Minix 3.3.0 - Remote TCPIP Stack Denial of Service

Minix 3.3.0 - Remote TCPIP Stack Denial of Service / ------------------------------------------------------- ||------+ MINIX =--|| ||--= Nov 2014 =--|| ||--= Mexico =--|| -- MINIX IS PRONE TO DENIAL OF SERVICE IN THE TCP/IP STACK /service/inet BY SENDING A SINGLE TCP PACKET WITH A MALFORMED TCP...

USN-2409-1: QEMU vulnerabilities

Laszlo Ersek discovered that QEMU incorrectly handled memory in the vga device. A malicious guest could possibly use this issue to read arbitrary host memory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. CVE-2014-3615 Xavier Mehrenberger and Stephane Duverger discovered that QEMU...

Microsoft Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/local/windowskernel' require 'rex' class Metasploit3 Msf::Exploit::Local Rank =...

kdenetwork security update

CentOS Errata and Security Advisory CESA-2014:1827 Updated kdenetwork packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

RHEL 7 : kdenetwork (RHSA-2014:1827)

Updated kdenetwork packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...

Moderate: Red Hat Security Advisory: kdenetwork security update

Updated kdenetwork packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...

Moderate: Red Hat Security Advisory: openstack-neutron security, bug fix, and enhancement update

Updated openstack-neutron packages that fix one security issue, several bugs, and add multiple enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A...

Moderate: Red Hat Security Advisory: openstack-neutron security, bug fix, and enhancement update

Updated openstack-neutron packages that fix one security issue, several bugs, and add multiple enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A...

[SECURITY] [DSA 3060-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3060-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 31, 2014 http://www.debian.org/security/faq -...

Zarp - Local Network Attack Framework

Zarp is a network attack tool centered around the exploitation of local networks. This does not include system exploitation, but rather abusing networking protocols and stacks to take over, infiltrate, and knock out. Sessions can be managed to quickly poison and sniff multiple systems at once,...

Moderate: Red Hat Security Advisory: openstack-neutron security and bug fix update

Updated openstack-neutron packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...

Microsoft Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/local/windowskernel' require 'rex' class Metasploit3 'Microsoft Bluetooth Personal Area Networking BthPan.sys Privilege...

Microsoft Bluetooth Personal Area Networking - 'BthPan.sys' Local Privilege Escalation (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/local/windowskernel' require 'rex' class Metasploit3 'Microsoft Bluetooth Personal Area Networking BthPan.sys Privilege...

Cisco IOS XE Software Autonomic Networking Infrastructure Routing Protocol for Low-Power and Lossy Networks Vulnerability

A vulnerability in the IPv6 Routing Protocol for Low-Power and Lossy Networks RPL of Cisco IOS XE could allow an unauthenticated, adjacent attacker to inject routes into the autonomic control plane ACP. The vulnerability is due to RPL being active on ACP as well as the external Autonomic Networki...

Cisco IOS XE Software Autonomic Networking Infrastructure Certificate Validation Vulnerability

A vulnerability in certificate validation for Autonomic Networking Infrastructure ANI of Cisco IOS XE Software could allow an unauthenticated, remote attacker to masquerade as another device. The vulnerability is due to incomplete certificate validation. An attacker could exploit this vulnerabili...

Cisco IOS XE Software Autonomic Networking Infrastructure Certificate Chain Validation Vulnerability

A vulnerability in certificate validation for Autonomic Network Infrastructure ANI of Cisco IOS XE Software could allow an unauthenticated, remote attacker to provide an invalid message and have the ANI device accept it. The vulnerability is due to incomplete certificate validation. An attacker...

CVE-2014-3405

Cisco IOS XE enables the IPv6 Routing Protocol for Low-Power and Lossy Networks aka RPL on both the Autonomic Control Plane ACP and external Autonomic Networking Infrastructure ANI interfaces, which allows remote attackers to conduct route-injection attacks via crafted RPL advertisements on an AN...

Design/Logic Flaw

The Autonomic Networking Infrastructure ANI component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to spoof devices via crafted messages, aka Bug ID CSCuq22647...

Design/Logic Flaw

The Autonomic Networking Infrastructure ANI component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to trigger acceptance of an invalid message via crafted messages, aka Bug ID CSCuq22677...

CVE-2014-3405

Cisco IOS XE enables the IPv6 Routing Protocol for Low-Power and Lossy Networks aka RPL on both the Autonomic Control Plane ACP and external Autonomic Networking Infrastructure ANI interfaces, which allows remote attackers to conduct route-injection attacks via crafted RPL advertisements on an AN...