5115 matches found
Oracle Linux 5 : Important:kernel (ELSA-2007-0940)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0940 advisory. 2.6.18-8.1.15.0.1.el5 - Fix bonding primary=ethX Bert Barbe IT 101532 ORA 5136660 - Add entropy module option to e1000/bnx2 John Sobecki ORA 6045759...
Oracle Linux 4 : libgtop2 (ELSA-2007-0765)
From Red Hat Security Advisory 2007:0765 : An updated libgtop2 package that fixes a security issue and a functionality bug is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The libgtop2 package...
DEBIAN-CVE-2013-1981
Multiple integer overflows in X.org libX11 1.5.99.901 1.6 RC1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the 1 XQueryFont, 2 XF86BigfontQueryFont, 3 XListFontsWithInfo, 4 XGetMotionEvents, 5 XListHosts, 6...
How to Manually Seed a Replica
Purpose Under certain circumstances, the seeding function used by a Replication job may not function correctly. If this occurs, an alternate seeding method is to manually pre-create the replica from a backup and then use the mapping function of the Replication job to map to that restored VM...
apache-cxf: Bypass of security constraints on WS endpoints when using WSS4JInInterceptor
The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request...
CVE-2013-2596
Integer overflow in the fbmmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges,...
CVE-2013-2596
Integer overflow in the fbmmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges,...
CVE-2013-2596
Integer overflow in the fbmmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges,...
CVE-2013-2596
Integer overflow in the fbmmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges,...
PT-2013-3853 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 3.8.9 Description: The issue allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls. This i...
apache-cxf: Bypass of security constraints on WS endpoints when using WSS4JInInterceptor
The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request...
apache-cxf: Bypass of security constraints on WS endpoints when using WSS4JInInterceptor
The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request...
Linux Kernel 3.0 < 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation
/ source: https://www.securityfocus.com/bid/58478/info Linux kernel is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain kernel privileges, which will aid in further attacks. / / clown-newuser.c -- CLONENEWUSER kernel root PoC Dedicated to: Locke...
[zANTI] The Power of Backtrack on your Android
Android Network Toolkit also known as zANTI is the most comprehensive and refined pentest tool for android by Zimperium. Zimperium is founded by white hat hacker Itzhack ‘Zuk’ Avraham and also have Kevin Mitnick on there team! They also had recently held the Pentester’s WorldCup. zAnti still come...
apache-cxf: Bypass of security constraints on WS endpoints when using WSS4JInInterceptor
The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request...
apache-cxf: Bypass of security constraints on WS endpoints when using WSS4JInInterceptor
The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request...
DEBIAN-CVE-2013-0208
The boot-from-volume feature in OpenStack Compute Nova Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the blockdevicemapping parameter...
CVE-2013-0208
The boot-from-volume feature in OpenStack Compute Nova Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the blockdevicemapping parameter...
openstack-nova: Boot from volume allows access to random volumes
The boot-from-volume feature in OpenStack Compute Nova Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the blockdevicemapping parameter...
SuSE 11.2 Security Update : Xen (SAT Patch Number 7018)
XEN was updated to fix various bugs and security issues : The following security issues have been fixed : - xen: Domain builder Out-of-memory due to malicious kernel/ramdisk XSA 25. CVE-2012-4544 - XEN / qemu: guest administrator can access qemu monitor console XSA-19. CVE-2012-4411 - xen: Timer...