61 matches found
Memory corruption
A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various system services partial to full denials of services, modification of system states and files, and potentia...
CVE-2017-2329
An insufficient authentication vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, user to execute certain specific unprivileged system files capable of causing widespread denials of system services...
GLSA-201606-14 : ImageMagick: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201606-14 ImageMagick: Multiple vulnerabilities Multiple vulnerabilities have been discovered in ImageMagick including, but not limited to, various overflows and potential Denials of Service. Please visit the references and relate...
setroubleshoot: command injection issues
Shell command injection flaws were found in the way the setroubleshoot executed external commands. A local attacker able to trigger certain SELinux denials could use these flaws to execute arbitrary code with root privileges...
setroubleshoot: command injection issues
Shell command injection flaws were found in the way the setroubleshoot executed external commands. A local attacker able to trigger certain SELinux denials could use these flaws to execute arbitrary code with root privileges...
CVE-2016-4445
A shell command injection flaw was found in the way the setroubleshoot executed external commands. A local attacker able to trigger certain SELinux denials could use this flaw to execute arbitrary code with root privileges...
CVE-2016-4989
Shell command injection flaws were found in the way the setroubleshoot executed external commands. A local attacker able to trigger certain SELinux denials could use these flaws to execute arbitrary code with root privileges...
ipa security, bug fix, and enhancement update
4.1.0-18.0.1 - Replace login-screen-logo.png 20362818 - Drop subscription-manager requires for OL7 - Drop redhat-access-plugin-ipa requires for OL7 - Blank out header-logo.png product-name.png 4.1.0-18 - Fix ipa-pwd-extop global configuration caching 1187342 - group-detach does not add correct...
3Com SuperStack II PS Hub 40 TelnetD Weak Password Protection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3034/info A vulnerability exists in certain models of 3Com hubs and potentially other 3Com network products. The affected devices fail to properly restrict the allowed number of login attempts to the inbuilt telnet-based...
MetaServer RT <= 3.2.1.450 - Multiple Vulnerabilities
No description provided by source. Luigi Auriemma Application: MetaServer RT http://www.traderssoft.com/ts/msrt/ Versions: = 3.2.1.450 Platforms: Windows Bugs: A heap overflow B various Denials of Service Exploitation: remote Date: 19 Sep 2011 Author: Luigi Auriemma e-mail: [email protected]...
Scientific Linux Security Update : selinux-policy on SL6.x i386/x86_64 (20120709)
This update adds the following enhancements : - When the system produces a new SELinux denial, the setroubleshootd daemon executes the rpm tool to check information about the relevant packages. Previously, setroubleshootd was unable to execute the rpm tool, and AVC denials were logged in the...
Siemens SIMATIC WinCC Flexible (Runtime) - Multiple Vulnerabilities
Siemens SIMATIC WinCC Flexible Runtime - Multiple Vulnerabilities Luigi Auriemma Application: Siemens SIMATIC WinCC flexible Runtime http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/Pages/Default.aspx Versions: 2008 SP2...
Vulnerabilities in Sunway ForceControl 6.1 sp3 (SCADA)
Luigi Auriemma Application: Sunway ForceControl http://www.sunwayland.com.cn/pro.asp Versions: = 6.1 sp3 with AngelServer and WebServer updated Platforms: Windows Bugs: various stack overflows directory traversals third party ActiveX code execution various Denials of Service Exploitation: remote...
sunway ForceControl 6.1 sp3 - Multiple Vulnerabilities
sunway ForceControl 6.1 sp3 - Multiple Vulnerabilities Luigi Auriemma Application: Sunway ForceControl http://www.sunwayland.com.cn/pro.asp Versions: B9 19000000 MOV ECX,19 004022E6 . 33C0 XOR EAX,EAX 004022E8 . 8D7C24 24 LEA EDI,DWORD PTR SS:ESP+24 004022EC . 83FE 64 CMP ESI,64 ; our value...
MetaServer RT 3.2.1.450 - Multiple Vulnerabilities
MetaServer RT 3.2.1.450 - Multiple Vulnerabilities Luigi Auriemma Application: MetaServer RT http://www.traderssoft.com/ts/msrt/ Versions: = 3.2.1.450 Platforms: Windows Bugs: A heap overflow B various Denials of Service Exploitation: remote Date: 19 Sep 2011 Author: Luigi Auriemma e-mail:...
MetaServer RT 3.2.1.450 - Multiple Vulnerabilities
Luigi Auriemma Application: MetaServer RT http://www.traderssoft.com/ts/msrt/ Versions: = 3.2.1.450 Platforms: Windows Bugs: A heap overflow B various Denials of Service Exploitation: remote Date: 19 Sep 2011 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug...
[slackware-security] pidgin
New pidgin packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/pidgin-2.7.11-i486-1slack13.1.txz: Upgraded. Fixed denials of service caused by NULL pointer dereferences due...
GLSA-200711-08 : libpng: Multiple Denials of Service
The remote host is affected by the vulnerability described in GLSA-200711-08 libpng: Multiple Denials of Service An off-by-one error when handling ICC profile chunks in the pngsetiCCP function was discovered CVE-2007-5266. George Cook and Jeff Phillips reported several errors in pngrtran.c, the u...
libpng: Multiple Denials of Service
Background libpng is a free ANSI C library used to process and manipulate PNG images. Description An off-by-one error when handling ICC profile chunks in the pngsetiCCP function was discovered CVE-2007-5266. George Cook and Jeff Phillips reported several errors in pngrtran.c, the use of logical...
GLSA-200708-09 : Mozilla products: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200708-09 Mozilla products: Multiple vulnerabilities Mozilla developers fixed several bugs, including an issue with modifying XPCNativeWrappers CVE-2007-3738, a problem with event handlers executing elements outside of the documen...