CVE-2012-4577

The Linux firmware image on 1 Korenix Jetport 5600 series serial-device servers and 2 ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session...

Scientific Linux Security Update : libvirt on SL5.x i386/x86_64

The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. An integer overflow flaw was found in libvirtd's RPC call handling. An attacker able to establish read-only connections to libvirtd could trigger this flaw by...

Отладка ядра FreeBSD 9.0 посредством VMWare 8.0

First things first Первым делом следует установить исходники ядра. Если в /usr/src/sys/ пусто и есть установочный dvd, то следует распаковать src.txz: Цитата: mount -t cd9660 /dev/cd0 /cdrom tar -C / -xvzf /cdrom/usr/freebsd-dist/src.txz --- Если dvd нет, то исходники можно скачать с сайта freebs...

libvirt: address bus= device= when identicle vendor ID/product IDs usb devices attached are ignored

libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices...

DEBIAN-CVE-2012-2693

libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices...

[SECURITY] Fedora 17 Update: nut-2.6.3-4.fc17

These programs are part of a developing project to monitor the assortment of UPSes that are found out there in the field. Many models have serial ports of some kind that allow some form of state checking. This capability has been harnessed where possible to allow for safe shutdowns, live status...

[SECURITY] Fedora 16 Update: nut-2.6.3-4.fc16

These programs are part of a developing project to monitor the assortment of UPSes that are found out there in the field. Many models have serial ports of some kind that allow some form of state checking. This capability has been harnessed where possible to allow for safe shutdowns, live status...

CVE-2012-1803

RuggedCom Rugged Operating System ROS 3.10.x and earlier has a factory account with a password derived from the MAC Address field in the banner, which makes it easier for remote attackers to obtain access by performing a calculation on this address value, and then establishing a 1 TELNET, 2 remot...

HP ProCurve 5400 zl Switches Security Bulletin

Hewlett-Packard HP has released a security bulletin to address a security vulnerability affecting HP 5400 zl series switches purchased after April 30, 2011. These switches contain a compact flash card that may be infected with malware. US-CERT encourages users and administrators to review HP...

PcwRunAs 0.4 Password Obfuscation Design Flaw

Vuln Title: PcwRunAs Password Obfuscation Design Flaw Date: 26.03.2012 Author: Christian Landström, otr Software Link: http://www.pcwelt.de/downloads/pcwRunAs-1215998.html Version: = 0.4 Tested on: Windows CVE : CVE-2012-1793 Risk: high Type: Privilege Escalation Vendor: PC-Welt Timeline:...

cups security and bug fix update

1:1.3.7-30 - Backported patch to fix transcoding for ASCII bug 759081, STR 3832. 1:1.3.7-29 - The imageto filters could crash with bad GIF files CVE-2011-2896, STR 3867, STR 3914, bug 752118. 1:1.3.7-28 - Web interface didn't show completed jobs for printer STR 3436, bug 625900 - Serial backend...

Low: Red Hat Security Advisory: cups security and bug fix update

Updated cups packages that fix one security issue and various bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

RHEL 5 : cups (RHSA-2012:0302)

Updated cups packages that fix one security issue and various bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

Blade API Monitor Unicode Bypass Buffer Overflow

!/usr/bin/python -w --------------------------------------------------------------------------------- Exploit: Blade API Monitor Unicode Bypass Serial Number BOF Author: b33f Ruben Boonen - http://www.fuzzysecurity.com http://www.fuzzysecurity.com/exploits/8.html OS: WinXP PRO SP3 Software:...

Blade API Monitor Unicode Bypass (Serial Number BOF)

Exploit for windows platform in category local exploits !/usr/bin/python -w --------------------------------------------------------------------------------- Exploit: Blade API Monitor Unicode Bypass Serial Number BOF Author: b33f Ruben Boonen - http://www.fuzzysecurity.com...

Blade API Monitor - Unicode Bypass Serial Number Buffer Overflow

!/usr/bin/python -w --------------------------------------------------------------------------------- Exploit: Blade API Monitor Unicode Bypass Serial Number BOF Author: b33f Ruben Boonen - http://www.fuzzysecurity.com http://www.fuzzysecurity.com/exploits/8.html OS: WinXP PRO SP3 Software:...

php: Crash by converting serial day numbers (SDN) into Julian calendar

Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service application crash via a large integer in the first argument to the calfromjd function...

Linux Kernel 2.6.37-rc1 - 'serial_multiport_struct' Local Information Leak

/ Linux include include include include include define DEVICE "/dev/ttyS1" int mainint argc, char argv int ret = 0; int i, fd, reservedsize; char buf; struct serialmultiportstruct buffer; printf"\m/ Linux \n", argv0; exit-1; if argc 2 if reservedsize = atoiargv2 == 0 fprintfstderr, " - Sorry: ato...

php: Crash by converting serial day numbers (SDN) into Julian calendar

Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service application crash via a large integer in the first argument to the calfromjd function...

kernel: usb: buffer overflow in auerswald_probe()

Buffer overflow in the auerswaldprobe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system...