CVE-2015-0197

CVE-2015-0197, CVE-2015-0198, and CVE-2015-0199 pertain to IBM GPFS (General Parallel File System) across GPFS 3.4/3.5/4.1 and related IBM products. The initial sources describe: CVE-2015-0197: local attacker with non-privileged account can execute programs with root privileges (vector: local). A...

IBM General Parallel File System Bypass Authentication to Execute Code Vulnerability

The IBM General Parallel File System is a shared file system that originated from the virtual shared disk technology used on IBM SP systems. A security vulnerability exists in IBM General Parallel File System that allows remote attackers to exploit the vulnerability to bypass authentication and...

IBM General Parallel File System ROOT Privilege Execution Vulnerability

The IBM General Parallel File System is a shared file system that originated from the virtual shared disk technology used on IBM SP systems. A ROOT privilege execution vulnerability exists in IBM General Parallel File System, which could be exploited by a local attacker to execute arbitrary...

IBM General Parallel File System mmfslinux Kernel Module Denial of Service Vulnerability

The IBM General Parallel File System is a shared file system that originated from the virtual shared disk technology used on IBM SP systems. A denial of service vulnerability in the IBM General Parallel File System mmfslinux kernel module allows attackers to cause a memory crash via a specially...

[SECURITY] Fedora 21 Update: pigz-2.3.3-1.fc21

pigz, which stands for parallel implementation of gzip, is a fully functional replacement for gzip that exploits multiple processors and multiple cores to the hilt when compressing data...

[SECURITY] Fedora 20 Update: pigz-2.3.3-1.fc20

pigz, which stands for parallel implementation of gzip, is a fully functional replacement for gzip that exploits multiple processors and multiple cores to the hilt when compressing data...

IBM General Parallel File System Multiple Vulnerabilities (Windows) (POODLE)

A version of IBM General Parallel File System GPFS 3.5.x prior to 3.5.0.21 is installed on the remote Windows host. It is, therefore, affected by the following OpenSSL related vulnerabilities : - An error exists related to DTLS SRTP extension handling and specially crafted handshake messages that...

MCollective: Privilege escalation

Background MCollective is a framework to build server orchestration or parallel job execution systems. Description Two vulnerabilities have been found in MCollective: An untrusted search path vulnerability exists in MCollective CVE-2014-3248 MCollective does not properly validate server...

THC-Hydra 8.1 - Network Logon Cracker

A very fast network logon cracker which support many different services. See feature sets and services coverage page - incl. a speed comparison against ncrack and medusa.Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept...

[SECURITY] Fedora 19 Update: icecream-1.0.1-8.20140822git.fc19

Icecream is a distributed compile system. It allows parallel compiling by distributing the compile jobs to several nodes of a compile network running the icecc daemon. The icecc scheduler routes the jobs and provides status and statistics information to the icecc monitor. Each compile node can...

[SECURITY] Fedora 21 Update: icecream-1.0.1-8.20140822git.fc21

Icecream is a distributed compile system. It allows parallel compiling by distributing the compile jobs to several nodes of a compile network running the icecc daemon. The icecc scheduler routes the jobs and provides status and statistics information to the icecc monitor. Each compile node can...

CVE-2014-5897

The Parallel Mafia MMORPG aka com.perblue.pm.client application @7F070000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Information disclosure

The Parallel Mafia MMORPG aka com.perblue.pm.client application @7F070000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5897

The CVE-2014-5897 entry affects the Android app Parallel Mafia (com.perblue.pm.client). The root cause is that the application does not verify X.509 certificates from SSL servers, enabling MITM attackers to spoof servers and exfiltrate sensitive information via crafted certificates. Documented im...

CVE-2014-5699

The Parallel Kingdom MMO aka com.silvermoon.client application @7F070019 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Design/Logic Flaw

The Parallel Kingdom MMO aka com.silvermoon.client application @7F070019 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5699

The Parallel Kingdom MMO aka com.silvermoon.client application @7F070019 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5699

The CVE-2014-5699 entry concerns the Android app Parallel Kingdom MMO (package com.silvermoon.client, build @7F070019). The vulnerability is that the app does not verify X.509 certificates from SSL servers, allowing a man-in-the-middle to spoof servers and obtain sensitive information via a craft...

IBM General Parallel File System OpenSSH Memory Corruption

A version of IBM General Parallel File System GPFS that is 3.5.0.11 or later but prior to 3.5.0.19 is installed on the remote host. It is, therefore, affected by a memory corruption issue in the bundled version of OpenSSH. The issue exists due to a failure to initialize certain data structures wh...

Moscrack v2.08b - Multifarious On-demand Systems Cracker (cracking WPA keys in parallel on a group of computers)

Moscrack is a perl application designed to facilitate cracking WPA keys in parallel on a group of computers. This is accomplished by use of either Mosix clustering software, SSH or RSH access to a number of nodes. With Moscrack's new plugin framework, hash cracking has become possible. SHA256/512...