1926 matches found
rpcbind, LIBTIRPC and NTIRPC Denial of Service Vulnerabilities
rpcbind, LIBTIRPC, and NTIRPC are all applications used in Linux. rpcbind is a server that translates RPC program numbers into generic addresses; LIBTIRPC is a package that contains libraries to support programs that use the Remote Procedure Call RPC API; and NTIRPC is a stand-alone RPC library f...
DEBIAN-CVE-2017-8779
rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service memory consumption with no subsequent free via a...
UBUNTU-CVE-2017-8779
rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service memory consumption with no subsequent free via a...
EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1057)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer...
Cisco Unified Communications Manager UDP Handling Denial of Service Vulnerability
Cisco Unified Communications Manager is an enterprise-class IP telephony call processing system. Cisco Unified Communications Manager has a security vulnerability in the Session Initiation Protocol SIP UDP throttling process, which could be exploited by a remote attacker to submit a special reque...
kernel: use after free in dccp protocol
A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
DEBIAN-CVE-2016-10229
udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSGPEEK flag...
ALPINE-CVE-2016-10229
udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSGPEEK flag...
The vulnerability of Cisco Adaptive Security Appliance’s microprogramming software allows a perpetrator to bypass the access control list configuration.
The vulnerabilities of the Border Gateway Protocol BGP and Bidirectional Forwarding Detection BFD components of the Cisco Adaptive Security Appliance software-related networking devices are related to deficiencies in access control for certain functions. Exploiting these vulnerabilities can allow...
Virtuozzo 7 : readykernel-patch (VZA-2017-017)
According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementati...
CVE-2017-3867
A vulnerability in the Border Gateway Protocol BGP Bidirectional Forwarding Detection BFD implementation of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to bypass the access control list ACL for specific TCP and UDP traffic. More Information:...
PT-2017-4330 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.11.3 Description: The issue is related to the NFSv4 server in the Linux kernel, which does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packe...
Important kernel security update: Virtuozzo ReadyKernel patch 14.0 for kernels 3.10.0-327.18.2.vz7.15.2 (Virtuozzo 7.0.0), 3.10.0-327.36.1.vz7.18.7 (Virtuozzo 7.0.1), and 3.10.0-327.36.1.vz7.20.18 (Virtuozzo 7.0.3)
The cumulative Virtuozzo ReadyKernel patch updated with security fixes. The patch applies to Virtuozzo versions 7.0.0, 7.0.1, and 7.0.3. Vulnerability id: CVE-2017-6074 A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB...
kernel: use after free in dccp protocol
A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...
CentOS Update for kernel CESA-2017:0386_01 centos7
Check the version of kernel SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882674";...
Amazon Linux AMI : kernel (ALAS-2017-805)
A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...
RedHat Update for kernel RHSA-2017:0293-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for kernel RHSA-2017:0294-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 7.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...