442 matches found
XenServer 7 Host Crash while starting multiple Virtual Machine
XenServer 7 Hosts crashes with below call traces while trying to start multiple vGPU attached Virtual Machines. The following trace can be found in xen.log in the crash folder /var/log/crash: XEN 101632.198343 ---- Xen-4.6.1-xs128153 x8664 debug=n Not tainted ----XEN 101632.198344 CPU: 5XEN...
Information Disclosure
jsonmodel is vulnerable to information disclosure. It is possible to read data in an error log by placing format string special characters in a class name...
SUSE SLES12 Security Update : mariadb (SUSE-SU-2017:0411-1)
This mariadb version update to 10.0.29 fixes the following issues : - CVE-2017-3318: unspecified vulnerability affecting Error Handling bsc1020896 - CVE-2017-3317: unspecified vulnerability affecting Logging bsc1020894 - CVE-2017-3312: insecure error log file handling in mysqldsafe, incomplete...
SUSE-SU-2017:0412-1 Security update for mariadb
This mariadb version update to 10.0.29 fixes the following issues: - CVE-2017-3318: unspecified vulnerability affecting Error Handling bsc1020896 - CVE-2017-3317: unspecified vulnerability affecting Logging bsc1020894 - CVE-2017-3312: insecure error log file handling in mysqldsafe, incomplete...
SUSE-SU-2017:0411-1 Security update for mariadb
This mariadb version update to 10.0.29 fixes the following issues: - CVE-2017-3318: unspecified vulnerability affecting Error Handling bsc1020896 - CVE-2017-3317: unspecified vulnerability affecting Logging bsc1020894 - CVE-2017-3312: insecure error log file handling in mysqldsafe, incomplete...
Design/Logic Flaw
MyBB aka MyBulletinBoard before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allow remote attackers to obtain the installation path via vectors involving error log files...
CVE-2015-8977
MyBB aka MyBulletinBoard before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allow remote attackers to obtain the installation path via vectors involving error log files...
CVE-2015-8977
CVE-2015-8977 affects MyBB (MyBulletinBoard) versions prior to 1.6.18 and 1.8.x prior to 1.8.6, plus the MyBB Merge System before 1.8.6. The issue allows remote attackers to disclose the installation path via vectors involving error log files, resulting in information disclosure. Root cause, as s...
CVE-2015-8977
MyBB aka MyBulletinBoard before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allow remote attackers to obtain the installation path via vectors involving error log files...
CVE-2016-1247
The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu1.1 on Ubuntu 16.10, and the nginx ebuild before 1.10.2-r3 on Gentoo allow local users with access...
DEBIAN-CVE-2016-1247
The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu1.1 on Ubuntu 16.10, and the nginx ebuild before 1.10.2-r3 on Gentoo allow local users with access...
CVE-2016-1247
The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu1.1 on Ubuntu 16.10, and the nginx ebuild before 1.10.2-r3 on Gentoo allow local users with access...
Nginx (Debian Based Distros + Gentoo) - logrotate Local Privilege Escalation
Nginx Debian Based Distros + Gentoo - logrotate Local Privilege Escalation !/bin/bash Nginx Debian-based distros + Gentoo - Root Privilege Escalation PoC Exploit nginxed-root.sh ver. 1.0 CVE-2016-1247 Discovered and coded by: Dawid Golunski dawidatlegalhackers.com https://legalhackers.com Follow...
Nginx (Debian-Based Distributions) - Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits !/bin/bash Source: http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html Nginx Debian-based distros - Root Privilege Escalation PoC Exploit nginxed-root.sh ver. 1.0 CVE-2016-1247 Discovered and coded by: Dawid...
Nginx (Debian Based Distros + Gentoo) - 'logrotate' Local Privilege Escalation
!/bin/bash Nginx Debian-based distros + Gentoo - Root Privilege Escalation PoC Exploit nginxed-root.sh ver. 1.0 CVE-2016-1247 Discovered and coded by: Dawid Golunski dawidatlegalhackers.com https://legalhackers.com Follow https://twitter.com/dawidgolunski for updates on this advisory. --- This Po...
mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)
A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...
mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)
A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...
CVE-2016-6664
A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...
mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)
A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...
mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)
A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...