USN-2932-1: Linux kernel (Vivid HWE) vulnerabilities

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

USN-2929-2: Linux kernel (Trusty HWE) vulnerabilities

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

MGASA-2016-0089 Updated perl-FCGI packages fix CVE-2012-6687

Updated fcgi packages fix security vulnerability: FCGI does not perform range checks for file descriptors before use of the FDSET macro. This FDSET macro could allow for more than 1024 total file descriptors to be monitored in the closing state. This may allow remote attackers to cause a denial o...

Ubuntu: Security Advisory (USN-2908-5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Heap overflow

The 1 roamingread and 2 roamingwrite functions in roamingcommon.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service heap-based...

Scientific Linux Security Update : squid on SL7.x x86_64 (20151119)

It was found that Squid configured with client-first SSL-bump did not correctly validate X.509 server certificate host name fields. A man-in- the-middle attacker could use this flaw to spoof a Squid server using a specially crafted X.509 certificate. CVE-2015-3455 This update fixes the following...

glibc: getaddrinfo() writes DNS queries to random file descriptors under high load

It was discovered that, under certain circumstances, glibc's getaddrinfo function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application...

PT-2015-6840 · Red Hat +1 · Libreport +2

Name of the Vulnerable Software and Affected Versions: libreport versions 2.0.7 through 2.6.3 Description: The issue allows remote attackers to obtain sensitive information via unspecified vectors related to the backtrace, cmdline, environ, open fds, maps, smaps, hostname, remote, ks.cfg, or...

glibc: getaddrinfo() writes DNS queries to random file descriptors under high load

It was discovered that, under certain circumstances, glibc's getaddrinfo function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application...

[SECURITY] Fedora 23 Update: tubo-5.0.15-3.fc23

The Libtubo library is small and simple function set to enable a process to run any other process in the background and communicate via the std-out, std-err and std-in file descriptors. This library is used by Rodent file-manager but is also available here for other programs to use freely...

CVE-2003-1307

The modphp module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: th...

Cisco Email Security Appliance File Descriptor System Overload Vulnerability

The Cisco Email Security Appliance is a widely used email encryption gateway that seamlessly encrypts, decrypts, and digitally signs confidential email. A security vulnerability exists in the Cisco Email Security Appliance that allows remote attackers to exploit the vulnerability by submitting a...

Debian DSA-3364-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. - CVE-2015-8215 It was discovered that NetworkManager would set IPv6 MTUs based on the values received in IPv6 RAs Router Advertisements, without sufficiently validating...

[SECURITY] [DSA 3364-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3364-1 [email protected] https://www.debian.org/security/ Ben Hutchings September 21, 2015 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-3364-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Vulnerabilities of the Android operating system that allow a hacker to escalate their privileges or cause service failures

The numerous vulnerabilities of the Android operating system are related to integer overflows. Exploiting these vulnerabilities can allow attackers to enhance their privileges or cause service failures by sending large amounts of file descriptors or integer values...

Docker Container Symbolic Link Directory Traversal Elevation of Privilege Vulnerability

Docker is an open source application container engine that allows developers to package their applications as well as dependency packages into a portable container and then distribute it to any popular Linux machine, also enabling virtualization. Docker suffers from a security vulnerability when...

MGASA-2015-0184 Updated fcgi packages fix CVE-2012-6687

Updated fcgi packages fix security vulnerability: FCGI does not perform range checks for file descriptors before use of the FDSET macro. This FDSET macro could allow for more than 1024 total file descriptors to be monitored in the closing state. This may allow remote attackers to cause a denial o...

Updated fcgi packages fix CVE-2012-6687

Updated fcgi packages fix security vulnerability: FCGI does not perform range checks for file descriptors before use of the FDSET macro. This FDSET macro could allow for more than 1024 total file descriptors to be monitored in the closing state. This may allow remote attackers to cause a denial o...

glibc: getaddrinfo() writes DNS queries to random file descriptors under high load

It was discovered that, under certain circumstances, glibc's getaddrinfo function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application...