Mandriva Update for mkinitrd MDVA-2010:174 (mkinitrd)

Check for the Version of mkinitrd OpenVAS Vulnerability Test Mandriva Update for mkinitrd MDVA-2010:174 mkinitrd Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

kernel security and bug fix update

2.6.9-89.0.26.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...

kernel security and bug fix update

2.6.9-89.0.23.0.1 - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...

MDVA-2009:006 : xen

The xen package released in Mandriva Linux 2009.0 lacks udev rules for handling hotplug events. As a result trying to create an HVM host will fail with this kind of error message: 'Error: Device 0 vif could not be connected Hotplug scripts not working'. Additionaly, it also add PCI pass-through...

CVE-2006-4772

HotPlug CMS stores sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password and database credentials via a direct request for includes/class/config.inc...

CVE-2006-4772

HotPlug CMS stores sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password and database credentials via a direct request for includes/class/config.inc...

CVE-2006-4772

CVE-2006-4772 affects HotPlug CMS. The issue stems from storing sensitive information under the web root with insufficient access control, allowing remote attackers to read the admin password and database credentials via a direct request to includes/class/config.inc . The impact described is part...

hotplugCMSconfig.txt

Hello HotPlug CMS Config File Include Vulnerability Discovered by : HACKERS PAL Copyrights : HACKERS PAL Website : WwW.SoQoR.NeT Email : [email protected] After Script Url Add includes/class/config.inc And you will download the config file ,, so that you will be able to connect by remote connect...

HotPlug CMS Config File Include Vulnerability

Hello HotPlug CMS Config File Include Vulnerability Discovered by : HACKERS PAL Copyrights : HACKERS PAL Website : WwW.SoQoR.NeT Email : [email protected] After Script Url Add includes/class/config.inc And you will download the config file ,, so that you will be able to connect by remote connect...

CVE-2006-3190

SQL injection vulnerability in administration/includes/login/auth.php in HotPlug CMS 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the 1 username and 2 password parameters...

CVE-2006-3189

Cross-site scripting XSS vulnerability in administration/tblcontent/login1.php in HotPlug CMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

CVE-2006-3189

Cross-site scripting XSS vulnerability in administration/tblcontent/login1.php in HotPlug CMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

CVE-2006-3190

SQL injection vulnerability in administration/includes/login/auth.php in HotPlug CMS 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the 1 username and 2 password parameters...

CVE-2006-3189

CVE-2006-3189 is an XSS vulnerability in HotPlug CMS 1.0, affecting the file administration/tblcontent/login1.php where an attacker can inject arbitrary script/HTML via the msg parameter. The available sources confirm the presence of a cross-site scripting flaw but do not provide exploit details,...

CVE-2006-3190

The vulnerability CVE-2006-3190 affects HotPlug CMS 1.0, specifically in administration/includes/login/auth.php. It is a SQL injection flaw that allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username and password parameters. The available records conf...

HotPlug CMS 1.0 - Login1.php Cross-Site Scripting

HotPlug CMS 1.0 - Login1.php Cross-Site Scripting source: https://www.securityfocus.com/bid/18454/info HotPlug CMS is prone to a cross-site scripting attack. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute...

HotPlug CMS 1.0 - 'Login1.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18454/info HotPlug CMS is prone to a cross-site scripting attack. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary HTML and script code in the browser of a...

Mandrake Linux Security Advisory : kernel (MDKSA-2006:086)

A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel : Prior to Linux kernel 2.6.16.5, the kernel does not properly handle uncanonical return addresses on Intel EM64T CPUs which causes the kernel exception handler to run on the user stack with the wrong GS...

RHEL 4 : udev (RHSA-2005:864)

Updated udev packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The udev package contains an implementation of devfs in userspace using sysfs and /sbin/hotplug. Richard Cunningham discovered a...

Slackware 9.1 / current : kernel security updates (SSA:2004-119-01)

New kernel packages are available for Slackware 9.1 and -current to fix security issues. Also available are new kernel modules packages including alsa-driver, and a new version of the hotplug package for Slackware 9.1 containing some fixes for using 2.4.26 and 2.6.x kernel modules. The most serio...