5122 matches found
Advanced Man In The Middle Framework: Xerosploit
Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for penetration testing purposes. It brings various modules together that will help you perform very efficient attacks. You can also use it to perform denial of service attacks and port scanning. Powere...
Security update for postgresql94 (important)
This update for postgresql94 fixes the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...
Security update for postgresql96 (important)
This update for postgresql96 fixes the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...
SUSE-SU-2017:2356-1 Security update for postgresql96
This update for postgresql96 fixes the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...
SUSE-SU-2017:2355-1 Security update for postgresql94
This update for postgresql94 fixes the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...
Security update for postgresql93 (important)
Postgresql93 was updated to 9.3.18 to fix the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...
MGASA-2017-0316 Updated postgresql9.3/4/6 packages fix security vulnerabilities
libpq, and by extension any connection driver that utilizes libpq, ignores empty passwords and does not transmit them to the server. When using libpq or a libpq-based connection driver to perform password-based authentication methods, it would appear that setting an empty password would be the...
postgresql security update
CentOS Errata and Security Advisory CESA-2017:1983 An update for postgresql is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...
SUSE-SU-2017:2236-1 Security update for postgresql93
Postgresql93 was updated to 9.3.18 to fix the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...
CVE-2017-12592
ASUS DSL-N10S V2.1.16APAC devices have a privilege escalation vulnerability. A normal user can escalate its privilege and perform administrative actions. There is no mapping of users with their privileges...
Privilege escalation
ASUS DSL-N10S V2.1.16APAC devices have a privilege escalation vulnerability. A normal user can escalate its privilege and perform administrative actions. There is no mapping of users with their privileges...
linux: Fix Xen block IO merge-ability calculation
ISSUE DESCRIPTION The block layer in Linux may choose to merge adjacent block IO requests. When Linux is running as a Xen guest, the default merging algorithm is replaced with a Xen-specific one. When Linux is running as an x86 PV guest, some BIO's are erroneously merged, corrupting the data stre...
Debian DLA-1051-1 : postgresql-9.1 security update
Several vulnerabilities have been found in the PostgreSQL database system : CVE-2017-7486 Andrew Wheelwright discovered that user mappings were insufficiently restricted. CVE-2017-7546 In some authentication methods empty passwords were accepted. CVE-2017-7547 User mappings could leak data to...
VirtualBox: Windows Process DLL UNC Path Signature Bypass EoP(CVE-2017-10129)
VirtualBox: Windows Process DLL UNC Path Signature Bypass EoP Platform: VirtualBox v5.1.22 r115126 x64 Tested on Windows 10 Class: Elevation of Privilege Summary: The process hardening implemented by the VirtualBox driver can be circumvented to load arbitrary code inside a VirtualBox process givi...
VirtualBox 5.1.22 - Windows Process DLL UNC Path Signature Bypass Privilege Escalation
VirtualBox 5.1.22 - Windows Process DLL UNC Path Signature Bypass Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1296 VirtualBox: Windows Process DLL UNC Path Signature Bypass EoP Platform: VirtualBox v5.1.22 r115126 x64 Tested on Windows 10 Class: Elevatio...
Moderate: Red Hat Security Advisory: rh-postgresql95-postgresql security update
An update for rh-postgresql95-postgresql is now available for Red Hat Satellite 5.8 and Red Hat Satellite 5.8 ELS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
Denial Of Service (DoS) Through Resource Consumption
Moodle is vulnerable to denial of service DoS attacks. The script used when geo-mapping an IP address was accessible by attackers, by requesting the calculation of an estimated latitude and longitude for an IP, attackers are able to consume all the resources...
Smart Vacuum Cleaners Making Map Of Your Home — And Wants to Sell It
What if I say that your cute, smart robotic vacuum cleaner is collecting data than just dirt? During an interview with Reuters, the CEO of iRobot, the company which manufactured Roomba device, has revealed that the robotic vacuum cleaner also builds a map of your home while cleaning — and is now...
One or More Networks Mapped to the same cloud network
Challenge A Replication job targeting Cloud Hosts completes with the following warning: One or more source networks were possibly mapped onto the same cloud network. Simultaneous partial failovers of VMs residing on those networks may result in issues. Cause This warning is displayed when the...
The vulnerability of Xen hypervisors allows a malicious actor to gain privileged access to the host.
The vulnerability of Xen hypervisors is related to insufficient checking of memory distribution during P2M operations. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain privileged access to the host from the guest operating system...