kernel: ipv4: denial of service when destroying a network interface

A security flaw was found in the Linux kernel's networking subsystem that destroying the network interface with huge number of ipv4 addresses assigned keeps "rtnllock" spinlock for a very long time up to hour. This blocks many network-related operations, including creation of new incoming ssh...

Linux Memory Extractor: LiME

Linux Memory Extractor LiME formerly DMD is A Loadable Kernel Module LKM which allows for volatile memory acquisition from Linux and Linux-based devices, such as Android. This makes LiME unique as it is the first tool that allows for full memory captures on Android devices. It also minimizes its...

CVE-2016-5390

Foreman before 1.11.4 and 1.12.x before 1.12.1 allow remote authenticated users with the viewhosts permission containing a filter to obtain sensitive network interface information via a request to API routes beneath "hosts," as demonstrated by a GET request to api/v2/hosts/secrethost/interfaces...

Design/Logic Flaw

Foreman before 1.11.4 and 1.12.x before 1.12.1 allow remote authenticated users with the viewhosts permission containing a filter to obtain sensitive network interface information via a request to API routes beneath "hosts," as demonstrated by a GET request to api/v2/hosts/secrethost/interfaces...

Cross site scripting

Cross-site scripting XSS vulnerability in app/assets/javascripts/hosteditinterfaces.js in Foreman before 1.12.2 allows remote authenticated users to inject arbitrary web script or HTML via the network interface device identifier in the host interface form...

CVE-2016-5390

CVE-2016-5390 affects Foreman before 1.11.4 and 1.12.x before 1.12.1. The issue allows remote authenticated users with the view_hosts permission to exploit an information-disclosure flaw via API routes under hosts (e.g., api/v2/hosts/secrethost/interfaces) to obtain sensitive network interface in...

CVE-2016-6320

Cross-site scripting XSS vulnerability in app/assets/javascripts/hosteditinterfaces.js in Foreman before 1.12.2 allows remote authenticated users to inject arbitrary web script or HTML via the network interface device identifier in the host interface form...

CVE-2016-5390

Foreman before 1.11.4 and 1.12.x before 1.12.1 allow remote authenticated users with the viewhosts permission containing a filter to obtain sensitive network interface information via a request to API routes beneath "hosts," as demonstrated by a GET request to api/v2/hosts/secrethost/interfaces...

CVE-2016-5390

Foreman before 1.11.4 and 1.12.x before 1.12.1 allow remote authenticated users with the viewhosts permission containing a filter to obtain sensitive network interface information via a request to API routes beneath "hosts," as demonstrated by a GET request to api/v2/hosts/secrethost/interfaces...

Tactical Exploitation: WarBerryPi

The WarBerry was built with one goal in mind; to be used in red teaming engagement where we want to obtain as much information as possible in a short period of time with being as stealth as possible. Just find a network port and plug it in. The scripts have been designed in a way that the approac...

Amazon Linux: Security Advisory (ALAS-2016-694)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the FortiOS operating system, the FortiAnalyzer network interface controller, and the micro-programming software of the FortiSwitch devices allow a perpetrator to gain access to protected information.

The vulnerabilities of the FortiOS operating system, the FortiAnalyzer network interface controller, and the FortiSwitch micro-programming software are related to deficiencies in access control. Exploiting these vulnerabilities can allow a malicious actor, operating remotely, to gain access to...

How to Change Order of NICs in XenServer

Theinterface-rename is a utility included in Citrix Hypervisor 8.2 Cumulative Update 1 and XenServer 8. This utility allows for granular management of network interface cards to facilitate renaming and reordering of them from the default installed configuration. The interface-rename utility refer...

UBUNTU-CVE-2015-8568

Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service host memory consumption by trying to activate the vmxnet3 device repeatedly...

LiME - Linux Memory Extractor

A Loadable Kernel Module LKM which allows for volatile memory acquisition from Linux and Linux-based devices, such as Android. This makes LiME unique as it is the first tool that allows for full memory captures on Android devices. It also minimizes its interaction between user and kernel space...

CVE-2015-7295

hw/virtio/virtio.c in the Virtual Network Device virtio-net support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service guest network consumption via a flood of jumbo frames on the 1 tuntap or 2 macvtap interface...

Design/Logic Flaw

Telephony in Android 5.x before 5.1.1 LMY48X allows attackers to gain privileges, and consequently bypass intended network-interface restrictions, perform expensive data transfers, or cause a denial of service call-reception outage or mute manipulation, via a crafted application, aka internal bug...

CVE-2015-6614

Telephony in Android 5.x before 5.1.1 LMY48X allows attackers to gain privileges, and consequently bypass intended network-interface restrictions, perform expensive data transfers, or cause a denial of service call-reception outage or mute manipulation, via a crafted application, aka internal bug...

SOL17378 - SNMP vulnerability CVE-2015-5621

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

CVE-2014-9751

The readnetworkpacket function in ntpio.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by...