VMware Products Guest Privilege Escalation Vulnerability (Nov 2009) - Windows

VMWare products are prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2009-5912 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.32-rc1 Description: The issue is related to the KVM subsystem in the Linux kernel, where the update cr8 intercept function does not properly handle the absence of an Advanced Programmable Interrupt Controlle...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allow remote attackers to hijack the authentication of administrators for 1 requests that change the password via the username parameter to config/changepw.php or 2 stop a...

CVE-2009-3759

Multiple cross-site request forgery CSRF vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allow remote attackers to hijack the authentication of administrators for 1 requests that change the password via the username parameter to config/changepw.php or 2 stop a...

CVE-2009-3759

Multiple cross-site request forgery CSRF vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allow remote attackers to hijack the authentication of administrators for 1 requests that change the password via the username parameter to config/changepw.php or 2 stop a...

Mandrake Security Advisory MDVSA-2009:257 (qemu)

The remote host is missing an update to qemu announced via advisory MDVSA-2009:257. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Sun VirtualBox VBoxNetAdpCtl配置工具本地特权提升漏洞

Bugraq ID: 36604 Sun VirtualBox是一款功能强大的x86虚拟机软件。 Sun VirtualBox VBoxNetAdpCtl配置工具存在未明错误，本地攻击者可以利用漏洞以root特权执行任意命令。 Sun VirtualBox 3.0.6 Sun VirtualBox 3.0.4 Sun VirtualBox 3.0.2 Sun VirtualBox 3.0 用户可参考如下安全公告获得补丁信息： http://sunsolve.sun.com/search/document.do?assetkey=1-66-268188-1...

SuSE 11 Security Update : Sun JDK 6 (SAT Patch Number 699)

The Sun JDK 6 was updated to Update13 to fix various bugs and security issues. - LdapCtx in the LDAP service in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.124 and earlier; and 1.4.219 and earlier does not close...

rgmanager security update

CentOS Errata and Security Advisory CESA-2009:1339 An updated rgmanager package that fixes multiple security issues, various bugs, and adds enhancements is now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team...

Let the administrator help you restart the machine-vulnerability warning-the black bar safety net

Let the administrator help you restart the machine Sometimes, we go through the database backup a batch to the Startup menu, you want the server on the next restart to run our batch processing. But we, Ah, etc., the server is not restarting, what should I do? Allow administrator to help us restar...

Low: Red Hat Security Advisory: rgmanager security, bug fix, and enhancement update

An updated rgmanager package that fixes multiple security issues, various bugs, and adds enhancements is now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. The rgmanager package contains the Red Hat Resourc...

Mandrake Security Advisory MDVSA-2009:162 (java-1.6.0-openjdk)

The remote host is missing an update to java-1.6.0-openjdk announced via advisory MDVSA-2009:162. OpenVAS Vulnerability Test $Id: mdksa2009162.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:162 java-1.6.0-openjdk Authors: Thomas Reinke Copyright:...

Sun VirtualBox宿主系统本地拒绝服务漏洞

Bugraq ID: 35960 CNCAN ID：CNCAN-2009080703 Sun VirtualBox是一款功能强大的x86虚拟机软件。 Sun VirtualBox 3.0存在安全问题，允许VirtualBox虚拟机中的非特权用户重新启动宿主操作系统，造成拒绝服务攻击。 目前没有详细漏洞细节提供。 Sun VirtualBox 3.0.2 Sun VirtualBox 3.0 厂商解决方案 用户可升级到Sun VirtualBox 3.0.4版本： http://www.virtualbox.org/...

Rootkit techniques the main principle of explanation-vulnerability warning-the black bar safety net

Article author: hackisle rootkit main categories: Application-level-kernel-the hardware level Early rootkits mainly for application-level rootkits application-level rootkits mainly by replacing the login, ps, ls, netstat and other system tools, or modify. rhosts etc system configuration files, et...

Integer overflow

Integer overflow in the ActionScript Virtual Machine 2 AVM2 abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service application crash or possibly execute arbitrary code via an AVM2 file with a larg...

flash-plugin: multiple code execution flaws (APSB09-10)

Integer overflow in the ActionScript Virtual Machine 2 AVM2 abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service application crash or possibly execute arbitrary code via an AVM2 file with a larg...

openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-705)

The Sun JDK 6 was updated to Update13 to fix various bugs and security issues. CVE-2009-1093: LdapCtx in the LDAP service in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.124 and earlier; and 1.4.219 and earlier do...

Microsoft Virtual PC和Virtual Server本地权限提升漏洞（MS09-033）

BUGTRAQ ID: 35601 CVECAN ID: CVE-2009-1542 Microsoft Virtual PC和Virtual Server都是流行的虚拟机工具，允许在同一台计算机上运行多个操作系统。 Virtual PC和Virtual Server在Virtual Machine Monitor中执行特定指令时没有正确地验证权限级别，可能允许攻击者在承载的Guest操作系统中以提升的权限执行代码。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。 Microsoft Virtual PC 2007 SP1 Microsoft Virtual...

CVE-2009-1542

The Virtual Machine Monitor VMM in Microsoft Virtual PC 2004 SP1, 2007, and 2007 SP1, and Microsoft Virtual Server 2005 R2 SP1, does not enforce CPU privilege-level requirements for all machine instructions, which allows guest OS users to execute arbitrary kernel-mode code and gain privileges...

Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2009:137)

Multiple security vulnerabilities has been identified and fixed in Little cms library embedded in OpenJDK : A memory leak flaw allows remote attackers to cause a denial of service memory consumption and application crash via a crafted image file CVE-2009-0581. Multiple integer overflows allow...