Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2013:183)

Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java...

Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20130620)

Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. CVE-2013-2470, CVE-2013-2471, CVE-2013-247...

OpenJDK: Unique VMIDs (Libraries, 8001033)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different...

OpenJDK: Unique VMIDs (Libraries, 8001033)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different...

OpenJDK: Unique VMIDs (Libraries, 8001033)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different...

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different...

Ubuntu Update for linux USN-1876-1

Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN18761.nasl 8672 2018-02-05 16:39:18Z teissa $ Ubuntu Update for linux USN-1876-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; y...

Ubuntu: Security Advisory (USN-1877-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 10.04 LTS : linux vulnerabilities (USN-1876-1)

Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 An information leak was discovered in the Linux kernel's rcvmsg path for ATM...

Ubuntu Update for linux-ec2 USN-1808-1

Check for the Version of linux-ec2 OpenVAS Vulnerability Test $Id: gbubuntuUSN18081.nasl 8448 2018-01-17 16:18:06Z teissa $ Ubuntu Update for linux-ec2 USN-1808-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

kernel: kvm: out-of-bounds access in ioapic indirect register reads

The ioapicreadindirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPICREGSELECT and IOAPICREGWINDOW operations, which allows guest OS users to obtain sensitive information from host OS memory or cause a denial of...

kernel: vhost: fix length for cross region descriptor

The translatedesc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges...

Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication

Early 2012 ESET company a mysterious malware, dubbed the Avatar rootkit Win32/Rootkit.Avatar, advertised in the underground forums by Russian cyber crime. "We present you here previously announced product. In connection with work on other projects, we moved the release date for the public from Ma...

Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication

Early 2012 ESET company a mysterious malware, dubbed the Avatar rootkit Win32/Rootkit.Avatar, advertised in the underground forums by Russian cyber crime. "We present you here previously announced product. In connection with work on other projects, we moved the release date for the public from Ma...

USN-1809-1: Linux kernel vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. CVE-2012-6548 Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver...

Apache CloudStack 身份验证绕过漏洞(CVE-2013-2756)

BUGTRAQ ID: 59463 CVECAN ID: CVE-2013-2756 Apache CloudStack是部署和管理大型虚拟机网络的开源软件。 Apache CloudStack 4.0.2之前版本存在安全绕过漏洞，熟悉Apache CloudStack源代码的攻击者可以未经授权访问另一个租户VM的控制台。 0 Apache Group CloudStack 4.x 厂商补丁： Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://httpd.apache.org/...

Important: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

kernel: kvm: buffer overflow in handling of MSR_KVM_SYSTEM_TIME

The kvmsetmsrcommon function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required timepage alignment during an MSRKVMSYSTEMTIME operation, which allows guest OS users to cause a denial of service buffer overflow and host OS memory corruption or possibly have...

Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20130417)

Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. CVE-2013-1569, CVE-2013-2383, CVE-2013-2384 Multiple improper permission check issues were...

VsFtp2 Version 2.3.4 Backdoor vulnerability-vulnerability warning-the black bar safety net

Metasploit+Nmap using the Test to build a virtual machine nmap –sT –A IP address Or use metaspliot scan to ftp –version to scan Here using someone else's figure ! image metasploit exploit use exploit/unix/ftp/vsftpd234backdoor msf exploitvsftpd234backdoor show options Need to fill out the attack...