Scientific Linux Security Update : nss on SL4.x, SL5.x, SL6.x i386/x86_64

Network Security Services NSS is a set of libraries designed to support the development of security-enabled client and server applications. It was found that the Malaysia-based Digicert Sdn. Bhd. subordinate Certificate Authority CA issued HTTPS certificates with weak keys. This update renders an...

Scientific Linux Security Update : libvirt on SL5.x i386/x86_64

The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. An integer overflow flaw was found in libvirtd's RPC call handling. An attacker able to establish read-only connections to libvirtd could trigger this flaw by...

Scientific Linux Security Update : samba on SL4.x, SL5.x i386/x86_64

A flaw was found in the way Samba handled file descriptors. If an attacker were able to open a large number of file descriptors on the Samba server, they could flip certain stack bits to '1' values, resulting in the Samba server smbd crashing. CVE-2011-0719 After installing this update, the smb...

CentOS Update for libsmbclient CESA-2011:0305 centos5 x86_64

Check for the Version of libsmbclient OpenVAS Vulnerability Test CentOS Update for libsmbclient CESA-2011:0305 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

CentOS Update for samba3x CESA-2011:0306 centos5 x86_64

Check for the Version of samba3x OpenVAS Vulnerability Test CentOS Update for samba3x CESA-2011:0306 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CentOS Update for samba3x CESA-2011:0306 centos5 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

kernel: epoll: can leak file descriptors when returning -ELOOP

The epollctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLLCTLADD operations, which allows local users to cause a denial of service file-descriptor consumption and system crash via a crafted application that attempts to create a...

Linux Kernel 'fs/eventpoll.c'本地拒绝服务漏洞

Bugtraq ID: 54283 Linux Kernel是Linux操作系统的内核。 当处理epoll描述符返回值时linux内核存在一个错误，允许本地攻击者利用漏洞消耗大量CPU，造成拒绝服务攻击。 0 Linux Kernel 3.2.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.kernel.org/ The Linux Kernel is prone to a local denial-of-service vulnerability. Successful exploits will all...

UBUNTU-CVE-2012-1147

readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service file descriptor consumption via a large number of crafted XML files...

libguestfs security, bug fix, and enhancement update

1:1.16.19-1 - Rebase to libguestfs 1.16.19 resolves: rhbz719879 - Rebuild against augeas 0.9.0-3.el6 related: rhbz808662 - Fix: Don't abort inspection if mdadm.conf ARRAY doesn't have a uuid. - Switch back to git for patch management. 1:1.16.18-2 - Rebase to libguestfs 1.16.18 resolves: rhbz71987...

Ubuntu Update for lightdm USN-1382-1

Ubuntu Update for Linux kernel vulnerabilities USN-1382-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13821.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for lightdm USN-1382-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

[USN-1382-1] Light Display Manager vulnerability

========================================================================== Ubuntu Security Notice USN-1382-1 March 05, 2012 lightdm vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

USN-1382-1: Light Display Manager vulnerability

Austin Clements discovered that Light Display Manager incorrectly leaked file descriptors to child processes. A local attacker can use this to bypass intended permissions and write to the log file, cause a denial of service, or possibly have another unknown impact...

cups security and bug fix update

1:1.3.7-30 - Backported patch to fix transcoding for ASCII bug 759081, STR 3832. 1:1.3.7-29 - The imageto filters could crash with bad GIF files CVE-2011-2896, STR 3867, STR 3914, bug 752118. 1:1.3.7-28 - Web interface didn't show completed jobs for printer STR 3436, bug 625900 - Serial backend...

FreeBSD Ports: bip

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

GLSA-201201-18 : bip: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201201-18 bip: Multiple vulnerabilities Multiple vulnerabilities have been discovered in bip: Uli Schlachter reported that bip does not properly handle invalid data during authentication, resulting in a daemon crash CVE-2010-3071...

CVE-2012-0806

Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated users to execute arbitrary code via vectors involving a series of TCP connections that triggers use of many open file descriptors...

CVE-2012-0806

Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated users to execute arbitrary code via vectors involving a series of TCP connections that triggers use of many open file descriptors...

Buffer overflow

Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated users to execute arbitrary code via vectors involving a series of TCP connections that triggers use of many open file descriptors...

CVE-2012-0806

Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated users to execute arbitrary code via vectors involving a series of TCP connections that triggers use of many open file descriptors...