8606 matches found
kernel: crypto: info leaks in report API
The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability...
Kernel: xfrm_user: info leak in copy_to_user_auth
The copytouserauth function in net/xfrm/xfrmuser.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability...
QNX Multiple Vulnerabilities
OVERVIEW Independent researcher Luigi Auriemma identified a stack-based buffer overflow and a buffer copy without checking size of input vulnerabilities in QNX’s Phrelay, Phwindows, and Phditto products without coordination with ICS-CERT, the vendor, or any other coordinating entity known to...
CVE-2013-0926
Google Chrome before 26.0.1410.43 does not properly handle active content in an EMBED element during a copy-and-paste operation, which allows user-assisted remote attackers to have an unspecified impact via a crafted web site...
Code injection
Google Chrome before 26.0.1410.43 does not properly handle active content in an EMBED element during a copy-and-paste operation, which allows user-assisted remote attackers to have an unspecified impact via a crafted web site...
CVE-2013-0926
Google Chrome before 26.0.1410.43 does not properly handle active content in an EMBED element during a copy-and-paste operation, which allows user-assisted remote attackers to have an unspecified impact via a crafted web site...
CVE-2013-0926
CVE-2013-0926 affects Google Chrome prior to 26.0.1410.43. The issue arises when copying and pasting active content in an EMBED element, enabling a user‑assisted remote attacker to trigger an unspecified impact on a crafted site. The provided documents do not specify a confirmed impact or a patch...
Deduplication Appliance Best Practices
To learn about the Performance Impacts of Deduplicated Storage Systems, visit KB2660. Purpose This article provides links to vendor-provided best practices documents and vendor-specific configuration advice found in the Veeam Backup & Replication User Guide. It also offers general recommendations...
Bo library network to any user of the password reset vulnerability, non-violent crack-vulnerability warning-the black bar safety net
Brief description: Bo library network-the most varieties of Chinese online bookstore, and the presence of any user of the password reset vulnerability, or non-mainstream. Don't burp suite, no violence, just gently change you can reset any user password. To predict the details, please see the...
DEBIAN-CVE-2013-2546
The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability...
DEBIAN-CVE-2013-2548
The cryptoreportone function in crypto/cryptouser.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the...
UBUNTU-CVE-2013-2546
The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability...
PsExec NTDS.dit And SYSTEM Hive Download Utility
This module authenticates to an Active Directory Domain Controller and creates a volume shadow copy of the %SYSTEMDRIVE%. It then pulls down copies of the ntds.dit file as well as the SYSTEM hive and stores them. The ntds.dit and SYSTEM hive copy can be used in combination with other tools for...
CentOS Update for openssh CESA-2013:0519 centos6
Check for the Version of openssh OpenVAS Vulnerability Test CentOS Update for openssh CESA-2013:0519 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
CentOS 6 : openssh (CESA-2013:0519)
Updated openssh packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...
UBUNTU-CVE-2012-6538
The copytouserauth function in net/xfrm/xfrmuser.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability...
Scientific Linux Security Update : openssh on SL6.x i386/x86_64 (20130221)
Due to the way the pamsshagentauth PAM module was built in Scientific Linux 6, the glibc's error function was called rather than the intended error function in pamsshagentauth to report errors. As these two functions expect different arguments, it was possible for an attacker to cause an...
openssh, pam_ssh_agent_auth security update
CentOS Errata and Security Advisory CESA-2013:0519 Updated openssh packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A...
openchange security, bug fix and enhancement update
evolution-mapi 0.28.3-12 - Add patch for RH bug 903241 Double-free on message copy/move 0.28.3-11 - Add patch for RH bug 902932 Cannot connect with latest samba 0.28.3-10 - Drop multilib by obsoleting evolution-mapi 0.28.3-9 RH bug 886914. 0.28.3-9 - Adapt to OpenChange 1.0 RH bug 767678. 0.28.3-...
CVE-2013-0895
Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on Mac OS X, does not properly handle pathnames during copy operations, which might make it easier for remote attackers to execute arbitrary programs via unspecified vectors...