462 matches found
WirelessGear Siklu EtherHaul radios insecure default password vulnerability
WirelessGear Siklu EtherHaul radios are a set of radios for commercial service from WirelessGear USA. A security vulnerability exists in WirelessGear Siklu EtherHaul radios versions prior to 3.7.1 and 6.x versions prior to 6.9.0, which stems from an immutable password used by all devices. An...
CVE-2017-6955
An issue was discovered in by-email/by-email.php in the Invite Anyone plugin before 1.3.15 for WordPress. A user is able to change the subject and the body of the invitation mail that should be immutable, which facilitates a social engineering attack...
Caching best practices & max-age gotchas
Getting caching right yields huge performance benefits, saves bandwidth, and reduces server costs, but many sites half-arse their caching, creating race conditions resulting in interdependent resources getting out of sync. The vast majority of best-practice caching falls into one of two patterns:...
Ubuntu 14.04 LTS : Firefox regression (USN-2743-4)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2743-4 advisory. USN-2743-1 fixed vulnerabilities in Firefox. After upgrading, some users reported problems with bookmark creation and crashes in some circumstances. This update...
Mozilla Firefox and Firefox ESR Security Bypass Vulnerability (CNVD-2015-06384)
Mozilla Firefox is an open source web browser. A security vulnerability in the Mozilla Firefox NetworkUtils.cpp file allows remote attackers to bypass the ECMAScript 5 API protection mechanism, modify immutable attributes, and execute arbitrary JavaScript code with chrome privileges...
USN-2743-1: Firefox vulnerabilities
Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially explo...
UBUNTU-CVE-2015-4516
Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 aka ES5 API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript code with chrome privileges, via a crafted web page that does not use ES5 APIs...
PYSEC-2014-57
typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce the immutable setting on unspecified content edit forms, which allows remote attackers to hide fields on the forms via a crafted URL...
How to Relocate Veeam Backup & Replication Backup Files
Other Data Relocation-Related Articles KB2236 --Moving backup files to/from a Scale-Out Backup Repository. KB2321 -- Changing the backup location of Veeam Agent jobs operating in Standalone mode not directly controlled by Veeam Backup & Replication but targeting a Veeam Backup & Replication...
Mozilla: Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5) (MFSA 2012-34)
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to 1...
Debian DSA-2420-1 : openjdk-6 - several vulnerabilities
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform. - CVE-2011-3377 The IcedTea browser plugin included in the openjdk-6 package does not properly enforce the Same Origin Policy on web content served under a domain name which has a common suffix...
rt-sa-2005-15.txt
Advisory: BSD Securelevels: Circumventing protection of files flagged immutable By mounting an arbitrary filesystem, it is possible to mask files flagged immutable with any user-defined files. Details ======= Product: FreeBSD up to 6.0-STABLE and 7.0-CURRENT OpenBSD up to 3.8 DragonFly up to 1.2...
BSD systems securelevel protection bypass
By mounting different filesystem it's possible to mask file flagged 'immutable'. It's possible to rollback system tiime by setting it to maximum value...
CVE-2005-4351
The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running...
[Full-disclosure] BSD Securelevels: Circumventing protection of files flagged immutable
Advisory: BSD Securelevels: Circumventing protection of files flagged immutable By mounting an arbitrary filesystem, it is possible to mask files flagged immutable with any user-defined files. Details ======= Product: FreeBSD up to 6.0-STABLE and 7.0-CURRENT OpenBSD up to 3.8 DragonFly up to 1.2...
CVE-2005-4351
The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running...
CVE-2005-4351
The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running...
CVE-1999-1394
CVE-1999-1394 : BSD 4.4–based operating systems running at security level 1 allow the root user to clear immutable/append-only flags on files by unmounting the filesystem and using a filesystem editor (e.g., fsdb) to modify a device directly. The description does not specify affected products, ve...
CVE-1999-0323
CVE-1999-0323 affects FreeBSD: the mmap function allows users to modify append-only or immutable files. The connected documents reiterate this description but do not provide additional technical details, affected versions, root cause specifics, exploit information, or remediation guidance. Practi...
CVE-1999-0323
FreeBSD mmap function allows users to modify append-only or immutable files...