Scientific Linux Security Update : kvm on SL5.x x86_64 (20130307)

A flaw was found in the way QEMU-KVM emulated the e1000 network interface card when the host was configured to accept jumbo network frames, and a guest using the e1000 emulated driver was not. A remote attacker could use this flaw to crash the guest or, potentially, execute arbitrary code with ro...

Important: Red Hat Security Advisory: qemu-kvm security update

Updated qemu-kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Low: Red Hat Security Advisory: dhcp security and bug fix update

Updated dhcp packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

RHEL 5 : kernel (RHSA-2010:0053)

Updated kernel packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 5.3 Extended Update Support. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, th...

CVE-2012-3001

Mutiny Standard before 4.5-1.12 allows remote attackers to execute arbitrary commands via the network-interface menu, related to a "command injection vulnerability."...

Command injection

Mutiny Standard before 4.5-1.12 allows remote attackers to execute arbitrary commands via the network-interface menu, related to a "command injection vulnerability."...

CVE-2012-3001

Mutiny Standard before 4.5-1.12 allows remote attackers to execute arbitrary commands via the network-interface menu, related to a "command injection vulnerability."...

CVE-2012-3001

Mutiny Standard before 4.5-1.12 is vulnerable to a command-injection in the network-interface menu. An authenticated attacker can trigger arbitrary commands with root privileges via the admin interface; patches exist in 4.5-1.12 or newer. This is evidenced by multiple sources (NVD, CERT, OpenVAS,...

Mutiny Technology virtual appliance command injection vulnerability

Overview The Mutiny Technology virtual appliance contains a command injection vulnerability which could allow an attacker to inject commands into the appliance. Description CWE-77: Improper Neutralization of Special Elements used in a Command 'Command Injection'The Mutiny Technology virtual...

broadcast-igmp-discovery NSE Script

Discovers targets that have IGMP Multicast memberships and grabs interesting information. The scripts works by sending IGMP Membership Query message to the 224.0.0.1 All Hosts multicast address and listening for IGMP Membership Report messages. The script then extracts all the interesting...

Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64

defaultReadObject of the Serialization API could be tricked into setting a volatile field multiple times, which could allow a remote attacker to execute arbitrary code with the privileges of the user running the applet or application. CVE-2010-3569 Race condition in the way objects were...

Scientific Linux Security Update : kernel on SL 5.0-5.4 i386/x86_64

This kernel is already in SL 5.5 This updated contains all the security and bug fixes from the 2.6.18-194.el5 kernel. In additions this update fixes the following security issues : - a flaw was found in the Unidirectional Lightweight Encapsulation ULE implementation. A remote attacker could send ...

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

These updated kernel packages fix the following security issue : A buffer overflow flaw was found in the CIFS virtual file system. A remote authenticated user could issue a request that could lead to a denial of service. CVE-2007-5904, Moderate As well, these updated packages fix the following bu...

CentOS Update for kmod-kvm CESA-2012:0051 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

eap-info NSE Script

Enumerates the authentication methods offered by an EAP Extensible Authentication Protocol authenticator for a given identity or for the anonymous identity if no argument is passed. Script Arguments eap-info.identity Identity to use for the first step of the authentication methods if omitted...

RHEL 5 : xen (RHSA-2012:0370)

Updated xen packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Important: Red Hat Security Advisory: xen security and bug fix update

Updated xen packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

DSA-2396-1 qemu-kvm - buffer underflow

Bulletin has no description...

kmod, kvm security update

CentOS Errata and Security Advisory CESA-2012:0051 Updated kvm packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores...

USN-1294-1: Linux kernel (Oneiric backport) vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit...