Oracle Linux 5 : ipsec-tools (ELSA-2009-1036)

The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2009-1036 advisory. 0.6.5-13.1 - fix nul dereference in frag code and some memory leaks 497990 Tenable has extracted the preceding description block directly from the Orac...

Oracle Linux 5 : kernel (ELSA-2008-0275)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-0275 advisory. 2.6.18-53.1.21.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki ORA 6045759 - NET Fix msi issue with kexec/kdump Michael Chan ORA 62193...

Oracle Linux 5 : ipsec-tools (ELSA-2008-0849)

The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2008-0849 advisory. 0.6.5-9.3 - fix for DoS through various memory leaks CVE-2008-3651 456660, CVE-2008-3652 458846 Tenable has extracted the preceding description block...

CVE-2013-2234

The 1 keynotifysaflush and 2 keynotifypolicyflush functions in net/key/afkey.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of ...

CVE-2013-2237

The keynotifypolicyflush function in net/key/afkey.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notifypolicy interface of an IPSec keysocket...

CVE-2013-2234

The 1 keynotifysaflush and 2 keynotifypolicyflush functions in net/key/afkey.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of ...

Design/Logic Flaw

The keynotifypolicyflush function in net/key/afkey.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notifypolicy interface of an IPSec keysocket...

CVE-2013-2234

The 1 keynotifysaflush and 2 keynotifypolicyflush functions in net/key/afkey.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of ...

CVE-2013-2237

The keynotifypolicyflush function in net/key/afkey.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notifypolicy interface of an IPSec keysocket...

CVE-2013-2237

CVE-2013-2237 affects the Linux kernel prior to 3.9. The vulnerability arises because key_notify_policy_flush in net/key/af_key.c does not initialize a certain structure member, enabling local attackers to read kernel heap memory via a broadcast message on the IPSec key_socket notify_policy inter...

CVE-2013-2237

The keynotifypolicyflush function in net/key/afkey.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notifypolicy interface of an IPSec keysocket...

CVE-2013-2234

CVE-2013-2234: In the Linux kernel (net/key/af_key.c), the functions key_notify_sa_flush and key_notify_policy_flush do not initialize certain structure members in versions before 3.10, allowing local users to read sensitive information from kernel heap memory via a broadcast message on the IPSec...

CVE-2013-2234

The 1 keynotifysaflush and 2 keynotifypolicyflush functions in net/key/afkey.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of ...

CVE-2013-2237

The keynotifypolicyflush function in net/key/afkey.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notifypolicy interface of an IPSec keysocket...

CVE-2013-2234

The 1 keynotifysaflush and 2 keynotifypolicyflush functions in net/key/afkey.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of ...

UBUNTU-CVE-2013-2237

The keynotifypolicyflush function in net/key/afkey.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notifypolicy interface of an IPSec keysocket...

Cisco IOS ISM Module for ISR G2 Authentication Header DoS

The Cisco ISM module for ISR G2 has a denial of service vulnerability. According to its self-reported IOS version, the remote device may be affected by this vulnerability. A remote, authenticated attacker could exploit this issue by sending malformed authentication header packets over an...

RedHat Update for openswan RHSA-2013:0827-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for openswan CESA-2013:0827 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for openswan CESA-2013:0827 centos5

Check for the Version of openswan OpenVAS Vulnerability Test CentOS Update for openswan CESA-2013:0827 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...