8149 matches found
CVE-2012-3494
The setdebugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service host crash by writing to the reserved bits of the DR7 debug control register...
DEBIAN-CVE-2012-3494
The setdebugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service host crash by writing to the reserved bits of the DR7 debug control register...
CVE-2012-3494
The setdebugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service host crash by writing to the reserved bits of the DR7 debug control register...
Design/Logic Flaw
The setdebugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service host crash by writing to the reserved bits of the DR7 debug control register...
CVE-2012-3494
The CVE-2012-3494 issue affects Xen hypervisor code, specifically the set_debugreg hypercall in include/asm-x86/debugreg.h, impacting Xen 4.0–4.2 and Citrix XenServer 6.0.2 and earlier on x86-64. The vulnerability arises when a guest OS user can write to the reserved bits of the DR7 debug control...
CVE-2012-3494
The setdebugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service host crash by writing to the reserved bits of the DR7 debug control register...
Fedora 17 : openstack-glance-2012.1.2-2.fc17 (2012-18085)
Fix Glance Authentication bypass for image deletion - Update to stable/essex 2012.1.2 including... - Support zero-size image creation via the v1 API - Allow admins to share images regardless of owner - Log sensitive store info, rather than exposing over API - Fix the qpidheartbeat option to avoid...
HCView - WriteAV Crash (PoC)
HCView - WriteAV Crash PoC !/usr/bin/perl Hardcoreview WriteAV Arbitrary Code Execution Author: Jean Pascal Pereira Vendor URI: http://sourceforge.net/projects/hardcoreview/ Vendor Description: Image browser. Designed and created for profesional and amature watching image files. All kind of image...
HCView WriteAV Crash Proof Of Concept
!/usr/bin/perl Hardcoreview WriteAV Arbitrary Code Execution Author: Jean Pascal Pereira Vendor URI: http://sourceforge.net/projects/hardcoreview/ Vendor Description: Image browser. Designed and created for profesional and amature watching image files. All kind of image files ; . Support .jpg,...
HCView - WriteAV Crash (PoC)
!/usr/bin/perl Hardcoreview WriteAV Arbitrary Code Execution Author: Jean Pascal Pereira Vendor URI: http://sourceforge.net/projects/hardcoreview/ Vendor Description: Image browser. Designed and created for profesional and amature watching image files. All kind of image files ; . Support .jpg,...
Debian DSA-2544-1 : xen - denial of service
Multiple denial of service vulnerabilities have been discovered in Xen, an hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2012-3494 : It was discovered that setdebugreg allows writes to reserved bits of the DR7 debug control register on amd6...
CVE-2012-2704
The CVE-2012-2704 issue concerns the Drupal Advertisement module (6.x-2.x) prior to 6.x-2.3 where debug information was not properly restricted, enabling remote attackers to obtain sensitive site configuration data defined by $conf in settings.php. This information disclosure is the primary impac...
Scientific Linux Security Update : kvm on SL5.4 x86_64
CVE-2009-3722 KVM: Check cpl before emulating debug register access CVE-2010-0419 kvm: emulator privilege escalation segment selector check A flaw was found in the way the x86 emulator loaded segment selectors used for memory segmentation and protection into segment registers. In some guest syste...
Pligg CMS 0.9 / 1.x Command Execution
!/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa.="\r\n"; return $exa."\r\n".$result; $proxyregex =...
rdp-enum-encryption NSE Script
Determines which Security layer and Encryption level is supported by the RDP service. It does so by cycling through all existing protocols and ciphers. When run in debug mode, the script also returns the protocols and ciphers that fail and any errors that were reported. The script was inspired by...
ptunnel 0.72 - Remote Denial of Service
ptunnel 0.72 - Remote Denial of Service !/usr/bin/env python =============================================================================== Exploit Title: ptunnel ' % sys.argv0 target remotehost = sys.argv1 ptunnel.h typedef struct uint32t magic, // magic number, used to identify ptunnel packets...
ptunnel 0.72 - Remote Denial of Service
!/usr/bin/env python =============================================================================== Exploit Title: ptunnel ' % sys.argv0 target remotehost = sys.argv1 ptunnel.h typedef struct uint32t magic, // magic number, used to identify ptunnel packets. dstip, // destination IP and port used...
RedHat Update for libvirt RHSA-2011:1197-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
openssh-server Forced Command Handling Information Disclosure Vulnerability
The authparseoptions function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorizedkeys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user accoun...
CVE-2012-2703
CVE-2012-2703 describes an XSS vulnerability in the Drupal Advertisement module (versions 6.x-2.x prior to 6.x-2.3). When debug mode is enabled, an attacker could inject arbitrary script/HTML via the $conf variable in settings.php. Affected product: Drupal contributed Advertisement module for 6.x...