CSRF vulnerability which force victim to add tweets in his collection. HTML POC : Before using this POC change the Collection ID to your collection ID and you will see that tweet will be added into your collection.You can Also add so many tweets in one request by adding...

GNU Compiler Collection libstdc++ Component Random Number Predictability Vulnerability

The GNU Compiler Collection a.k.a. GCC is a compiler system developed by the GNU Project to support multiple programming languages. A security vulnerability exists in the class 'std::randomdevice' in the libstdc++ component of GCC versions prior to 4.9.4. Due to the program failing to properly...

CVE-2015-5276

The std::randomdevice class in libstdc++ in the GNU Compiler Collection aka GCC before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors...

CVE-2015-5276

The std::randomdevice class in libstdc++ in the GNU Compiler Collection aka GCC before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors...

CVE-2015-5276

CVE-2015-5276 : The std::random_device class in libstdc++ (GCC) before 4.9.4 does not properly handle short reads from blocking sources, which could allow context-dependent attackers to predict random values via unspecified vectors. Affected: GCC/libstdc++ prior to 4.9.4. Root cause: inadequate h...

CVE-2015-5276

The std::randomdevice class in libstdc++ in the GNU Compiler Collection aka GCC before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors...