openSUSE Security Advisory (SUSE-SU-2024:4036-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Node.js TLSWrap Use-After-Free

Node.js: use-after-free in TLSWrap Node v14.11.0 Current is vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method...

Node.js TLSWrap Use-After-Free Vulnerability

Node.js: use-after-free in TLSWrap Node v14.11.0 Current is vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method...

LG G4 MRA58K - mkvparser::Tracks constructor Failure to Initialise Pointers Exploit

Exploit for Android platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1117 Failure to initialise pointers in mkvparser::Tracks constructor The constructor mkvparser::Tracks::Tracks doesn't handle parsing failures correctly. If we look at the function...

OracleVM 3.2 : bash (OVMSA-2014-0019)

The remote OracleVM system is missing necessary patches to address critical security updates : - Check for fishy environment Resolves: 1141644 - Fixed a bug that caused trap handlers to be executed recursively, corrupting internal data structures. Resolves: 964753 - Don't include backup files...

psyBNC <= 2.3 - Denial of Service Exploit

No description provided by source. / psyBNC = 2.3 DoS Information System Advancement in Penetration ISAP Labs By Lunar Fault ElectronicSouls C May 19, 2002 Legal Notice: In no way is ElectronicSouls, ISAP, or the author responsible for the actions or usage of this program. The author retains all...

Scientific Linux Security Update : bash on SL5.x i386/x86_64

Bash is the default shell for Scientific Linux. It was found that certain scripts bundled with the Bash documentation created temporary files in an insecure way. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrary fil...

CentOS Update for bash CESA-2011:1073 centos5 x86_64

Check for the Version of bash OpenVAS Vulnerability Test CentOS Update for bash CESA-2011:1073 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

CentOS 5 : bash (CESA-2011:1073)

An updated bash package that fixes one security issue, several bugs, and adds one enhancement is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives...

bash security, bug fix, and enhancement update

3.2-32 - Dont include backup files Resolves: 700157 3.2-31 - Use 'mktemp' for temporary files Resolves: 700157 3.2-30 - Added man page references to systemwide .bashlogout Resolves: 592979 3.2-29 - Readline glitch, when editing line with more spaces and resizing window Resolves: 525474 3.2-28 - F...

Session fixation

Pioneers formerly gnocatan before 0.11.3 allows remote attackers to cause a denial of service crash by triggering a delete operation while the Session object is still being used, as demonstrated by causing a "Broken pipe" error...

DEBIAN-CVE-2007-5933

Pioneers formerly gnocatan before 0.11.3 allows remote attackers to cause a denial of service crash by triggering a delete operation while the Session object is still being used, as demonstrated by causing a "Broken pipe" error...

psyBNC 2.3 - Denial of Service

/ psyBNC include include include include include include include include include define SIZE 9000 define PORT 31337 define USER "pr0ix" int senddos...

vlock vulnerability in RedHat 7.0

I've tried to lock all virtual consoles in RedHat 7.0 using vlock, which is delivered with this release of RedHat. If user root locks all consoles - it's no problem, but if normal user locks consoles then anybody can unlock without typing a password. Try to use it in the following way: 1. logon a...