9136 matches found
CentOS Update for kernel CESA-2013:0747 centos5
Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2013:0747 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
Race condition
Race condition in the CIFS implementation in the rewriter module in the Clientless SSL VPN component on Cisco Adaptive Security Appliances ASA devices allows remote authenticated users to cause a denial of service device reload by accessing resources within multiple sessions, aka Bug ID CSCub5899...
Information disclosure
The ISAKMP implementation on Cisco Adaptive Security Appliances ASA devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708...
CVE-2013-1199
Race condition in the CIFS implementation in the rewriter module in the Clientless SSL VPN component on Cisco Adaptive Security Appliances ASA devices allows remote authenticated users to cause a denial of service device reload by accessing resources within multiple sessions, aka Bug ID CSCub5899...
CVE-2013-1194
The ISAKMP implementation on Cisco Adaptive Security Appliances ASA devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708...
Cisco ASA Software VPN Group Enumeration Vulnerability
A vulnerability in the Internet Security Association and Key Management Protocol ISAKMP implementation in Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to enumerate remote access VPN groups configured in a Cisco ASA device. The vulnerability is due...
CentOS 5 : java-1.7.0-openjdk (CESA-2013:0752)
Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
RHEL 6 : java-1.7.0-openjdk (RHSA-2013:0751)
Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
Important: Red Hat Security Advisory: java-1.7.0-openjdk security update
Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
Linux Kernel多个本地安全绕过漏洞
BUGTRAQ ID: 59052 Linux Kernel是Linux操作系统的内核。 Linux kernel存在多个安全绕过漏洞,攻击者可利用这些漏洞绕过某些安全限制并执行未授权操作。 0 Linux kernel 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.kernel.org/ define GNUSOURCE include unistd.h include sched.h include sys/types.h include sys/wait.h include fcntl.h includ...
Microsoft LSASS Authentication Process Integer Overflow (MS09-059; CVE-2009-2524) - high confidence
An elevation of privilege vulnerability has been discovered in the Microsoft Windows Local Security Authority Subsystem Service LSASS. The vulnerability is due to the Windows NTLM implementation in LSASS improper handling of malformed packets during NTLM authentication. A remote attacker could...
Fedora Update for openstack-keystone FEDORA-2013-4590
Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2013-4590 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Ubuntu: Security Advisory (USN-1792-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Local file disclosure when running on Windows - ownCloud
Due to not rejecting "" as path separator in all ownCloud versions prior to 5.0.4 including the 4.x branch an authenticated remote attacker is able to download arbitrary files from the server when running under Windows. This vulnerability exists inside our used DAV implementation "SabreDAV" and...
Directory traversal
Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c readconfig implementation that loads the contents of the .pangorc file in the user's home directory, and the file referenced by the PANGORCFILE environment variable, which allows attackers to bypass intended access restrictions...
Fedora Update for bind FEDORA-2013-4525
Check for the Version of bind OpenVAS Vulnerability Test Fedora Update for bind FEDORA-2013-4525 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Mozilla SeaMonkey Multiple Vulnerabilities -01 (Apr 2013) - Windows
Mozilla SeaMonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scripttagname:"impact",...
Bernard guestbook 4. 1 official version upload vulnerability-vulnerability warning-the black bar safety net
Bernard guestbook 4. 1 official version,post a comment upload attachments can upload directly the ASP implementation file. 'If Action="addsave" Then KeywordsFilterFilterKeyWord Dim RequestU,intCount,i,formName,FileSavePath,FileSaveName,uploadsDirVar RelatePath="" FileSavePath="./...
Design/Logic Flaw
The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to 1 write to a read-only share; 2 trigger...
Code injection
The IOUSBDeviceFamily driver in the USB implementation in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 accesses pipe object pointers that originated in userspace, which allows local users to gain privileges via crafted code...