Ubuntu 10.04 LTS : linux vulnerabilities (USN-1876-1)

Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 An information leak was discovered in the Linux kernel's rcvmsg path for ATM...

USN-1878-1: Linux kernel vulnerabilities

An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. CVE-2013-0160 A flaw was discovered in the Linux...

Kernel: atm: update msg_namelen in vcc_recvmsg()

The vccrecvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

[Arachni v0.4.2] web application security scanner (Boosted with new UI)

Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by learning from the HTTP responses it receives during the audit process and is...

USN-1808-1: Linux kernel (EC2) vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's getsockname implementation for Logical Link Layer llc sockets. A local user could exploit this flaw to examine some of the kernel's stack memory. CVE-2012-6542 Mathias Krause discovered information leaks in the Linux kernel's...

Kernel: atm: information leak in getsockopt & getsockname

The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

USN-1805-1: Linux kernel vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's getsockname implementation for Logical Link Layer llc sockets. A local user could exploit this flaw to examine some of the kernel's stack memory. CVE-2012-6542 Mathias Krause discovered information leaks in the Linux kernel's...

Kernel: atm: information leak in getsockopt & getsockname

The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

Stable Channel Update

The Chrome team is excited to announce the promotion of Chrome 26 to the Stable Channel. Chrome 26.0.1410.43 for Windows, Mac, Linux, and Chrome Frame contains number of new items including: "Ask Google for suggestions" spell checking feature improvements e.g. grammar and homonym checking Desktop...

UBUNTU-CVE-2012-6546

The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2013:0496 Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fourth...

Important: Red Hat Security Advisory: Red Hat Enterprise Linux 6 kernel update

Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fourth regular update. The Red Hat Security Response Team has...

USN-1599-1: Linux kernel (OMAP4) vulnerability

Pablo Neira Ayuso discovered a flaw in the credentials of netlink messages. An unprivileged local attacker could exploit this by getting a netlink based service, that relies on netlink credentials, to perform privileged actions. CVE-2012-3520 Mathias Krause discovered information leak in the Linu...

DomsHttpd 1.0 <= Remote Denial Of Service

DomsHttpd 1.0 = Remote Denial Of Service Discovered by: Jean Pascal Pereira [email protected] About DomsHttpd: "A very simple HTTP protocol program base on asynchronous socket model." Vendor URI: http://domshttpd.codeplex.com/ The remote attacker has the possibility to crash the application by...

Browser Forensic Tool v2.0 - Advanced browser history search engine

Browser Forensic Tool v2.0 - Advanced browser history search engine Browser Forensic Tool v2.0 , Developed by DarkCoderSc Jean-Pierre LESUEUR ,is an advanced local browser history search engine, in less than few seconds it will extract the chosen keywords of most famous web browser, actually...

Developing and Sharing Tools for Professional Hackers

Professional hackers or security testers tend to write a lot of code. We write exploit code, fuzzers, code to handle esoteric protocols and data structures, unpackers, disassemblers, reversers, parsers, and so much more. We write this code because often what we’re doing is so specific that is...

SA-CONTRIB-2012-058 - Fivestar - Input Validation

CVE: CVE-2012-2096 The Fivestar module enables you to add a voting widget to nodes and comments. The module does not sufficiently validate all votes passed by the asynchronous voting widget allowing a malicious user to improperly modify voting averages. Versions affected Fivestar 6.x-1.x versions...

[SECURITY] Fedora 17 Update: libgdata-0.11.1-1.fc17

libgdata is a GLib-based library for accessing online service APIs using the GData protocol --- most notably, Google's services. It provides APIs to acc ess the common Google services, and has full asynchronous support...

Fedora Update for python-celery FEDORA-2011-16549

Check for the Version of python-celery OpenVAS Vulnerability Test Fedora Update for python-celery FEDORA-2011-16549 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

[SECURITY] Fedora 15 Update: python-celery-2.2.8-1.fc15

An open source asynchronous task queue/job queue based on distributed message passing. It is focused on real-time operation, but supports scheduling as well. The execution units, called tasks, are executed concurrently on one or more worker nodes using multiprocessing, Eventlet or gevent. Tasks c...