CVE-2001-0404

Directory traversal vulnerability in JavaServer Web Dev Kit JSWDK 1.0.1 allows remote attackers to read arbitrary files via a .. dot dot in an HTTP request to the WEB-INF directory...

CVE-2001-0404

Directory traversal vulnerability in JavaServer Web Dev Kit JSWDK 1.0.1 allows remote attackers to read arbitrary files via a .. dot dot in an HTTP request to the WEB-INF directory...

CVE-2000-0454

Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter...

CVE-2000-0535

CVE-2000-0535 affects OpenSSL 0.9.4 and OpenSSH on FreeBSD, where FreeBSD Alpha's missing /dev/random or /dev/urandom leads to weak cryptographic keys. The issue arises from improper device checks, resulting in keys that may be easier to break. The provided documents describe the root cause and a...

Проблемы с libdes в NetBSD

Если отсутствует или не функционирует /dev/urandom, используется предсказуемая последовательность при генерации ключей...

Security Advisory 2000-007

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2000-007 ================================= Topic: bad key generation in libdes if no /dev/urandom Version: Domestic US NetBSD-current between 19990624 and 20000622. No formal releases of NetBSD are vulnerable. Severity: high only if...

Проблемы с /dev/random в FreeBSD на alpha

В версии FreeBSD для платформы alpha отсутствовало устройство /dev/random генерирующее псевдо-случайные последовательности. Тем не менее, многие крипто-программы, включая OpenSSH и OpenSSL генерировали ключи и сертификаты не учитывая этот факт...

CVE-2000-0454

Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter...

CVE-2000-0365

The CVE-2000-0365 entry concerns Red Hat Linux 6.0 where the /dev/pts file system is mounted with insecure modes. This configuration allows local users to write to other tty devices. The provided documents describe the affected component (/dev/pts) and the resulting local access impact but do not...

DoS-атака через доменные сокеты UNIX в Linux

: Большой объем информации посланный с помощью sendto через сокет в /dev/log приводит к краху системы...

CVE-1999-0426

CVE-1999-0426 affects Linux prior to 2.0.36 due to default permissions of the /dev/kmem character device, enabling IP spoofing. Root cause: /dev/kmem permissions allowed spoofing without additional privileges. Impact: network-based spoofing risk on affected systems. Mitigation: upgrade to Linux 2...

ssh-1.2.27.txt

------------------------------------------------------------------- Periodically, the moderator of of the vuln-dev mailing list will post summaries of issues discussed there to Bugtraq and possibly other relevant lists. This will usually happen when an issue has been resolved, or it appears that...

kmem.SuSE.txt

Date: Fri, 19 Mar 1999 22:45:29 -0800 From: Aleph One To: [email protected] Subject: The default permissions on /dev/kmem is insecure. SuSE Security Announcement Packages: devs- linux-2.0.35 and below Date: Thu Mar 18 10:22:11 CET 1999 Affected: SuSE 6.0 and below, other Linux distributions Su...

WSL Dev Channel Insiders

Early preview for the latest kernel updates...

PT-2010-5664 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: SUSE Linux Enterprise affected versions not specified Linux kernel versions prior to 2.6.36.2 Description: The issue involves multiple vulnerabilities in the Linux kernel and SUSE Linux Enterprise packages, including kernel-desktop-devel,...

Windows Insider Dev Channel

Windows Insider Dev Channel...

Windows Insider Dev Channel for MSD - internal

Windows Insider Dev Channel used for MSD internal validation...

PT-2001-2674 · Isc +3 · Inn2-Inews +8

Name of the Vulnerable Software and Affected Versions: OpenSSH versions prior to 2.3.0 ssh-1 versions prior to 1.2.31 Debian GNU/Linux affected versions not specified Description: The issue concerns multiple vulnerabilities in various packages of the Debian GNU/Linux operating system, including...