Security Best Practice: Protect Yourself from MS-RPC and DCE-RPC Vulnerabilities

DCE/RPC stands for "Distributed Computing Environment / Remote Procedure Calls". It is a Remote Procedure Call system that allows software to work across multiple computers, as if it were all working on the same computer. This system allows programmers to write distributed software without having...

Fedora Update for libtirpc FEDORA-2008-9204

Check for the Version of libtirpc OpenVAS Vulnerability Test Fedora Update for libtirpc FEDORA-2008-9204 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for R FEDORA-2008-7619

Check for the Version of R OpenVAS Vulnerability Test Fedora Update for R FEDORA-2008-7619 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the G...

Fedora Update for R FEDORA-2008-7670

Check for the Version of R OpenVAS Vulnerability Test Fedora Update for R FEDORA-2008-7670 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the G...

Fedora Core 9 FEDORA-2009-0578 (boinc-client)

The remote host is missing an update to boinc-client announced via advisory FEDORA-2009-0578. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C ...

Fedora Core 9 FEDORA-2009-0578 (boinc-client)

The remote host is missing an update to boinc-client announced via advisory FEDORA-2009-0578. OpenVAS Vulnerability Test $Id: fcore20090578.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-0578 boinc-client Authors: Thomas Reinke Copyright: Copyright...

DSA-1718-1 boinc - validation bypass

Bulletin has no description...

[SECURITY] Fedora 10 Update: boinc-client-6.4.5-2.20081217svn.fc10

The Berkeley Open Infrastructure for Network Computing BOINC is an open- source software platform which supports distributed computing, primarily in the form of "volunteer" computing and "desktop Grid" computing. It is well suited for problems which are often described as "trivially parallel". BO...

[SECURITY] Fedora 9 Update: boinc-client-6.4.5-2.20081217svn.fc9

The Berkeley Open Infrastructure for Network Computing BOINC is an open- source software platform which supports distributed computing, primarily in the form of "volunteer" computing and "desktop Grid" computing. It is well suited for problems which are often described as "trivially parallel". BO...

CVE-2008-4990

Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file...

CVE-2009-0390

Argument injection vulnerability in Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program...

Arbitrary file deletion

Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file...

CVE-2009-0390

Argument injection vulnerability in Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program...

CVE-2008-4990

Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file...

CVE-2009-0390

CVE-2009-0390 concerns Enomaly ECP/Enomalism (pre-2.2.1) with local vulnerabilities in enomalism2.sh, where insecure temporary file handling enables argument injection into kill and signaling of arbitrary processes via the /tmp/enomalism2.pid PIDFILE. Connected sources describe a race condition o...

DEBIAN-CVE-2008-4539

Heap-based buffer overflow in the Cirrus VGA implementation in 1 KVM before kvm-82 and 2 QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorre...

DEBIAN-CVE-2008-5714

Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended...

DEBIAN-CVE-2008-5660

Format string vulnerability in the vinagreutilsshowerror function src/vinagre-utils.c in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response...

CVE-2008-5540

Secure Computing Secure Web Gateway aka Webwasher, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3...

Design/Logic Flaw

Secure Computing Secure Web Gateway aka Webwasher, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3...