kernel: stack disclosure in binfmt_script load_script()

The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

kernel: security and bugfix update (important)

The Linux kernel was updated to fix various bugs and security issues: CVE-2013-0871: Race condition in the ptrace functionality in the Linux kernel allowed local users to gain privileges via a PTRACESETREGS ptrace system call in a crafted application, as demonstrated by ptracedeath. CVE-2013-0160...

Nmap NSE 6.01: dns-random-txid

Checks a DNS server for the predictable-TXID DNS recursion vulnerability. Predictable TXID values can make a DNS server vulnerable to cache poisoning attacks see CVE-2008-1447. The script works by querying txidtest.dns-oarc.net see https://www.dns- oarc.net/oarc/services/txidtest. Be aware that a...

Nmap NSE 6.01: dns-recursion

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE 6.01: dns-recursion

Checks if a DNS server allows queries for third-party names. It is expected that recursion will be enabled on your own internal nameservers. OpenVAS Vulnerability Test $Id: gbnmap6dnsrecursion.nasl 7148 2017-09-15 13:01:14Z cfischer $ Autogenerated NSE wrapper Authors: NSE-Script: Felix Groebert...

Unbreakable Enterprise kernel security and bug fix update

2.6.39-400.17.1 - This is a fix on dlmcleanmasterlist Xiaowei.Hu - RDS: fix rds-ping spinlock recursion jeff.liu Orabug: 16223050 - vhost: fix length for cross region descriptor Michael S. Tsirkin Orabug: 16387183 CVE-2013-0311 - kabifix: block/scsi: Allow request and error handling timeouts to b...

CVE-2012-4530

The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

DEBIAN-CVE-2012-4530

The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

Design/Logic Flaw

The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

CVE-2012-4530

The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

SOL14201 - BIND denial-of-service attack CVE-2012-5166/CVE-2012-4244

Recommended Action To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. To mitigate this vulnerability, you can disable recursion of the DNS server. To do so, perform the following procedure: Impact of action...

Unbreakable Enterprise kernel security update

2.6.32-300.39.4 - exec: do not leave bprm-interp on stack Kees Cook Orabug: 16286741 CVE-2012-4530 - exec: use -ELOOP for max recursion depth Kees Cook Orabug: 16286741 CVE-2012-4530 2.6.32-300.39.3 - Xen: Fix stack corruption in xenfailsafecallback for 32bit PVOPS guests. Frediano Ziglio Orabug:...

kernel: stack disclosure in binfmt_script load_script()

The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

UBUNTU-CVE-2012-4530

The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

CVE-2012-4530

The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

Slackware: Security Advisory (SSA:2006-166-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : apr on SL4.x, SL5.x, SL6.x i386/x86_64

It was discovered that the aprfnmatch function used an unconstrained recursion when processing patterns with the '' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching such as an httpd server using th...

CentOS Update for apr CESA-2011:0507 centos5 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Sql injection

The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query...

SOL13660 - BIND vulnerability CVE-2012-1667

BIG-IP 9.4.8 HF6 contains a patch backported from BIND 9.6 to BIND 9.4. However, the BIND version string was not updated to indicate a change was made. Recommended Action To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the...