1675 matches found
Moderate: kernel security and bug fix update
2.6.9-67.0.7.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with...
Coppermine Photo Gallery 1.4.9 - SQL Injection
Coppermine Photo Gallery 1.4.9 - SQL Injection !/usr/bin/php ?php / Coppermine Photo Gallery 1.4.9 Remote SQL Injection Vulnerability Note: Requires a valid user account. Usage: php script.php host path table prefix user id username password Usage Example: php script.php domain.com /coppermine/...
CVE-2006-0600
elog before 2.5.7 r1558-4 allows remote attackers to cause a denial of service infinite redirection via a request with the fail parameter set to 1, which redirects to the same request...
DEBIAN-CVE-2004-0986
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers...
security flaw
lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail...
Sygate Personal Firewall Pro 5.5 - Local Fail-Close Bypass
Sygate Personal Firewall Pro 5.5 - Local Fail-Close Bypass source: https://www.securityfocus.com/bid/10540/info A vulnerability is reported to affect the Sygate Personal Firewall fail-closed functionality. It is reported that the kernel-space NDIS driver does not verify the origin of messages tha...
Sygate Personal Firewall Pro 5.5 - Local Fail-Close Bypass
source: https://www.securityfocus.com/bid/10540/info A vulnerability is reported to affect the Sygate Personal Firewall fail-closed functionality. It is reported that the kernel-space NDIS driver does not verify the origin of messages that are received through the associated device. As a result o...
CVE-2002-0896
The CVE-2002-0896 entry concerns Swatch: the throttle capability may fail to report certain events if the same event type recurs after the throttle period or when multiple events matching the same watchfor expression don’t occur post-throttle. This could allow attackers to avoid detection. No spe...
CVE-2000-0478
In some cases, Norton Antivirus for Exchange NavExchange enters a "fail-open" state which allows viruses to pass through the server...
CVE-2000-0478
Norton Antivirus for Exchange (NavExchange) can enter a fail-open state, causing antivirus checks to fail and allowing viruses to pass through the server. The vulnerability, CVE-2000-0478, is documented across CVE/NVD records with a MEDIUM base score on CVSS v2 (AV:N/AC:L/Au:N/C:N/I:P/A:N). The c...
Vulnerabilities in Norton Antivirus for Exchange
Norton Antivirus for Exchange NavExchange, a product of Symantec, suffers from two major problems, with impact described below. The system tested was version 1.5. The most recent version is 2.0, which I have not had the opportunity to test, but based on information from Symantec I believe 2.0 is...
CVE-2000-0478
In some cases, Norton Antivirus for Exchange NavExchange enters a "fail-open" state which allows viruses to pass through the server...
Performance Copilot for IRIX 6.5
Hi All, I found a vulnerability in the Performance Copilot for IRIX 6.5 Summary: /usr/etc/pmcd has a fail-open security model, allowing anyone to perform queries by default. This exposes potentially sensitive information ps -efl, df, etc to anyone on the net. pmcd will accept garbage connections...
CVE-1999-0334
CVE-1999-0334 affects Solaris 2.2–2.3. When fsck fails at startup, a local user with physical access can obtain root privileges (root access). Root cause: startup fsck issue allowing escalation on physical access. Impact: local privilege escalation with full system compromise potential if attacke...
DUO-PSA-2019-001: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2019-001 Publication Date: 2019-04-16 Revision Date: 2019-04-16 Status: Confirmed, Fixed Document Revision: 1 Overview A Duo customer has identified an issue where Duo Authentication for Windows Logon could incorrectly enforce "failmode" followin...