Vulnerability in Remote Procedure Call Could Allow Remote Code Execution (982802)

This host is missing a critical security update according to Microsoft Bulletin MS10-066. OpenVAS Vulnerability Test $Id: secpodms10-066.nasl 5361 2017-02-20 11:57:13Z cfi $ Vulnerability in Remote Procedure Call Could Allow Remote Code Execution 982802 Authors: Madhuri D Copyright c 2010 SecPod,...

Linux kernel 2.6.x ecryptfs_uid_hash()函数本地溢出漏洞

BUGTRAQ ID: 42237 CVE ID: CVE-2010-2492 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel eCryptfs子系统中fs/ecryptfs/messaging.c文件的ecryptfsuidhash宏错误的假设hashlong函数的第二个参数是哈希桶的数目而不是哈希位的数目，这允许本地用户导致缓冲区溢出。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Linux kernel 2.6.x keyctl_session_to_parent()函数空指针引用漏洞

BUGTRAQ ID: 42932 CVE ID: CVE-2010-2960 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的security/keys/keyctl.c文件中的keyctlsessiontoparent函数存在空指针应用错误，本地用户可以以KEYCTLSESSIONTOPARENT调用keyctl来触发这个漏洞，导致拒绝服务的情况。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

Fedora 12 : kernel-2.6.32.21-166.fc12 (2010-13903)

Update to kernel 2.6.32.21: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.20 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.21 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

Multiple Multicast Vulnerabilities in Cisco IOS Software - Cisco Systems

Two crafted Protocol Independent Multicast PIM packet vulnerabilities exist in Cisco IOS software that may lead to a denial of service DoS condition. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. TRUSTED...

DLSw Vulnerability - Cisco Systems

A vulnerability exists in the Data-link Switching DLSw feature in Cisco IOS where an invalid value in a DLSw message could result in a reload of the DLSw device. Successful exploitation of this vulnerability requires that an attacker be able to establish a DLSw connection to the device. There are...

Vulnerability in Cisco IOS Embedded Call Processing Solutions - Cisco Systems

Cisco Internetwork Operating System IOS Software release trains 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the Cisco IOS Telephony Service ITS, Cisco CallManager Express CME or Survivable Remote Site Telephony SRST may contain a vulnerability in processing certain malformed control protoc...

WordPress 3.0.1 wp-admin/plugins.php模块跨站脚本漏洞

BUGTRAQ ID: 42440 WordPress是一款免费的论坛Blog系统。 如果action参数设置为delete-selected，WordPress没有正确地过滤提交给wp-admin/plugins.php的checked0参数便返回给了用户，这允许远程攻击者通过提交恶意参数请求执行反射式跨站脚本攻击。 WordPress 3.0.1 厂商补丁： WordPress --------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://wordpress.org/...

Fedora 14 : zabbix-1.8.2-3.fc14 (2010-12646)

Bug 620806 - CVE-2010-2790 Zabbix: XSS in triggers page ZBX-2326 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Debian DSA-2092-1 : lxr-cvs - missing input sanitizing

Dan Rosenberg discovered that in lxr-cvs, a code-indexing tool with a web frontend, not enough sanitation of user input is performed; an attacker can take advantage of this and pass script code in order to perform cross-site scripting attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Microsoft Windows TCP/IP实现IppSortDestinationAddresses()函数整数溢出漏洞（MS10-058）

BUGTRAQ ID: 42254 CVE ID: CVE-2010-1893 Microsoft Windows是微软发布的非常流行的操作系统。 Windows系统中TCP/IP实现的IppSortDestinationAddresses函数在处理SOCKETADDRESSLIST 结构时存在整数溢出漏洞，本地用户可以通过调用WSAIoctl和使用SIOADDRESSLISTSORT IOCTL破坏内核内存，以系统级权限执行任意代码。 在IppSortDestinationAddresses函数的开始处存在以下伪代码： DestinationAddresses =...

Microsoft Word RTF解析引擎远程内存破坏漏洞（MS10-056）

BUGTRAQ ID: 42132 CVE ID: CVE-2010-1901 Word是微软Office套件中的文字处理工具。 在处理包含有某些控制字的RTF文档时，RTF解析引擎可能错误的从RTF文件读取值，导致内存破坏。成功利用此漏洞的攻击者可以获得与本地用户相同的权限。 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac Microsoft Word 2007 SP2 Microsoft Word 2003 SP3 Microsoft Word 2002 SP3 临时解决方法： 以纯文本格式阅读电子邮件。...

[CORE-2010-0623] Microsoft Windows CreateWindow function callback vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ Microsoft Windows CreateWindow function callback vulnerability 1. Advisory Information Title: Microsoft Windows CreateWindow function callback vulnerability Advisory Id:...

Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048)

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ Microsoft Windows CreateWindow function callback vulnerability 1. Advisory Information Title: Microsoft Windows CreateWindow function...

Microsoft Windows CreateWindow function callback vulnerability

Core Security - CoreLabsMicrosoft Windows CreateWindow function callback vulnerability 1. Advisory Information Title: Microsoft Windows CreateWindow function callback vulnerability Advisory Id: CORE-2010-0623 Advisory URL:...

Linux kernel 2.6.x XDR实现缓冲区溢出漏洞

BUGTRAQ ID: 42249 CVE ID: CVE-2010-2521 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel实现NFS 4版的服务器端XDR时存在缓冲区溢出漏洞，本地网络中的攻击者可以向NFSv4服务器发送特制的超大复合请求导致内核忙碌拒绝服务或执行代码。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Vulnerabilities in Dataface Web Application Framework

Hello Bugtraq! I want to warn you about security vulnerabilities in Dataface Web Application Framework. ----------------------------- Advisory: Vulnerabilities in Dataface Web Application Framework ----------------------------- URL: http://websecurity.com.ua/4276/ -----------------------------...

Fedora 13 : kvirc-4.0.0-3.fc13 (2010-11506)

Fix for security issue: remote command execution. https://svn.kvirc.de/kvirc/ticket/858 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible witho...

Mozilla Firefox 3.6.7 插件参数引用悬停指针漏洞

BUGTRAQ ID: 41933 CVE ID: CVE-2010-2755 Firefox是一款非常流行的开源WEB浏览器。 Firefox的插件处理器中存在无效释放漏洞，在某些情况下可能过早的释放插件例程参数数组中的属性，留下插件可执行的悬停指针，可能会调用攻击者所控制的内存。 用户受骗访问恶意的web内容可能导致释放无效的内存指针，Firefox可能会崩溃或以运行Firefox用户的权限执行任意代码。 Mozilla Firefox 3.6.7 厂商补丁： Mozilla ------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Linux Kernel CIFS DNS查询缓存投毒漏洞

BUGTRAQ ID: 41904 CVE ID: CVE-2010-2524 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的CIFS DNS解析器机制没有正确地限制对密钥环存储查询结果的访问，如果随机用户通过addkey向密钥环中添加了结果记录然后又调用了CIFS CFS的话，就可以安装恶意的重新定向，诱骗用户从恶意的服务器加载系统。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...