180 matches found
Windows Packer Project for Defenders: DARKSURGEON
Darksurgeon is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense. Darksurgeon has three stated goals: Accelerate incident response, digital forensics, malware analysis, and network defense with a preconfigured Windows 10 environment...
[SECURITY] Fedora 23 Update: flex-2.6.0-2.fc23
The flex program generates scanners. Scanners are programs which can recognize lexical patterns in text. Flex takes pairs of regular expressions and C code as input and generates a C source file as output. The output file is compiled and linked with a library to produce an executable. The...
CVE-2016-4474
CVE-2016-4474 affects Red Hat OpenStack Platform 8.0 (Liberty) director and Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) overcloud-full images. The image build process uses a default root password (ROOTPW/rootpw), enabling potential remote root access via unspecified vectors. Red Hat ad...
CVE-2016-4474
The image build process for the overcloud images in Red Hat OpenStack Platform 8.0 Liberty director and Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo director aka overcloud-full use a default root password of ROOTPW, which allows attackers to gain access via unspecified vectors...
Important: Red Hat Security Advisory: rhosp-director-images security and bug fix update
Updated deployment images are now available for Red Hat OpenStack Platform 7.0 Kilo director. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Important: Red Hat Security Advisory: rhosp-director-images security and bug fix update
Updated deployment images are now available for Red Hat OpenStack Platform 8.0 Liberty director. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2016-4474
An issue was discovered in the image build process for the overcloud images, as used by director, resulting in all previous images to have a default root password of "rootpw". Remote root access via SSH is disabled by default...
CVE-2016-3738
A vulnerability was found in the STI build process in OpenShift Enterprise. Access to STI builds was not properly restricted, allowing an attacker to use STI builds to access the Docker socket and escalate their privileges...
The vulnerability of the Kubernetes cluster management software allows a hacker to increase their privileges.
The vulnerability of the software interface of the Kubernetes cluster management server is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges by modifying system configuration during the system build process...
RedHat Update for util-linux RHSA-2012:0307-03
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2010-2276
The default configuration of the build process in Dojo 0.4.x before 0.4.4, 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 has the copyTests=true and mini=false options, which makes it easier for remote attackers to have an unspecified impact...
CVE-2010-2276
The default configuration of the build process in Dojo 0.4.x before 0.4.4, 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 has the copyTests=true and mini=false options, which makes it easier for remote attackers to have an unspecified impact...
Default configuration
The default configuration of the build process in Dojo 0.4.x before 0.4.4, 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 has the copyTests=true and mini=false options, which makes it easier for remote attackers to have an unspecified impact...
CVE-2010-2276
CVE-2010-2276 affects Dojo where the default build-process configuration uses copyTests=true and mini=false, enabling remote attackers to cause an unspecified impact via requests to test or demo components. Affected Dojo lines: 0.4.x before 0.4.4, 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x bef...
CVE-2010-2276
The default configuration of the build process in Dojo 0.4.x before 0.4.4, 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 has the copyTests=true and mini=false options, which makes it easier for remote attackers to have an unspecified impact...
CVE-2010-2276
The default configuration of the build process in Dojo 0.4.x before 0.4.4, 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 has the copyTests=true and mini=false options, which makes it easier for remote attackers to have an unspecified impact...
FreeBSD : dojo -- XSS and other vulnerabilities (805603a1-3e7a-11df-a5a1-0050568452ac)
The Dojo Toolkit team reports : Some PHP files did not properly escape input. Some files could operate like 'open redirects'. A bad actor could form an URL that looks like it came from a trusted site, but the user would be redirected or load content from the bad actor's site. A file exposed a mor...
Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution
Summary Product : Vim -- Vi IMproved Versions : 5.0--current, possibly older; 4.6 and 3.0 not vulnerable Impact : Arbitrary code execution Wherefrom: Local Original : http://www.rdancer.org/vulnerablevim-configure.in.html http://www.rdancer.org/vulnerablevim-configure.in.patch Insecure temporary...
Design/Logic Flaw
The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions...
DEBIAN-CVE-2004-0256
GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp...