Code injection

conntrackd in conntrack-tools 1.4.2 and earlier does not ensure that the optional kernel modules are loaded before using them, which allows remote attackers to cause a denial of service crash via a 1 DCCP, 2 SCTP, or 3 ICMPv6 packet...

CVE-2015-6496

CVE-2015-6496 affects conntrackd in conntrack-tools 1.4.2 and earlier, where optional kernel modules may not be loaded before use. This can crash the daemon (denial of service) when processing DCCP, SCTP, or ICMPv6 traffic. Public advisories and vendor updates document the fix in newer packages (...

RedHat Update for pam RHSA-2015:1640-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 6 / 7 : pam (RHSA-2015:1640)

An updated pam package that fixes one security issue is now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

Moderate: Red Hat Security Advisory: pam security update

An updated pam package that fixes one security issue is now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

pam security update

CentOS Errata and Security Advisory CESA-2015:1640 An updated pam package that fixes one security issue is now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

FTP Commander 8.02 - Overwrite (SEH)

FTP Commander 8.02 - Overwrite SEH Exploit Title: FTP Commander 'Costum Command' SEH Over-WriteBuffer Overflow. Date: 8/17/2015 Exploit Author: UnN0n Software Vendor : http://www.internet-soft.com/ Software Link: http://www.internet-soft.com/ftpcomm.htm Version: 8.02 Tested on: Windows 7 x3232 BI...

OpenSSH PAM Support Remote Code Execution Vulnerability

OpenSSH OpenBSD Secure Shell is a set of connection tools for secure access to remote computers maintained by the OpenBSD Project Group. The tools are an open source implementation of the SSH protocol and support encryption of all transmissions, effectively blocking eavesdropping, connection...

PT-2015-3449 · Openssh +5 · Openssh +5

Name of the Vulnerable Software and Affected Versions: OpenSSH versions prior to 7.0 Description: The issue is related to a use-after-free vulnerability in the mm answer pam free ctx function in monitor.c in sshd. This vulnerability might allow local users to gain privileges by leveraging control...

http-drupal-enum NSE Script

Enumerates the installed Drupal modules/themes by using a list of known modules and themes. The script works by iterating over module/theme names and requesting MODULEPATH/MODULENAME/LICENSE.txt for modules and THEMEPATH/THEMENAME/LICENSE.txt. MODULEPATH/THEMEPATH which is either provided by the...

Android 'Serialization' Vulnerability Affects 55 Percent of Devices

Google has patched a severe Android vulnerability that researchers at IBM said impacts more than 55 percent of devices. As with most Android vulnerabilities, users are reliant on handset makers and carriers to push patches downstream to devices, something they’ve not always been diligent about. I...

Object Scanning System: Laika BOSS

Laika is an object scanner and intrusion detection system that strives to achieve the following goals: Scalable Work across multiple systems High volume of input from many sources Flexible Modular architecture Highly configurable dispatching and dispositioning logic Tactical code insertion withou...

SUSE-SU-2015:1445-1 Security update for busybox

-The following issues are fixed by this update: CVE-2014-9645: do not allow / in module names to avoid loading bad modules bnc914660...

[SECURITY] Fedora 22 Update: drupal7-migrate-2.8-1.fc22

The migrate module provides a flexible framework for migrating content into Drupal from other sources e.g., when converting a web site from another CMS to Drupal. Out-of-the-box, support for creating core Drupal objects such as nodes, users, files, terms, and comments are included - it can easily...

SIMP - System Integrity Management Platform

SIMP is a framework that aims to provide a reasonable combination of security compliance and operational flexibility. The ultimate goal of the project is to provide a complete management environment focused on compliance with the various profiles in the SCAP Security Guide Project and industry be...

SUSE-SU-2015:1602-1 Security update for python modules

This update for several python modules provides the following security fix and improvements. - python-keystonemiddleware: + Fix s3token middleware parsing insecure option bsc928205, CVE-2015-1852 - python-novaclient: + Update novaclient shell to use shared arguments from Session bnc933758 + Suppo...

[SECURITY] Fedora 21 Update: drupal7-feeds-2.0-0.12.alpha9.fc21

Import or aggregate data as nodes, users, taxonomy terms or simple database records. This package provides the following Drupal modules: feeds feedsimport feedsnews requires drupal7-features and drupal7-views feedsui...

Linux-PAM '_unix_run_helper_binary()' function denial of service vulnerability

Linux-PAM also known as PAM is an authentication mechanism for use in the Linux platform that gives system administrators the freedom to choose the authentication mechanism used by an application by providing a number of dynamically linked libraries and a set of unified APIs. A denial-of-service...

[SECURITY] Fedora 21 Update: ansible-1.9.2-1.fc21

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

[SECURITY] Fedora 22 Update: ansible-1.9.2-1.fc22

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...