PT-2014-5377 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.36 Description: The issue is related to the incorrect use of macros for netdev printk and its related logging implementation in the Linux kernel. This can be exploited by remote attackers to cause a denial o...

MySQL yaSSL CertDecoder::GetName Buffer Overflow

No description provided by source. $Id: mysqlyasslgetname.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...

UML_Utilities User-Mode Linux uml_utilities 20030903 UML_Net Slip Network Interface Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12016/info The umlutilites umlnet application may permit unprivileged malicious local users to shut down the slip network interface. This is due to the program being installed setuid root by default. This vulnerability...

openSUSE Security Update : icedtea-web (openSUSE-SU-2011:0706-1)

Icedtea as included in java-160-openjdk was updated to fix several security issues : - S6213702, CVE-2011-0872: so non-blocking sockets with TCP urgent disabled get still selected for read ops win - S6618658, CVE-2011-0865: Vulnerability in deserialization - S7012520, CVE-2011-0815: Heap overflow...

Scientific Linux Security Update : libvirt on SL6.x i386/x86_64 (20140527)

It was found that libvirt passes the XMLPARSENOENT flag when parsing XML documents using the libxml2 library, in which case all XML entities in the parsed documents are expanded. A user able to force libvirtd to parse an XML document with an entity pointing to a special file that blocks on read...

SAProuter Detection

The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

SAProuter Remote Authentication Bypass Vulnerability

SAProuter is prone to an authentication-bypass vulnerability. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

Sophos Web Protection Appliance Interface - (Authenticated) Arbitrary Command Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Sophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution', 'Description' = %q This module takes advantage ...

Sophos Web Protection Appliance Command Execution Exploit

This Metasploit module takes advantage of two vulnerabilities in order to gain remote code execution as root as an otherwise non-privileged authorized user. By taking advantage of a mass assignment vulnerability that allows an unprivileged authenticated user to change the administrator's password...

Sophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution

This module takes advantage of two vulnerabilities in order to gain remote code execution as root as an otherwise non-privileged authorized user. By taking advantage of a mass assignment vulnerability that allows an unprivileged authenticated user to change the administrator's password hash, the...

Sophos Web Appliance Privilege Escalation and Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sophos Web Appliance. Authentication is required to exploit this vulnerability. The specific flaws exist within the changepassword and netinterface functions of the web appliance. The first flaw wi...

[Nsdtool] Toolset of scripts used to detect netgear switches in local networks

Nsdtool is a toolset of scripts used to detect netgear switches in local networks. The tool contains some extra features like bruteforce and setting a new password. Netgear has its own protocol called NSDP Netgear Switch Discovery Protocol, which is implemented to support security tests on the...

[Nield v0.5.0] Network Interface Events Logging Daemon

nieldNetwork Interface Events Logging Daemon is a tool that receives notifications from the kernel through the netlink socket, and generates logs related to interfaces, neighbor cache ARP,NDP, IP address IPv4,IPv6, routing, FIB rules, traffic control.It can be configured using command-line option...

AIX 7.1 TL 1 : bos.net.tcp.client (U843468)

The remote host is missing AIX PTF U843468, which is related to the security of the package bos.net.tcp.client. AIX could allow a remote attacker to cause a denial of service, caused by an error when the TCP large send offload option is enabled on a network interface. By sending a specially craft...

CVE-2013-7093

SAP Network Interface Router SAProuter 39.3 SP4 allows remote attackers to bypass authentication and modify the configuration via unspecified vectors...

CVE-2013-6817

Heap-based buffer overflow in SAP Network Interface Router SAProuter 7.30 allows remote attackers to cause a denial of service and execute arbitrary code via crafted NI Route messages...

USN-2023-1: Linux kernel vulnerabilities

An information leak was discovered in the handling of ICMPv6 Router Advertisement RA messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service excessive retries and address-generation outage, and consequently obtain sensitive...

Debian DSA-2769-1 : kfreebsd-9 - privilege escalation/denial of service

Several vulnerabilities have been discovered in the FreeBSD kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-5691 Loganaden Velvindron and Gleb Smirnoff discovered that the...

Debian Security Advisory DSA 2769-1 (kfreebsd-9 - privilege escalation/denial of service)

Several vulnerabilities have been discovered in the FreeBSD kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-5691 Loganaden Velvindron and Gleb Smirnoff discovered that the SIOCSIFADDR...

FreeBSD : FreeBSD -- Insufficient credential checks in network ioctl(2) (4d87d357-202c-11e3-be06-000c29ee3065)

Problem Description : As is commonly the case, the IPv6 and ATM network layer ioctl request handlers are written in such a way that an unrecognized request is passed on unmodified to the link layer, which will either handle it or return an error code. Network interface drivers, however, assume th...