USN-2807-1 linux-lts-wily vulnerability

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...

USN-2806-1 linux-lts-vivid vulnerability

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...

USN-2805-1 linux-lts-utopic vulnerability

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...

USN-2801-1 linux vulnerability

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...

UBUNTU-CVE-2015-5307

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many AC aka Alignment Check exceptions, related to svm.c and vmx.c...

Ubuntu: Security Advisory (USN-2801-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2803-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2014-3716

Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of service crash via an unspecified field in a DTB header in a 32-bit guest kernel...

SUSE-SU-2015:1776-1 Security update for haproxy

haxproy was updated to backport various security fixes and related patches bsc937202 bsc937042 CVE-2015-3281 + BUG/MAJOR: buffers: make the bufferslowrealign function respect output data + BUG/MINOR: ssl: fix smpfetchsslfcsessionid + MEDIUM: ssl: replace standards DH groups with custom ones +...

FreeBSD : haproxy -- information leak vulnerability (cbfa8bd7-24b6-11e5-86ff-14dae9d210b8)

HAProxy reports : A vulnerability was found when HTTP pipelining is used. In some cases, a client might be able to cause a buffer alignment issue and retrieve uninitialized memory contents that exhibit data from a past request or session. I want to address sincere congratulations to Charlie...

CVE-2015-3281

The bufferslowrealign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information uninitialized memory contents of previous requests via a crafted request...

haproxy -- information leak vulnerability

HAProxy reports: A vulnerability was found when HTTP pipelining is used. In some cases, a client might be able to cause a buffer alignment issue and retrieve uninitialized memory contents that exhibit data from a past request or session. I want to address sincere congratulations to Charlie...

openSUSE Security Update : vlc (openSUSE-SU-2015:0201-1)

vlc was updated to the current openSUSE Tumbleweed version. live555 was also updated to the current openSUSE Tumbleweed version as a dependency. Security issues fixed : - Fix various buffer overflows and null ptr dereferencing boo914268, CVE-2014-9625. Other fixes : - Enable SSE2 instruction set...

Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark1)

The remote Solaris system is missing necessary patches to address security updates : - Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service infinite loop via vectors related to the 1 ANSI MAP, 2 ASF, 3 IEEE 802.11, 4 IEEE 802.3, and 5 LTP...

lazeVideo-HDTV-Player-6.6-ASLR

Exploit: BlazeVideo HDTV Player 6.6 Professional SEH DEP ASLR Author: b33f - http://www.fuzzysecurity.com/ OS: Tested on Windows 7 32-bit PRO SP1 Software Link: http://www.blazevideo.com/download.htm Pro v6.6 - Apr 12, 2011 filename="blaze.plf"...

DEBIAN-CVE-2014-8542

libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted JV data...

UBUNTU-CVE-2014-8542

libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted JV data...

Rational ClearCase 3.2/4.x DB Loader TERM Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3523/info ClearCase is a commercially available software change management package. It is maintained and distributed by Rational. A problem with the package could lead to a local user gaining elevated privileges. The...

Solaris 2.6/7.0/8 netpr Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1200/info A buffer overrun exists in the 'netpr' program, part of the SUNWpcu LP package included with Solaris, from Sun Microsystems. Versions of netpr on Solaris 2.6 and 7, on both Sparc and x86 have been confirmed as...

w32-speaking-shellcode

No description provided by source. A null-free shellcode for 32-bit versions of Windows 5.0-7.0 all service packs that uses Microsoft Speech API to say You got pwned! over the speakers. Includes optional code that fixes stack alignment adds 5 bytes and bypasses EAF adds 29 bytes. Features: NULL...