Ubuntu: Security Advisory (USN-2590-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2587-1)

A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service kernel crash or to potentially execute code with kernel privileges. CVE-2015-2666 It was discovered that the Linux kernel's IPv6 networking...

Ubuntu 14.10 : linux vulnerabilities (USN-2590-1)

Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service host crash. CVE-2015-2150 A stack overflow was discovered in the the microcode loader for...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2588-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2588-1 advisory. A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of...

Ubuntu 12.04 LTS : linux vulnerability (USN-2585-1)

It was discovered that the Linux kernel's IPv6 networking stack has a flaw that allows using route advertisement RA messages to set the 'hoplimit' to values that are too low. An unprivileged attacker on a local network could exploit this flaw to cause a denial of service IPv6 messages dropped. No...

USN-2590-1: Linux kernel vulnerabilities

Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service host crash. CVE-2015-2150 A stack overflow was discovered in the the microcode loader for...

USN-2589-1: Linux kernel (Utopic HWE) vulnerabilities

Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service host crash. CVE-2015-2150 A stack overflow was discovered in the the microcode loader for...

USN-2588-1: Linux kernel vulnerabilities

A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service kernel crash or to potentially execute code with kernel privileges. CVE-2015-2666 It was discovered that the Linux kernel's IPv6 networking...

USN-2587-1: Linux kernel (Trusty HWE) vulnerabilities

A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service kernel crash or to potentially execute code with kernel privileges. CVE-2015-2666 It was discovered that the Linux kernel's IPv6 networking...

USN-2586-1: Linux kernel (OMAP4) vulnerability

It was discovered that the Linux kernel's IPv6 networking stack has a flaw that allows using route advertisement RA messages to set the 'hoplimit' to values that are too low. An unprivileged attacker on a local network could exploit this flaw to cause a denial of service IPv6 messages dropped...

kernel: net: slab corruption from use after free on INIT collisions

A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system...

Important: Red Hat Security Advisory: openstack-packstack and openstack-puppet-modules update

Updated openstack-packstack and openstack-puppet-modules packages that fix one security issue and adds one enhancement are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security...

Important: Red Hat Security Advisory: openstack-packstack and openstack-puppet-modules update

Updated openstack-packstack and openstack-puppet-modules packages that fix one security issue and adds one enhancement are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security...

Report Recommends Series of Cybersecurity Changes at FAA

The Federal Aviation Administration needs to upgrade and update its information security capabilities–including building a threat-modeling capability and implementing federal security guidelines–in order to ensure the safety of the nation’s aviation infrastructure, according to a new report by th...

Linux Kernel SCTP Chunk Parameter Padding Denial of Service (CVE-2014-3673)

A denial of service vulnerability has been reported in the SCTP networking module of the Linux kernel. The vulnerability is due to an error while processing crafted chunks. A remote, unauthenticated attacker can exploit this vulnerability by sending crafted SCTP packets to a vulnerable system. A...

Important: Red Hat Security Advisory: openstack-packstack and openstack-puppet-modules security and bug fix update

Updated openstack-packstack and openstack-puppet-modules packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 6.0. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring...

Cisco IOS XE Autonomic Networking Infrastructure Multiple Vulnerabilities (cisco-sa-20150325-ani)

According to its self-reported version, the version of Cisco IOS running on the remote host is affected by the following vulnerabilities : - A flaw exists in the ANI due to failing to properly validate Autonomic Networking AN messages. This could allow a remote attacker to spoof an Autonomic...

Cisco IOS Autonomic Networking Infrastructure Multiple Vulnerabilities (cisco-sa-20150325-ani)

According to its self-reported version, the Cisco IOS software running on the remote device is affected by the following vulnerabilities in the Autonomic Networking Infrastructure ANI : - A flaw exists in the ANI implementation due to failing to properly validate Autonomic Networking AN response...

iOS, OS X Library AFNetwork Patches MiTM Vulnerability

Until yesterday, a popular networking library for iOS and OS X used in apps such as Pinterest and Simple was susceptible to SSL man-in-the-middle MiTM attacks. The developer behind the framework AFNetworking on Thursday pushed a fix for the issue, a logic flaw. The flaw had lingered in the wild f...

Spybot Search & Destroy 1.6.2 Security Center Service - Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits Spybot Search & Destroy 1.6.2 Security Center Service Privilege Escalation Vendor: Safer-Networking Ltd. Product web page: http://www.safer-networking.org Affected version: 1.6.2 Summary: Spybot – Search & Destroy S&D is a spyware and adware...