6173 matches found
USN-1745-1: Linux kernel (OMAP4) vulnerability
Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator. CVE-2013-0871 A flaw was discovered in the Edgeort USB serial converter...
pki-core security, bug fix and enhancement update
9.0.3-30 - Resolves 902474 - upgrading IPA from 2.2 to 3.0 sees certmonger errors 9.0.3-29 - Resolves 891985 - Increase FreeIPA root CA validity 9.0.3-28 - Resolves 885790 - Multiple cross-site scripting flaws by displaying CRL or processing profile 9.0.3-27 - Resolves 867640 - ipa-replica-instal...
RedHat Update for pki-core RHSA-2013:0511-02
Check for the Version of pki-core OpenVAS Vulnerability Test RedHat Update for pki-core RHSA-2013:0511-02 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
RedHat Update for pki-core RHSA-2013:0511-02
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
RHEL 6 : pki-core (RHSA-2013:0511)
Updated pki-core packages that fix multiple security issues, two bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...
CCID: Integer overflow, leading to array index error when processing crafted serial number of certain cards
Signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negati...
Moderate: Red Hat Security Advisory: pki-core security, bug fix and enhancement update
Updated pki-core packages that fix multiple security issues, two bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...
Microsoft ASP.NET MS-DOS Device Name DoS (PCI-DSS check)
The web server running on the remote host appears to be using Microsoft ASP.NET, and may be affected by a denial of service vulnerability. Requesting a URL containing an MS-DOS device name can cause the web server to become temporarily unresponsive. An attacker could repeatedly request these URLs...
Microsoft ASP.NET MS-DOS Device Name DoS
The web server running on the remote host appears to be using Microsoft ASP.NET, and may be affected by a denial of service vulnerability. Requesting a URL containing an MS-DOS device name can cause the web server to become temporarily unresponsive. An attacker could repeatedly request these URLs...
UBUNTU-CVE-2012-6053
epan/dissectors/packet-usb.c in the USB dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 relies on a length field to calculate an offset value, which allows remote attackers to cause a denial of service infinite loop via a zero value for this field...
Blackberry OBEX PUSH Crash (Bluetooth) PoC
Using specially crafted packets can cause a crash in bluetooth communication. In this PoC used Obex Push packets to cause the crash. More details in the video. Work through an RFCOMM connection !/usr/bin/python Blackberry Bluetooth Crash OBEX PUSH By Xianur0 email protected First you need to...
Digi RealPort Serial Server Port Scanner
Identify active ports on RealPort-enabled serial servers. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Digi RealPort Serial Server Port Scanner', 'Description' = 'Identify active ports on...
Digi RealPort Serial Server Version
Detect serial servers that speak the RealPort protocol. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Digi RealPort Serial Server Version', 'Description' = 'Detect serial servers that speak t...
BigFix Server and Serial Number Detection
Binary data 6608.prm...
Lantronix Telnet Password Recovery
This module retrieves the setup record from Lantronix serial-to-ethernet devices via the config port 30718/udp, enabled by default and extracts the telnet password. It has been tested successfully on a Lantronix Device Server with software version V5.8.0.1. This module requires Metasploit:...
DEBIAN-CVE-2012-0065
Heap-based buffer overflow in the receivepacket function in libusbmuxd/libusbmuxd.c in usbmuxd 1.0.5 through 1.0.7 allows physically proximate attackers to execute arbitrary code via a long SerialNumber field in a property list...
PT-2012-2270 · Libusbmuxd · Usbmuxd
Name of the Vulnerable Software and Affected Versions: usbmuxd versions 1.0.5 through 1.0.7 Description: A heap-based buffer overflow issue exists in the receive packet function in libusbmuxd/libusbmuxd.c. This allows physically proximate attackers to execute arbitrary code via a long SerialNumbe...
RedHat Update for xen RHSA-2012:1236-01
Check for the Version of xen OpenVAS Vulnerability Test RedHat Update for xen RHSA-2012:1236-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora Update for nut FEDORA-2012-8694
Check for the Version of nut OpenVAS Vulnerability Test Fedora Update for nut FEDORA-2012-8694 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...
CVE-2012-4577
CVE-2012-4577 involves hard-coded root credentials (password) on the Linux firmware images of Korenix JetPort 5600 series and ORing Industrial DIN-Rail serial-device servers. The vulnerability enables remote administrative access via SSH, with CVSS v2 base score 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)....