8295 matches found
Apple Fixes 81 Security Holes in iOS 5.1 including Siri and Passcode Flaws
Cupertino, California-based Apple released fixes for a bevy of security flaws in its iOS mobile operating system, including security flaws affecting the Siri personal assistant, the iOS passcode feature, and more than five dozen flaws in the WebKit Web rendering enging used by both iOS and Androi...
Mandriva Update for rpm-mandriva-setup MDVA-2012:024 (rpm-mandriva-setup)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
kernel: xfs: potential buffer overflow in xfs_readlink()
Buffer overflow in the xfsreadlink function in fs/xfs/xfsvnodeops.c in XFS in the Linux kernel 2.6, when CONFIGXFSDEBUG is disabled, allows local users to cause a denial of service memory corruption and crash and possibly execute arbitrary code via an XFS image containing a symbolic link with a...
kernel-rt: stack corruption when task gets scheduled out using the debug stack
The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service stack corruption and panic via a crafted application that triggers certain lock contention...
Microsoft SQL Server Payload Execution
This module executes an arbitrary payload on a Microsoft SQL Server by using the "xpcmdshell" stored procedure. Currently, three delivery methods are supported. First, the original method uses Windows 'debug.com'. File size restrictions are avoided by incorporating the debug bypass method present...
OpenSSH < 5.7 Multiple Vulnerabilities
Binary data 6300.prm...
CVE-2012-0814
The authparseoptions function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorizedkeys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user accoun...
DEBIAN-CVE-2012-0814
The authparseoptions function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorizedkeys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user accoun...
Cross site scripting
The authparseoptions function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorizedkeys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user accoun...
CVE-2012-0814
The authparseoptions function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorizedkeys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user accoun...
CVE-2012-0814
The authparseoptions function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorizedkeys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user accoun...
PT-2012-1159
Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 5.7 OpenSSH versions prior to 6.6 p1-r1 Description The issue allows remote authenticated users to obtain potentially sensitive information by reading debug messages containing authorized keys command options. This ca...
Lighttpd Proof of Concept code for CVE-2011-4362
No description provided by source. 29 of November 2011 was the date of public disclosure interesting vulnerability in lighttpd server. Xi Wang discovered that modauth for this server does not propely decode characters from the extended ASCII table. The vulnerable code is below: "src/httpauth.c:67...
Hardcoded credentials
The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771 and 140CPU65 modules, the Premium TSXETY and TSXP57 modules, the M340 BMXNOE01 and BMXP3420 modules, and the STB DIO STBNIC2212 and STBNIP2 modules, uses hardcoded passwords for the 1 AUTCSE, 2 AUTCSE, 3 fdrusers, 4...
CVE-2011-4859
The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771 and 140CPU65 modules, the Premium TSXETY and TSXP57 modules, the M340 BMXNOE01 and BMXP3420 modules, and the STB DIO STBNIC2212 and STBNIP2 modules, uses hardcoded passwords for the 1 AUTCSE, 2 AUTCSE, 3 fdrusers, 4...
Multiple Vulnerabilities Haunt Long List of PLC Modules
A long list of industrial-control modules manufactured by Schneider Electric and used to control operations at various industrial facilities contain multiple weaknesses and vulnerabilities that could allow an attacker to modify the firmware, login remotely and run arbitrary code on the vulnerable...
Schneider Electric Quantum Ethernet Module Hardcoded Credentials Authentication Bypass Vulnerability
Schneider Electric Quantum Ethernet Module is prone to an authentication- bypass vulnerability. Attackers can exploit this issue to gain access to the Telnet port service, Windriver Debug port service, and FTP service. Attackers can exploit this vulnerability to execute arbitrary code within the...
DEBIAN-CVE-2011-4074
Cross-site scripting XSS vulnerability in cmd.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via an debug command...
PT-2011-4840 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel version 2.6 Description: The issue is related to a buffer overflow in the xfs readlink function, which can cause memory corruption and a crash, potentially allowing the execution of arbitrary code. This occurs when CONFIG XFS DEB...
Opera Browser v11.52 - Stack Buffer Overflow Vulnerability
Document Title: =============== Opera Browser v11.52 - Stack Buffer Overflow Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=299 CNNVD-201110-708 http://www.cnnvd.org.cn/vulnerability/show/cvid/2011100708 Release Date: =============...