91 matches found
Stack overflow
Stack-based buffer overflow in hw/usb/redirect.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service QEMU process crash via vectors related to logging debug messages...
CVE-2017-10806
Stack-based buffer overflow in hw/usb/redirect.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service QEMU process crash via vectors related to logging debug messages...
CVE-2017-10806
Stack-based buffer overflow in hw/usb/redirect.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service QEMU process crash via vectors related to logging debug messages...
CVE-2017-10806
Stack-based buffer overflow in hw/usb/redirect.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service QEMU process crash via vectors related to logging debug messages...
Session fixation
Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data keystrokes to any process. In mictray64.exe mic tray icon 1.0.0.46, a LowLevelKeyboardProc Windows hook is used to capture keystrokes. This data is leaked via unintended channels: deb...
Understanding and Configuring EPA Verbose Logging on Citrix Gateway
CLI Configuration Run the following command on NetScaler for PreAuth and PostAuth EPA logging: set vpn param –clientSecurityLog ON Note : For PreAuth and PostAuth logging, the vpn param MUST be used. If the clientSecurityLog is modified in a SessionAction whose Session Policy has a ClientSecurity...
How to Run Linux Kernel on Canon DSLRs Cameras
Last month, I Got a Canon's amazing and powerful video-capable DSLR Camera and was wondering if I could play a hack on it. Yes, Just like last time I installed and run Linux on my PlayStation 3 gaming console and the popular game console, the Nintendo Wii. What If I could port Linux Kernel to my...
CentOS 6 : sudo (CESA-2013:1701)
An updated sudo package that fixes two security issues, several bugs, and adds two enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Scientific Linux Security Update : sudo on SL6.x i386/x86_64 (20131121)
A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's...
openssh-server Forced Command Handling Information Disclosure Vulnerability
The authparseoptions function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorizedkeys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user accoun...
OpenSSH < 5.7 Multiple Vulnerabilities
Binary data 6300.prm...
DEBIAN-CVE-2012-0814
The authparseoptions function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorizedkeys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user accoun...
CVE-2012-0814
The authparseoptions function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorizedkeys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user accoun...
CVE-2012-0814
The authparseoptions function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorizedkeys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user accoun...
Cross site scripting
The authparseoptions function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorizedkeys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user accoun...
CVE-2012-0814
The authparseoptions function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorizedkeys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user accoun...
PT-2012-1159
Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 5.7 OpenSSH versions prior to 6.6 p1-r1 Description The issue allows remote authenticated users to obtain potentially sensitive information by reading debug messages containing authorized keys command options. This ca...
CVE-2008-7261
The Workplace aka WP component in IBM FileNet P8 Application Engine P8AE 3.5.1 before 3.5.1-010 records DEBUG messages containing user credentials in the log4j.xml file, which might allow local users to obtain sensitive information by reading this file...
CVE-2008-7261
The Workplace aka WP component in IBM FileNet P8 Application Engine P8AE 3.5.1 before 3.5.1-010 records DEBUG messages containing user credentials in the log4j.xml file, which might allow local users to obtain sensitive information by reading this file...
DEBIAN-CVE-2008-5688
MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExceptionDetails variable is enabled, sometimes provides the full installation path in a debugging message, which might allow remote attackers to obtain sensitive information via unspecified requests that trigger an uncaught...