Mandrake Linux Security Advisory : kernel (MDKSA-2005:110)

Multiple vulnerabilities in the Linux kernel have been discovered and fixed in this update. The following CVE names have been fixed in the LE2005 kernel : Colin Percival discovered a vulnerability in Intel's Hyper-Threading technology could allow a local user to use a malicious thread to create...

calicserv_getconfig.pm

This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...

CVE-2001-1414

Technical details such as affected products, exact root cause, impact, affected versions, and remediation are not publicly provided in the supplied documents. Monitor for updates.

CVE-2001-1414

The Basic Security Module BSM for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers to hide their activities, possibly when certain BSM audit files are not present under the FTP root...

CVE-2004-1358

The patches 1 114332-08 and 2 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module BSM, which allows attackers to avoid having their activity logged...

CVE-2004-1337

CVE-2004-1337 concerns the POSIX Capability Linux Security Module (LSM) in the Linux kernel 2.6. If a process is launched before the LSM is loaded, credentials handling can fail, enabling local users to gain elevated privileges (effectively root). The vulnerability is discussed across multiple fe...

CVE-2004-2306

Sun Solaris 7 through 9, when Basic Security Module BSM is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the auditwarn script, which might allow attackers to escape detection...

CVE-2004-1337

The POSIX Capability Linux Security Module LSM for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges...

CVE-2004-1337

The POSIX Capability Linux Security Module LSM for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges...

CVE-2004-0320

Unknown vulnerability in nCipher Hardware Security Modules HSM 1.67.x through 1.99.x allows local users to access secrets stored in the module's run-time memory via certain sequences of commands...

CVE-2004-0654

Unknown vulnerability in the Basic Security Module BSM, when configured to audit either the Administrative ad or the System-Wide Administration as audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service kernel panic...

CVE-2004-0654

Unknown vulnerability in the Basic Security Module BSM, when configured to audit either the Administrative ad or the System-Wide Administration as audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service kernel panic...

Sun Solaris vulnerable to DoS when the Basic Security Module (BSM) is configured to perform auditing of specific classes

Overview There is a vulnerability in Sun Solaris that could allow local users to cause a denial of service when the Basic Security Module BSM is configured to perform auditing of specific audit classes. Description Sun Microsystems describes the Basic Security Module BSM as a "security auditing...

CVE-2004-1358

The patches 1 114332-08 and 2 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module BSM, which allows attackers to avoid having their activity logged...

nCipher Advisory #6: Access control defects in PKCS#11 keys

nCipher Security Advisory No. 6 Access control defects in PKCS11 keys -------------------------------------- SUMMARY ======= As a function of internal QA testing, nCipher has identified that, under certain unusual circumstances, keys created by the nCipher PKCS11 library, which should be secure,...

PT-2001-2103 · Valicert · Valicert Enterprise Validation Authority (Eva) Administration Server

Name of the Vulnerable Software and Affected Versions: ValiCert Enterprise Validation Authority EVA Administration Server versions 3.3 through 4.2.1 Description: The issue arises from the use of insufficiently random data. This affects two main areas: 1 the generation of session tokens for HSMs,...

CVE-2001-1414

The Basic Security Module BSM for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers to hide their activities, possibly when certain BSM audit files are not present under the FTP root...