841 matches found
USN-2141-1: Linux kernel (OMAP4) vulnerabilities
Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...
USN-2135-1: Linux kernel (Quantal HWE) vulnerabilities
Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...
Ubuntu: Security Advisory (USN-2113-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 13.10 : linux vulnerabilities (USN-2117-1)
Saran Neti reported a flaw in the ipv6 UDP Fragmentation Offload UFI in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service panic. CVE-2013-4563 Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker...
Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2113-1)
Saran Neti reported a flaw in the ipv6 UDP Fragmentation Offload UFI in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service panic. CVE-2013-4563 Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker...
USN-2113-1: Linux kernel (Saucy HWE) vulnerabilities
Saran Neti reported a flaw in the ipv6 UDP Fragmentation Offload UFI in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service panic. CVE-2013-4563 Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker...
Updated kernel-linus package fixes multiple vulnerabilities
This kernel update provides an update to the 3.10 longterm branch, currently 3.10.28 and fixes the following security issues: The ath9khtcsetbssidmask function in drivers/net/wireless/ath/ath9k/htcdrvmain.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC...
MGASA-2014-0043 Updated kernel-linus package fixes multiple vulnerabilities
This kernel update provides an update to the 3.10 longterm branch, currently 3.10.28 and fixes the following security issues: The ath9khtcsetbssidmask function in drivers/net/wireless/ath/ath9k/htcdrvmain.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC...
DEBIAN-CVE-2013-4579
The ath9khtcsetbssidmask function in drivers/net/wireless/ath/ath9k/htcdrvmain.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after...
CVE-2013-4579
The ath9khtcsetbssidmask function in drivers/net/wireless/ath/ath9k/htcdrvmain.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after...
Fedora Update for leptonica FEDORA-2013-1490
Check for the Version of leptonica OpenVAS Vulnerability Test Fedora Update for leptonica FEDORA-2013-1490 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
JIRA REST API makes it easy to harvest email addresses
The JIRA REST API makes it easy to harvest email addresses as an anonymous user. 1. Go to https://jira.atlassian.com/browseJRA-22053 as anonymous. Note that you can't extract email addresses from this page unless the user has used an email address as her username. 2. Now go to...
Satanic Socks Server: RDot edition
Satanic Socks Server - sss.c v0.66 by drmist/STNC mod for rdot.org v1.1 Отличия от Satanic Socks Server v0.66.170506 sss.c by drmist\STNC: -убрана поддержка windows +добавлено ограничение на подключения только с заданного IP +маскировка списке процессов +режим агрессивного закрытия отработавших...
Is It Time to Stop Password Masking?
From SANS AppSec Street Fighter Blog Jason Montgomery I just ran across Jakob Nielsen‘s Alert Box post titled Stop Password Masking and wanted to provide some feedback from a security vs. usability perspective. I have great respect for Nielsen’s contribution to the usability of the web. Back in t...
[NEWS] Wireshark DNP3 Dissector Infinite Loop Vulnerability
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
rt-sa-2005-15.txt
Advisory: BSD Securelevels: Circumventing protection of files flagged immutable By mounting an arbitrary filesystem, it is possible to mask files flagged immutable with any user-defined files. Details ======= Product: FreeBSD up to 6.0-STABLE and 7.0-CURRENT OpenBSD up to 3.8 DragonFly up to 1.2...
[Full-disclosure] BSD Securelevels: Circumventing protection of files flagged immutable
Advisory: BSD Securelevels: Circumventing protection of files flagged immutable By mounting an arbitrary filesystem, it is possible to mask files flagged immutable with any user-defined files. Details ======= Product: FreeBSD up to 6.0-STABLE and 7.0-CURRENT OpenBSD up to 3.8 DragonFly up to 1.2...
CVE-2005-4351
The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running...
CVE-2004-1802
Chat Anywhere 2.72 and earlier allows remote attackers to hide their IP address by using %00 before the nickname, which causes the IP address to be displayed as $IP$ on the administration web page...
CVE-2002-1431
Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the source IP address of internal packets to that of the router's external interface when forwarding a request from an internal host to an internal web server, which allows remote attackers to hide which host is being used to acce...