2808 matches found
USN-1972-1: Linux kernel vulnerabilities
Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A failure to validate block numbers was discovered in the Linux kernel's implementation of th...
USN-1970-1: Linux kernel (Quantal HWE) vulnerabilities
Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A failure to validate block numbers was discovered in the Linux kernel's implementation of th...
CVE-2013-4350
The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network...
CVE-2013-4350
The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network...
Code injection
The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network...
CVE-2013-4350
The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network...
CVE-2013-4350
CVE-2013-4350 affects the Linux kernel IPv6 SCTP code (net/sctp/ipv6.c) up to version 3.11.1. The vulnerability arises because the data structures and function calls fail to trigger an intended IPsec encryption configuration, enabling remote attackers to sniff traffic and obtain sensitive informa...
CVE-2013-4350
The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network...
CVE-2013-4350
The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network...
CVE-2013-1028
The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid Auth is used, does not verify X.509 certificates from security gateways, which allows man-in-the-middle attackers to spoof security gateways and obtain sensitive information via a crafted certificate...
Information disclosure
The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid Auth is used, does not verify X.509 certificates from security gateways, which allows man-in-the-middle attackers to spoof security gateways and obtain sensitive information via a crafted certificate...
CVE-2013-1028
The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid Auth is used, does not verify X.509 certificates from security gateways, which allows man-in-the-middle attackers to spoof security gateways and obtain sensitive information via a crafted certificate...
CVE-2013-1028
Apple Mac OS X before 10.8.5 is affected by CVE-2013-1028 in its IPSec implementation when Hybrid Auth is used: X.509 certificates from security gateways are not verified, enabling MITM attackers to spoof gateways and exfiltrate data via crafted certificates. The OpenVAS/NVD entries confirm the i...
Apple Mac OS X 'IPSec Hybrid Auth' 服务器证书安全绕过漏洞(CVE-2013-1028)
BUGTRAQ ID: 62371 CVECAN ID: CVE-2013-1028 Apple Mac OS X是苹果电脑操作系统软件。 Mac OS X 10.8 - 10.8.4存在安全漏洞,攻击者可以截获IPSec Hybrid Auth所保护的数据。IPSec Hybrid Auth服务器的DNS名称没有匹配证书,可使具有任何服务器证书的攻击者利用此漏洞模拟其他服务器。 0 Apple Mac OS X 10.8 - 10.8.4 Apple Mac OS X 厂商补丁: Apple ----- Apple已经为此发布了一个安全公告(HT5880)以及相应补丁:...
Mac OS X 10.8 < 10.8.5 Multiple Vulnerabilities (Security Update 2013-004)
Binary data 8008.prm...
Mac OS X 10.8.x < 10.8.5 Multiple Vulnerabilities
The remote host is running a version of Mac OS X 10.8.x that is prior to 10.8.5. The newer version contains multiple security-related fixes for the following components : - Apache - Bind - Certificate Trust Policy - CoreGraphics - ImageIO - Installer - IPSec - Kernel - Mobile Device Management -...
Ubuntu Update for linux USN-1944-1
Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN19441.nasl 8448 2018-01-17 16:18:06Z teissa $ Ubuntu Update for linux USN-1944-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; y...
Ubuntu Update for linux-ti-omap4 USN-1945-1
Check for the Version of linux-ti-omap4 OpenVAS Vulnerability Test $Id: gbubuntuUSN19451.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for linux-ti-omap4 USN-1945-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is...
Ubuntu Update for linux-lts-quantal USN-1947-1
Check for the Version of linux-lts-quantal OpenVAS Vulnerability Test $Id: gbubuntuUSN19471.nasl 8672 2018-02-05 16:39:18Z teissa $ Ubuntu Update for linux-lts-quantal USN-1947-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu Update for linux USN-1941-1
Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN19411.nasl 8456 2018-01-18 06:58:40Z teissa $ Ubuntu Update for linux USN-1941-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; y...