Lucene search
K

175 matches found

RedHat Linux
RedHat Linux
added 2016/11/03 8:8 a.m.5 views

kernel: ACPI table override allowed when securelevel is enabled

The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd...

7.4CVSS7.2AI score0.00502EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/11/03 8:6 a.m.6 views

kernel: ACPI table override allowed when securelevel is enabled

The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd...

7.4CVSS7.2AI score0.00502EPSS
Exploits1References4
OSV
OSV
added 2016/10/17 1:9 p.m.8 views

SUSE-SU-2016:2553-1 Security update for kdump

This update for kdump provides several fixes and enhancements: - Refresh kdumprd if /etc/hosts or /etc/nsswitch.conf is changed. bsc943214 - Add a separate systemd service to rebuild kdumprd at boot. bsc943214 - Improve network setup in the kdump environment by reading configuration from wicked b...

7.8CVSS7AI score0.00382EPSS
Exploits0References16
OSV
OSV
added 2016/10/07 2:59 p.m.5 views

CVE-2016-3699

The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd...

7.4CVSS8.3AI score
Exploits0References6
Slackware Linux
Slackware Linux
added 2016/08/30 1:19 a.m.43 views

[slackware-security] kernel

New kernel packages are available for Slackware 14.1 to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/linux-3.10.103/: Upgraded. A flaw was found in the implementation of the Linux kernels handling of networking challenge ack where an attacker is...

6.1AI score
Exploits2
OSV
OSV
added 2016/05/18 1:20 p.m.6 views

SUSE-SU-2016:1346-1 Security update for systemd

This update for SystemD provides fixes and enhancements. The following security issue has been fixed: - Don't allow read access to journal files to users. bsc972612, CVE-2014-9770, CVE-2015-8842 The following non-security issues have been fixed: - Restore initrd-udevadm-cleanup-db.service...

3.3CVSS4.2AI score0.0036EPSS
Exploits0References15
OpenVAS
OpenVAS
added 2016/02/02 12:0 a.m.19 views

openSUSE: Security Advisory for grub2 (openSUSE-SU-2016:0036-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS7.2AI score0.01104EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2016/01/06 10:10 p.m.40 views

Security update for grub2 (important)

Fix buffer overflows when reading username and password. bsc956631, CVE-2015-8370 - Check MS-DOS header to find PE file header. bsc954126 - Use dirname for copying Xen kernel and initrd to esp. bsc955493 - Fix reading password by grub2-mkpasswd-pbdk2 without controlling tty. bsc954519 - Add luks,...

6.9CVSS0.01104EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2016/01/06 12:0 a.m.33 views

FreeBSD : xen-tools -- libxl leak of pv kernel and initrd on error (5d1d4473-b40d-11e5-9728-002590263bf5)

The Xen Project reports : When constructing a guest which is configured to use a PV bootloader which runs as a userspace process in the toolstack domain e.g. pygrub libxl creates a mapping of the files to be used as kernel and initial ramdisk when building the guest domain. However if building th...

7.8CVSS7.9AI score0.02043EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/12/30 12:0 a.m.22 views

SUSE SLED12 / SLES12 Security Update : grub2 (SUSE-SU-2015:2387-1)

Fix buffer overflows when reading username and password. bsc956631, CVE-2015-8370 - Check MS-DOS header to find PE file header. bsc954126 - Use dirname for copying Xen kernel and initrd to esp. bsc955493 - Fix reading password by grub2-mkpasswd-pbdk2 without controlling tty. bsc954519 - Add luks,...

7.4CVSS7.4AI score0.01104EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2015/10/30 12:0 a.m.37 views

openSUSE Security Update : the Linux Kernel (openSUSE-2015-686)

The openSUSE 13.2 kernel was updated to receive various security and bugfixes. Following security bugs were fixed : - CVE-2015-3290: arch/x86/entry/entry64.S in the Linux kernel on the x8664 platform improperly relied on espfix64 during nested NMI processing, which allowed local users to gain...

7.2CVSS7AI score0.05059EPSS
Exploits5References21
OSV
OSV
added 2015/05/27 10:59 a.m.1 views

DEBIAN-CVE-2015-2666

Stack-based buffer overflow in the getmatchingmodelmicrocode function in arch/x86/kernel/cpu/microcode/intelearly.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to th...

6.9CVSS8.3AI score0.0042EPSS
Exploits0References1
Prion
Prion
added 2015/05/27 10:59 a.m.26 views

Stack overflow

Stack-based buffer overflow in the getmatchingmodelmicrocode function in arch/x86/kernel/cpu/microcode/intelearly.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to th...

6.9CVSS7.5AI score0.0042EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

Vulnerabilities in the operating system openSUSE, which allow a malicious individual to compromise the accessibility of protected information

Multiple vulnerabilities exist in the um-host-install-initrd package of the OpenSUSE operating system. Exploitation of these vulnerabilities can lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

7.8CVSS6.8AI score0.33491EPSS
Exploits32References12Affected Software2
n0where
n0where
added 2015/04/08 5:47 p.m.22 views

Booting Kali Linux Live over HTTP

The basic premise involves using the Kali Live kernel and initrd for booting, while calling the Kali root filesystem through an HTTP URI. The initial boot process can take place over the network via PXE or a minimal USB/CD – while the remote root filesystem is a squashfs image served over HTTP vi...

7.4AI score
Exploits0
OSV
OSV
added 2015/03/25 12:0 a.m.2 views

UBUNTU-CVE-2015-2666

Stack-based buffer overflow in the getmatchingmodelmicrocode function in arch/x86/kernel/cpu/microcode/intelearly.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to th...

6.9CVSS7AI score0.0042EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2015/03/25 12:0 a.m.9 views

PT-2015-5825 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.0 Description: The issue is a stack-based buffer overflow in the get matching model microcode function, located in arch/x86/kernel/cpu/microcode/intel early.c. This allows context-dependent attackers to gain...

10CVSS8.1AI score0.37679EPSS
Exploits65References357
Metasploit
Metasploit
added 2015/02/11 6:38 p.m.35 views

PXE Boot Exploit Server

This module provides a PXE server, running a DHCP and TFTP server. The default configuration loads a linux kernel and initrd into memory that reads the hard drive; placing a payload to install metsvc, disable the firewall, and add a new user metasploit on any Windows partition seen, and add a uid...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2014/10/02 12:0 a.m.28 views

PXE Exploit Server

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/proto/tftp' require 'rex/proto/dhcp' class Metasploit3 'PXE Exploit Server', 'Description' = %q This module provides a PXE server, running ...

Exploits0
Metasploit
Metasploit
added 2014/09/30 10:16 p.m.21 views

PXE Exploit Server

This module provides a PXE server, running a DHCP and TFTP server. The default configuration loads a linux kernel and initrd into memory that reads the hard drive; placing the payload on the hard drive of any Windows partition seen. Note: the displayed IP address of a target is the address this...

6.8AI score
Exploits0
Rows per page
Query Builder