1084 matches found
Design/Logic Flaw
HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACMESERVER ACMELOGIN programs, which allows remote attackers to cause a denial of service via unspecified vectors...
CVE-2012-3277
CVE-2012-3277 affects HP OpenVMS on Itanium (V8.3, V8.3-1H1, V8.4) and Alpha (V7.3-2, V8.2, V8.3, V8.4). The issue arises from improper implementation of LOGIN and ACME_SERVER ACMELOGIN, enabling remote attackers to cause a Denial of Service via unspecified vectors. HP’s Security Bulletin HPSBOV0...
CVE-2012-3276
HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACMESERVER ACMELOGIN programs, which allows local users to cause a denial of service via unspecified vectors...
CVE-2012-3276
The CVE-2012-3276 entry affects HP OpenVMS on Itanium (8.3, 8.3-1H1, 8.4) and Alpha (7.3-2, 8.2, 8.3, 8.4). The issue is a flaw in the LOGIN and ACME_SERVER ACMELOGIN implementations that can allow a local user to cause a Denial of Service. The vulnerability is characterized as local (AV:L, AC:L)...
Scientific Linux Security Update : kernel on SL5.x i386/x86_64
These updated packages fix the following security issues : - a flaw in the hypervisor for hosts running on Itanium architectures allowed an Intel VTi domain to read arbitrary physical memory from other Intel VTi domains, which could make information available to unauthorized users. CVE-2007-6207,...
Scientific Linux Security Update : kernel on SL5.x i386/x86_64
Olaf Kirch reported a flaw in the i915 kernel driver that only affects the Intel G33 series and newer. This flaw could, potentially, lead to local privilege escalation. CVE-2008-3831, Important - Miklos Szeredi reported a missing check for files opened with OAPPEND in the syssplice. This could...
Scientific Linux Security Update : kernel on SL3.x i386/x86_64
A flaw was found in the handling of process death signals. This allowed a local user to send arbitrary signals to the suid-process executed by that user. A successful exploitation of this flaw depends on the structure of the suid-program and its signal handling. CVE-2007-3848, Important A flaw wa...
Scientific Linux Security Update : nss_ldap on SL4.x i386/x86_64
A race condition was discovered in nssldap, which affected certain applications that make LDAP connections, such as Dovecot. This could cause nssldap to answer a request for information about one user with the information about a different user. CVE-2007-5794 As well, this updated package fixes t...
Scientific Linux Security Update : sysstat on SL5.x i386/x86_64
The sysstat package contains a set of utilities which enable system monitoring of disks, network, and other I/O activity. It was found that the sysstat initscript created a temporary file in an insecure way. A local attacker could use this flaw to create arbitrary files via a symbolic link attack...
Scientific Linux Security Update : kernel on SL3.x i386/x86_64
These updated packages fix the following security issues : - the absence of a protection mechanism when attempting to access a critical section of code has been found in the Linux kernel open file descriptors control mechanism, fcntl. This could allow a local unprivileged user to simultaneously...
Scientific Linux Security Update : kernel on SL5.x i386/x86_64
Security fixes : - several flaws were found in the way the Linux kernel CIFS implementation handles Unicode strings. CIFS clients convert Unicode strings sent by a server to their local character sets, and then write those strings into memory. If a malicious server sent a long enough string, it...
Scientific Linux Security Update : kernel on SL5.x i386/x86_64
This update fixes the following security issues : - a logic error was found in the dosetlk function of the Linux kernel Network File System NFS implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS...
CVE-2012-2394
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service application crash via a 1 ICMP or 2 ICMPv6 Echo Request packet...
DEBIAN-CVE-2012-2394
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service application crash via a 1 ICMP or 2 ICMPv6 Echo Request packet...
CVE-2012-2394
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service application crash via a 1 ICMP or 2 ICMPv6 Echo Request packet...
Design/Logic Flaw
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service application crash via a 1 ICMP or 2 ICMPv6 Echo Request packet...
CVE-2012-2394
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service application crash via a 1 ICMP or 2 ICMPv6 Echo Request packet...
CVE-2012-2394
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service application crash via a 1 ICMP or 2 ICMPv6 Echo Request packet...
CVE-2012-2394
Wireshark vulnerability CVE-2012-2394 affects the SPARC/Itanium builds of Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 due to improper data alignment of a structure member, allowing remote attackers to cause a denial of service (application crash) via ICMP or ICMPv6 Echo Request packets. ...
Wireshark 1.4.x < 1.4.13 Multiple Denial of Service Vulnerabilities
The installed version of Wireshark is 1.4.x before 1.4.13. This version is affected by the following vulnerabilities : - Input validation errors exist in the dissectors for ANSI MAP, ASF, BACapp, Bluetooth HCI, IEEE 802.11, IEEE 802.3, LTP, and R3 that can allow specially crafted packets to cause...