Ubuntu: Security Advisory (USN-3146-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3145-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3144-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-3145-2)

USN-3145-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3145-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3145-1 advisory. Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could...

USN-3147-1: Linux kernel vulnerabilities

Andreas Gruenbacher and Jan Kara discovered that the filesystem implementation in the Linux kernel did not clear the setgid bit during a setxattr call. A local attacker could use this to possibly elevate group privileges. CVE-2016-7097 Marco Grassi discovered that the driver for Areca RAID...

USN-3146-1: Linux kernel vulnerabilities

It was discovered that the getuserasmex implementation in the Linux kernel for x86/x8664 contained extended asm statements that were incompatible with the exception table. A local attacker could use this to gain administrative privileges. CVE-2016-9644 Andreas Gruenbacher and Jan Kara discovered...

USN-3145-1: Linux kernel vulnerabilities

Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service system crash or possibly gain privileges. CVE-2016-7425 Daxing Guo discovered a stack-based buffer overfl...

USN-3144-2: Linux kernel (OMAP4) vulnerability

Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service system crash or possibly gain privileges...

USN-3144-1: Linux kernel vulnerability

Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service system crash or possibly gain privileges...

Phoenix Contact ILC Security Bypass Vulnerability

Phoenix Contact ProConOs and MultiProg are programmable logic controllers PLCs for use in industrial PCs from the Phoenix Contact group. A security bypass vulnerability exists in the Phoenix Contact ILC PLCs, which can be exploited by an unauthenticated attacker to access read and write PLC...

Phoenix Contact ILC Authentication Bypass Vulnerability

Phoenix Contact ProConOs and MultiProg are programmable logic controllers PLCs for use in industrial PCs from the Phoenix Contact group. An authentication bypass vulnerability exists in Phoenix Contact ILC PLCs, which can be exploited by an unauthenticated attacker to gain access to the web serve...

Prompt to "Upgrade Remaining Delivery Controllers" after XenDesktop/XenApp upgrade

After upgrading site to 7.6, the controller still says the upgrade is not complete. There is only one controller and it has been upgraded but it references another server License Server as needing to be upgraded...

CVE-2016-6824

Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service device restart via crafted CAPWAP packets...

CVE-2016-6824

Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service device restart via crafted CAPWAP packets...

Code injection

Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service device restart via crafted CAPWAP packets...

CVE-2016-6824

CVE-2016-6824 affects Huawei Access Controllers AC6003, AC6005, AC6605 and ACU2 with software older than V200R006C10SPC200. Affected component: CAPWAP handling with input validation vulnerability leads to denial of service via crafted CAPWAP packets, causing device restart. Impact is network-acce...

CVE-2016-6824

Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200 allows remote authenticated users to cause a denial of service device restart via crafted CAPWAP packets...

Yokogawa STARDOM Certification Bypass Vulnerability

The Yokogawa STARDOM FCN/FCJ controller is a controller for use in network-based control systems. The Yokogawa STARDOM FCN/FCJ controller fails to require authentication for Logic Designer connections, which could be used by a remote attacker to submit a special request to control the device...

CVE-2016-4860

Yokogawa STARDOM FCN/FCJ controller R1.01 through R4.01 does not require authentication for Logic Designer connections, which allows remote attackers to reconfigure the device or cause a denial of service via a 1 stop application program, 2 change value, or 3 modify application command...