9737 matches found
Apache Tomcat 5.5.x < 5.5.34 Multiple Vulnerabilities
According to its self-reported version number, the instance of Apache Tomcat 5.5.x listening on the remote host is prior to 5.5.34. It is, there, affected by multiple vulnerabilities : - Several weaknesses were found in the HTTP Digest authentication implementation. The issues are as follows:...
Important: Red Hat Security Advisory: jakarta-commons-daemon-jsvc security update
An updated jakarta-commons-daemon-jsvc package that fixes one security issue is now available for JBoss Enterprise Web Server 1.0 for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVS...
kernel: nl80211: missing check for valid SSID size in scan operations
Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAPNETADMIN capability during scan operations with a long SSID value...
kernel: nl80211: missing check for valid SSID size in scan operations
Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAPNETADMIN capability during scan operations with a long SSID value...
PT-2011-3911 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39.2 Description: The issue is related to multiple buffer overflows in the Linux kernel, specifically in the net/wireless/nl80211.c file. This can be exploited by local users who have the CAP NET ADMIN...
CVE-2011-2729
native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for...
CentOS Update for kernel CESA-2009:0001-01 centos2 i386
Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2009:0001-01 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
CentOS Update for kernel CESA-2009:0001-01 centos2 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS Update for kernel CESA-2009:1438 centos4 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
USN-1162-1: Linux kernel vulnerabilities (Marvell Dove)
Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. CVE-2010-4243 Alexander Duyck discovered that the Intel Gigabit Ethernet driver...
Design/Logic Flaw
net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
kernel: ipv4: netfilter: ip_tables: fix infoleak to userspace
net/ipv4/netfilter/iptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
Ubuntu 10.04 LTS : linux, linux-ec2 vulnerabilities (USN-1141-1)
Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. CVE-2010-4243 Alexander Duyck discovered that the Intel Gigabit Ethernet driver...
Nmap NSE net: imap-capabilities
Retrieves IMAP email server capabilities. IMAP4rev1 capabilities are defined in RFC 3501. The CAPABILITY command allows a client to ask a server what commands it supports and possibly any site-specific policy. OpenVAS Vulnerability Test $Id: gbnmapimapcapabilitiesnet.nasl 5505 2017-03-07 10:00:18...
kernel: ebtables stack infoleak
The doreplace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability ...
kernel: ipv6: netfilter: ip6_tables: fix infoleak to userspace
net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
Slackware 10.2 / 11.0 : bind 10.2/11.0 recompile (SSA:2009-015-01)
Updated bind packages are available for Slackware 10.2 and 11.0 to address a load problem. It was reported that the initial build of these updates complained that the Linux capability module was not present and would refuse to load. It was determined that the packages which were compiled on 10.2...
kernel: ipv4: netfilter: ip_tables: fix infoleak to userspace
net/ipv4/netfilter/iptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
PT-2011-2919 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39 Description: The issue is related to the IPv6 implementation in the Linux kernel, where the net/ipv6/netfilter/ip6 tables.c file does not properly null-terminate string data in certain structure members...
PT-2011-2917 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39 Description: The issue allows local users to obtain potentially sensitive information from kernel memory. This is achieved by leveraging the CAP NET ADMIN capability to issue a crafted request, and then...