281 matches found
[SECURITY] Fedora 28 Update: NetworkManager-1.10.12-2.fc28
NetworkManager is a system service that manages network interfaces and connections based on user or automatic configuration. It supports Ethernet, Bridge, Bond, VLAN, Team, InfiniBand, Wi-Fi, mobile broadband WWAN, PPPoE and other devices, and supports a variety of different VPN services...
[SECURITY] Fedora 29 Update: NetworkManager-1.12.4-2.fc29
NetworkManager is a system service that manages network interfaces and connections based on user or automatic configuration. It supports Ethernet, Bridge, Bond, VLAN, Team, InfiniBand, Wi-Fi, mobile broadband WWAN, PPPoE and other devices, and supports a variety of different VPN services...
FreeBSD -- Resource exhaustion in IP fragment reassembly
Problem Description: A researcher has notified us of a DoS attack applicable to another operating system. While FreeBSD may not be vulnerable to that exact attack, we have identified several places where inadequate DoS protection could allow an attacker to consume system resources. It is not...
CVE-2018-4858
A vulnerability has been identified in IEC 61850 system configurator All versions V5.80, DIGSI 5 affected as IEC 61850 system configurator is incorporated All versions V7.80, DIGSI 4 All versions V4.93, SICAM PAS/PQS All versions V8.11, SICAM PQ Analyzer All versions V3.11, SICAM SCC All versions...
Default configuration
The default configuration in Apache Cassandra 3.8 through 3.11.1 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. This issue is a regression of CVE-2015-0225. The regression was introduced in...
CVE-2018-8016
The default configuration in Apache Cassandra 3.8 through 3.11.1 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. This issue is a regression of CVE-2015-0225. The regression was introduced in...
Kuik: a simple yet annoying piece of adware
Some pieces of malware can be so simple—and yet such a pain to get rid of—especially when they start interfering with your system's configuration. This much is true for the Kuik adware program, which surprised us all by forcing affected machines to join a domain controller. The perpetrators are...
Product update: Virtuozzo Automator 7.0 Update 2 Hotfix 4 (VA MN: 7.0.2-545, VA Agent: 7.0.2-278)
This hotfix for Virtuozzo Automator 7.0.2 provides new features as well as stability and usability bug fixes. Vulnerability id: PVA-35054 VM could not be shown in the Control Center. Vulnerability id: PVA-37072 XML API returned empty list of VM templates after restart of the prl-disp service...
CVE-2017-12268
A vulnerability in the Network Access Manager NAM of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to enable multiple network adapters, aka a Dual-Homed Interface vulnerability. The vulnerability is due to insufficient NAM policy enforcement. An attacker cou...
Get the MAC Address over SNMP
This script attempts to gather the MAC address of the target via SNMP. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Stack overflow
Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be...
CVE-2017-12786
Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be...
CVE-2017-12786
The CVE-2017-12786 entry affects NoviFlow NoviWare NW400.2.6 and NoviSwitch devices. A stack-based buffer overflow in the cliengine/noviengine network interfaces can be triggered during ACL modifications, allowing remote, unauthenticated attackers to achieve privileged (root) code execution on th...
CVE-2017-12786
Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be...
MGASA-2017-0167 Updated lxc packages fix security vulnerabilities
Roman Fiedler discovered a directory traversal flaw in lxc-attach. An attacker with access to an LXC container could exploit this flaw to access files outside of the container CVE-2016-8649. Jann Horn discovered that LXC incorrectly verified permissions when creating virtual network interfaces. A...
Code injection
lxc-user-nic in Linux Containers LXC allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check...
CVE-2017-5985
lxc-user-nic in Linux Containers LXC allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check...
CVE-2017-5985
lxc-user-nic in Linux Containers LXC allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check...
CVE-2017-5985
lxc-user-nic in Linux Containers LXC allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check...
Ubuntu: Security Advisory (USN-3224-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...