45 matches found
Vulnerability Spotlight: Epee Levin Packet Deserialization Code Execution Vulnerability
This vulnerability was discovered by Lilith of Cisco Talos. Overview The Epee library, which is leveraged by a large number of cryptocurrencies, contains an exploitable code execution vulnerability in the Levin deserialization functionality. An attacker can send a specially crafted network packet...
Epee Levin Packet Deserialization Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the Levin deserialization functionality of the epee library. A specially crafted network packet can cause a logic flaw, resulting in code execution. An attacker can send a packet to trigger this vulnerability. Tested Versions Monero...
vardi-levin.co.il XSS vulnerability
Open Bug Bounty ID: OBB-581845 Description| Value ---|--- Affected Website:| vardi-levin.co.il Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Debian DSA-2992-1 : linux - security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation : - CVE-2014-3534 Martin Schwidefsky of IBM discovered that the ptrace subsystem does not properly sanitize the psw mask value. On s390 systems, an unprivileged local user...
Important: Red Hat Security Advisory: kernel security update
Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3048)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3048 advisory. - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229529 CVE-2014-4943 CVE-2014-4943 Tenable has extracted the...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2290-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2290-1 advisory. Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could...
Ubuntu: Security Advisory (USN-2235-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2240-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2240-1 advisory. Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service syste...
Security fix for the ALT Linux 8 package openssl10 version 1.0.1h-alt1
June 5, 2014 Dmitry V. Levin 1.0.1h-alt1 - Updated to 1.0.1h fixes CVE-2014-0224, CVE-2014-022, CVE-2014-019, CVE-2014-347, and CVE-2010-5298...
Security fix for the ALT Linux 7 package openssl10 version 1.0.1h-alt1
1.0.1h-alt1 built June 5, 2014 Dmitry V. Levin in task 120905 June 5, 2014 Dmitry V. Levin - Updated to 1.0.1h fixes CVE-2014-0224, CVE-2014-022, CVE-2014-019, CVE-2014-347, and CVE-2010-5298...
Security fix for the ALT Linux 9 package gnutls30 version 2.12.23-alt2
March 5, 2014 Dmitry V. Levin 2.12.23-alt2 - Applied upstream fixes for CVE-2013-2116, CVE-2014-1959, and CVE-2014-0092...
Security fix for the ALT Linux 8 package openssl10 version 1.0.1f-alt1
Jan. 6, 2014 Dmitry V. Levin 1.0.1f-alt1 - Updated to 1.0.1f fixes CVE-2013-4353, CVE-2013-6449, and CVE-2013-6450...
Slackware Advisory SSA:2004-110-01 utempter security update
The remote host is missing an update as announced via advisory SSA:2004-110-01. OpenVAS Vulnerability Test $Id: esoftslkssa200411001.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...
Slackware: Security Advisory (SSA:2004-110-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu Update for linux-lts-backport-maverick USN-1421-1
Ubuntu Update for Linux kernel vulnerabilities USN-1421-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14211.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux-lts-backport-maverick USN-1421-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH,...
Moderate: Red Hat Security Advisory: kvm security and bug fix update
Updated kvm packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Ubuntu 6.06 LTS / 6.10 / 7.04 : tar vulnerability (USN-506-1)
Dmitry V. Levin discovered that tar did not correctly detect the '..' file path element when unpacking archives. If a user or an automated system were tricked into unpacking a specially crafted tar file, arbitrary files could be overwritten with user privileges. Note that Tenable Network Security...
gtar -- Directory traversal vulnerability
Red Hat reports: A path traversal flaw was discovered in the way GNU tar extracted archives. A malicious user could create a tar archive that could write to arbitrary files to which the user running GNU tar had write access. Red Hat credits Dmitry V. Levin for reporting the issue...
Security fix for the ALT Linux 9 package openssl10 version 0.9.7g-alt3
Oct. 11, 2005 Dmitry V. Levin 0.9.7g-alt3 - Applied upstream fix for potential SSL 2.0 rollback during SSL handshake CAN-2005-2969...