12 matches found
EUVD-2017-15407
Malware in sbrugna...
AZL-26793 CVE-2023-28320 affecting package curl for versions less than 8.2.1-1
A denial of service vulnerability exists in curl v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using alarm and siglongjmp. When doi...
CentOS 7 : sssd (CESA-2017:3379)
An update for sssd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
libipa_hbac, libsss_autofs, libsss_certmap, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, libsss_sudo, python, sssd security update
CentOS Errata and Security Advisory CESA-2017:3379 An update for sssd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CVE-2017-6346
Race condition in net/packet/afpacket.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service use-after-free or possibly have unspecified other impact via a multithreaded application that makes PACKETFANOUT setsockopt system calls...
Vulnerability in OpenSSL - SSL_MODE_RELEASE_BUFFERS session injection or denial of service
A race condition in the ssl3readbytes function can allow remote attackers to inject data across sessions or cause a denial of service. This flaw only affects multithreaded applications using OpenSSL 1.0.0 and 1.0.1, where SSLMODERELEASEBUFFERS is enabled, which is not the default and not common...
Scientific Linux Security Update : openssl on SL6.x i386/x86_64
A race condition flaw has been found in the OpenSSL TLS server extension parsing code, which could affect some multithreaded OpenSSL applications. Under certain specific conditions, it may be possible for a remote attacker to trigger this race condition and cause such an application to crash, or...
RHEL 6 : openssl (RHSA-2010:0888)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2010:0888 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, as well as a full-strength,...
Moderate: Red Hat Security Advisory: openssl security and bug fix update
Updated OpenSSL packages that correct a security issue and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 an...
security flaw
initdev in ttyio.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly clear controlling tty's in multi-threaded applications, which allows local users to cause a denial of service crash and possibly gain tty access via unknown attack vectors that trigger an access of ...
Linux Kernel 2.0 - TCP Port Denial of Service
Linux Kernel 2.0 - TCP Port Denial of Service / source: https://www.securityfocus.com/bid/343/info It is possible to leak kernel memory and render TCP ports above 1024 unusable, locked forever in the CLOSEWAIT state in linux kernels prior to the late 2.1.x and 2.2.0pre releases. In addition to...
Linux Kernel 2.0 - TCP Port Denial of Service
/ source: https://www.securityfocus.com/bid/343/info It is possible to leak kernel memory and render TCP ports above 1024 unusable, locked forever in the CLOSEWAIT state in linux kernels prior to the late 2.1.x and 2.2.0pre releases. In addition to being intentionally exploited, unix applications...