Ruby随机数字生成本地拒绝服务漏洞

BUGTRAQ ID: 49015 CVE ID: CVE-2011-2686 Ruby是一种功能强大的面向对象的脚本语言。 Ruby在处理随机数字生成的实现上存在本地拒绝服务漏洞，本地攻击者可利用此漏洞造成拒绝服务。 Yukihiro Matsumoto Ruby 1.8.7 x 厂商补丁： Yukihiro Matsumoto ------------------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.ruby-lang.org/ !/usr/bin/python Title: Omnicom Alpha 4.0e LPD Serv...

Debian: Security Advisory (DSA-2270-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: kernel: net_sched: fix qdisc_notify()

The qdiscnotify function in net/sched/schapi.c in the Linux kernel before 2.6.35 does not prevent tcfillqdisc function calls referencing builtin aka CQFBUILTIN Qdisc structures, which allows local users to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified...

kernel: IB/uverbs: Handle large number of entries in poll CQ

The ibuverbspollcq function in drivers/infiniband/core/uverbscmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially fille...

Code injection

IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does not use the CRL Distribution Points CDP certificate extension, which might allow man-in-the-middle attackers to spoof an SSL partner via a revoked certificate for a 1 client, 2 queue manager, or 3 application...

qemu-kvm: OOB memory access caused by negative vq notifies

The virtioqueuenotify in qemu-kvm 0.14.0 and earlier does not properly validate the virtqueue number, which allows guest users to cause a denial of service guest crash and possibly execute arbitrary code via a negative number in the Queue Notify field of the Virtio Header, which bypasses a signed...

Debian DSA-2270-1 : qemu-kvm - programming error

It was discovered that incorrect sanitising of virtio queue commands in KVM, a solution for full virtualization on x86 hardware, could lead to denial of service or the execution of arbitrary code. The oldstable distribution lenny is not affected by this problem. %NASLMINLEVEL 70300 C Tenable...

DSA-2270-1 qemu-kvm - programming error

Bulletin has no description...

RHEL 6 : Red Hat Enterprise Linux 6.1 kernel (RHSA-2011:0542)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0542 advisory. - kvm: arch/x86/kvm/x86.c: reading uninitialized stack memory CVE-2010-3881 - kernel: unlimited socket backlog DoS CVE-2010-4251,...

kernel: bonding: Incorrect TX queue offset

The bondselectqueue function in drivers/net/bonding/bondmain.c in the Linux kernel before 2.6.39, when a network device with a large number of receive queues is installed but the default txqueues setting is used, does not properly restrict queue indexes, which allows remote attackers to cause a...

kernel: IB/uverbs: Handle large number of entries in poll CQ

Integer overflow in the ibuverbspollcq function in drivers/infiniband/core/uverbscmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact via a large value of a certain structure member...

targets-sniffer NSE Script

Sniffs the local network for a configurable amount of time 10 seconds by default and prints discovered addresses. If the newtargets script argument is set, discovered addresses are added to the scan queue. Requires root privileges. Either the targets-sniffer.iface script argument or -e Nmap optio...

CVE-2008-7283

Open Ticket Request System OTRS before 2.2.6, when customer group support is enabled, allows remote authenticated users to bypass intended access restrictions and perform web-interface updates to tickets by leveraging queue read permissions...

DEBIAN-CVE-2010-4768

Open Ticket Request System OTRS before 2.3.5 does not properly disable hidden permissions, which allows remote authenticated users to bypass intended queue access restrictions in opportunistic circumstances by visiting a ticket, related to a certain ordering of permission-set and permission-remov...

CVE-2008-7283

Open Ticket Request System OTRS before 2.2.6, when customer group support is enabled, allows remote authenticated users to bypass intended access restrictions and perform web-interface updates to tickets by leveraging queue read permissions...

DEBIAN-CVE-2008-7282

Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open Ticket Request System OTRS before 2.2.6, when the CustomerPanelOwnSelection and CustomerGroupSupport options are enabled, allows remote authenticated users to bypass intended access restrictions, and perform certain 1 list and 2...

DEBIAN-CVE-2010-4763

The ACL-customer-status Ticket Type setting in Open Ticket Request System OTRS before 3.0.0-beta1 does not restrict the ticket options after an AJAX reload, which allows remote authenticated users to bypass intended ACL restrictions on the 1 Status, 2 Service, and 3 Queue via selections...

CVE-2009-5056

Open Ticket Request System OTRS before 2.4.0-beta2 does not properly enforce the moveinto permission setting for a queue, which allows remote authenticated users to bypass intended access restrictions and read a ticket by watching this ticket, and then selecting the ticket from the watched-ticket...

CVE-2008-7283

Open Ticket Request System OTRS before 2.2.6, when customer group support is enabled, allows remote authenticated users to bypass intended access restrictions and perform web-interface updates to tickets by leveraging queue read permissions...

CVE-2009-5056

Open Ticket Request System OTRS before 2.4.0-beta2 does not properly enforce the moveinto permission setting for a queue, which allows remote authenticated users to bypass intended access restrictions and read a ticket by watching this ticket, and then selecting the ticket from the watched-ticket...