Nmap NSE 6.01: whois

Queries the WHOIS services of Regional Internet Registries RIR and attempts to retrieve information about the IP Address Assignment which contains the Target IP Address. The fields displayed contain information about the assignment and the organisation responsible for managing the address space...

Adult WebMaster Script - Password Disclosure

Exploit Title: Yagina.com Adult Webmaster Script Admin Password Disclosure Category:webapps Description software : software website for webmasters promoting adult companies through referrals Date: 21-1-2013 Exploit Author: Dshellnoi Unix Vendor Homepage: http://www.yagina.com/ Software Link:...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : - Using PCI passthrough without interrupt remapping support allowed Xen hypervisor guests to generate MSI interrupts and thus potentially inject traps. A...

CentOS Update for kernel CESA-2011:1479 centos5 x86_64

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2011:1479 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

RedHat Update for kernel RHSA-2011:1465-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Design/Logic Flaw

The setupcifssb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service system crash by placing a referral at the root of a share...

CVE-2011-3363

The CVE-2011-3363 issue affects the Linux kernel up to version 2.6.38, specifically the setup_cifs_sb function in fs/cifs/connect.c. The root cause is improper handling of DFS referrals, enabling a remote CIFS server to trigger a denial-of-service (system crash) by placing a referral at the root ...

kernel: cifs: always do is_path_accessible check in cifs_mount

The setupcifssb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service system crash by placing a referral at the root of a share...

kernel security update

CentOS Errata and Security Advisory CESA-2011:1479 Updated kernel packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Commo...

kernel: cifs: always do is_path_accessible check in cifs_mount

The setupcifssb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service system crash by placing a referral at the root of a share...

PT-2012-1693 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39 Description: The issue is related to the handling of DFS referrals by the setup cifs sb function in the Linux kernel. Remote CIFS servers can cause a denial of service, leading to a system crash, by placi...

CVE-2011-3363

The setupcifssb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service system crash by placing a referral at the root of a share...

CVE-2010-2524

The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIGCIFSDFSUPCALL is enabled, relies on a user's keyring for the dnsresolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform...

Design/Logic Flaw

The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIGCIFSDFSUPCALL is enabled, relies on a user's keyring for the dnsresolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform...

CVE-2010-2524

The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIGCIFSDFSUPCALL is enabled, relies on a user's keyring for the dnsresolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform...

CVE-2010-2524

The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIGCIFSDFSUPCALL is enabled, relies on a user's keyring for the dnsresolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform...

Compromised Sites Redirect to Anti-Phishing Info

For the past 20 months, Carnegie Mellon University’s Human Computer Interaction Institute has been measuring referrals from phishing sites to an education page set up by the Anti-Phishing Working Group APWG. Hong said the site now receives close to 25,000 referrals per month from phishing sites...

krb5 security and bug fix update

1.6.1-36.el55.3 - add upstream patch to fix a few use-after-free bugs, including one in kadmind CVE-2010-0629, 578185 1.6.1-36.el55.2 - pull changes to libkrb5 to properly handle and chase off-path referrals back from 1.7 574387...

openldap security and bug fix update

2.3.43-12 - updated spec file, so the compat-libs linking patch applies correctly 2.3.43-11 - backported patch to handle null character in TLS certificates 560912 2.3.43-10 - updated chase-referral patch to compile cleanly - updated init script 562714 2.3.43-9 - updated ldap.sysconf to include...

DEBIAN-CVE-2008-1447

The DNS protocol, as implemented in 1 BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; 2 Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referral...