Lucene search
+L

604 matches found

Oracle linux
Oracle linux
added 2014/08/22 12:0 a.m.66 views

Unbreakable Enterprise kernel security and bug fix update

kernel-uek 3.8.13-44 - net: Use netlinknscapable to verify the permisions of netlink messages Eric W. Biederman Orabug: 19404229 CVE-2014-0181 - net: Add variants of capable for use on netlink messages Eric W. Biederman Orabug: 19404229 - net: Add variants of capable for use on on sockets Eric W...

6.9CVSS7.8AI score0.10209EPSS
Exploits17
RedHat Linux
RedHat Linux
added 2014/08/06 3:49 p.m.4 views

kernel: net: pppol2tp: level handling in pppol2tp_[s,g]etsockopt()

A flaw was found in the way the pppol2tpsetsockopt and pppol2tpgetsockopt functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOLPPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system...

6.9CVSS6.6AI score0.02103EPSS
Exploits6References4
OpenVAS
OpenVAS
added 2014/07/28 12:0 a.m.49 views

RedHat Update for kernel RHSA-2014:0923-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.1AI score0.02324EPSS
Exploits12References2
Cent OS
Cent OS
added 2014/07/25 1:22 p.m.82 views

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2014:0923 Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...

6.9CVSS6.5AI score0.02324EPSS
Exploits12References7
Tenable Nessus
Tenable Nessus
added 2014/07/25 12:0 a.m.255 views

Oracle Linux 7 : unbreakable enterprise kernel (ELSA-2014-3049)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3049 advisory. - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229497 CVE-2014-4943 CVE-2014-4943 - ptrace,x86: force IRET path...

7.1CVSS6.9AI score0.09408EPSS
Exploits13References4
Tenable Nessus
Tenable Nessus
added 2014/07/24 12:0 a.m.40 views

Oracle Linux 7 : kernel (ELSA-2014-0923)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0923 advisory. - net l2tpppp: fail when socket option level is not SOLPPPOL2TP Petr Matousek 1119465 1119466 CVE-2014-4943 Tenable has extracted the preceding...

6.9CVSS6.8AI score0.02324EPSS
Exploits12References3
RedHat Linux
RedHat Linux
added 2014/07/23 4:4 p.m.53 views

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

6.9CVSS6.5AI score0.02324EPSS
Exploits12References3
Oracle linux
Oracle linux
added 2014/07/23 12:0 a.m.60 views

unbreakable enterprise kernel security update

kernel-uek 3.8.13-35.3.2.el7uek - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229497 CVE-2014-4943 CVE-2014-4943 - ptrace,x86: force IRET path after a ptracestop Tejun Heo Orabug: 19230689 CVE-2014-4699 - net: flowdissector: fail on evil iph-ihl Jason Wang...

7.1CVSS1.9AI score0.09408EPSS
Exploits13
securityvulns
securityvulns
added 2014/07/21 12:0 a.m.92 views

[USN-2289-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-2289-1 July 17, 2014 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

6.9CVSS0.1AI score0.08103EPSS
Exploits12
securityvulns
securityvulns
added 2014/07/21 12:0 a.m.88 views

[oss-security] CVE-2014-4943: Linux privilege escalation in ppp over l2tp sockets

CVE-2014-4943 is a flaw in the Linux kernel allowing an unprivileged user to escalate to kernel privilege when CONFIGPPPOL2TP is enabled. If built as a module, a work-around to limit this to just the root user would be to add this to /etc/modprobe.conf: alias pppox-proto-1 off blacklist l2tpppp...

6.9CVSS2.1AI score0.02103EPSS
Exploits6
OpenVAS
OpenVAS
added 2014/07/21 12:0 a.m.27 views

Ubuntu: Security Advisory (USN-2288-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.5AI score0.08103EPSS
Exploits11References2
OpenVAS
OpenVAS
added 2014/07/21 12:0 a.m.45 views

Ubuntu: Security Advisory (USN-2290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.5AI score0.08103EPSS
Exploits11References2
OpenVAS
OpenVAS
added 2014/07/21 12:0 a.m.51 views

Ubuntu: Security Advisory (USN-2285-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.2AI score0.03303EPSS
Exploits14References2
OpenVAS
OpenVAS
added 2014/07/21 12:0 a.m.48 views

Ubuntu: Security Advisory (USN-2287-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.3AI score0.08103EPSS
Exploits12References2
OpenVAS
OpenVAS
added 2014/07/21 12:0 a.m.36 views

Ubuntu: Security Advisory (USN-2282-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.3AI score0.02103EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2014/07/20 12:0 a.m.43 views

Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3047)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3047 advisory. - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229505 CVE-2014-4943 CVE-2014-4943 Tenable has extracted the...

6.9CVSS6.9AI score0.02324EPSS
Exploits12References3
Tenable Nessus
Tenable Nessus
added 2014/07/20 12:0 a.m.38 views

Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3048)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3048 advisory. - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229529 CVE-2014-4943 CVE-2014-4943 Tenable has extracted the...

6.9CVSS6.9AI score0.02324EPSS
Exploits12References3
Debian CVE
Debian CVE
added 2014/07/19 7:0 p.m.45 views

CVE-2014-4943

The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket...

6.9CVSS6.8AI score0.02103EPSS
Exploits6
Oracle linux
Oracle linux
added 2014/07/18 12:0 a.m.55 views

unbreakable enterprise kernel security update

kernel-uek 2.6.32-400.36.4uek - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229529 CVE-2014-4943 CVE-2014-4943 - ptrace,x86: force IRET path after a ptracestop Tejun Heo Orabug: 19230692 CVE-2014-4699...

6.9CVSS1.8AI score0.02324EPSS
Exploits12
Ubuntu
Ubuntu
added 2014/07/17 1:33 a.m.93 views

USN-2290-1: Linux kernel vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...

6.9CVSS7.1AI score0.08103EPSS
Exploits11
Rows per page
Query Builder