CVE-2011-4087

The brparseipoptions function in net/bridge/brnetfilter.c in the Linux kernel before 2.6.39 does not properly initialize a certain data structure, which allows remote attackers to cause a denial of service by leveraging connectivity to a network interface that uses an Ethernet bridge device...

Moderate: Red Hat Security Advisory: Red Hat Enterprise MRG Grid 2.0 security, bug fix and enhancement update

Updated Grid component packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.0 for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common...

[SECURITY] Fedora 16 Update: tcptrack-1.4.2-1.fc16

tcptrack is a sniffer which displays information about TCP connections it sees on a network interface. It passively watches for connections on the network interface, keeps track of their state and displays a list of connections in a manner similar to the unix 'top' command. It displays source and...

Ubuntu 11.04 : linux vulnerabilities (USN-1193-1)

Timo Warns discovered that the GUID partition parsing routines did not correctly validate certain structures. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. CVE-2011-1577 Phil Oester discovered that the...

OpenJDK: NetworkInterface information leak (Networking, 7013969)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors relate...

OpenJDK: NetworkInterface information leak (Networking, 7013969)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors relate...

OpenJDK: NetworkInterface information leak (Networking, 7013969)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors relate...

OpenJDK: NetworkInterface information leak (Networking, 7013969)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors relate...

ArpON 2.2 released - ARP handler inspection !

ArpON 2.2 released - ARP handler inspection ! ArpON ARP handler inspection is a portable handler daemon that make ARP secure in order to avoid the Man In The Middle MITM through ARP Spoofing/Poisoning attacks. It detects and blocks also derived attacks by it for more complex attacks, as: DHCP...

CentOS 4 : kernel (CESA-2010:0936)

Updated kernel packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

kernel security update

CentOS Errata and Security Advisory CESA-2010:0936 Updated kernel packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring...

Concrete CMS 5.4.1.1 - Cross-Site Scripting / Remote Code Execution

!/usr/bin/python Concrete CMS v5.4.1.1 xss/remote code execution exploit Download: http://www.concrete5.org/ Special Zeitgeist pre release - "Moving Forward" - 15th Jan 2011 "They must find it difficult, those who take authority as the truth instead of truth as the authority"...

RedHat Update for kernel RHSA-2010:0936-01

Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2010:0936-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

RHEL 4 : kernel (RHSA-2010:0936)

Updated kernel packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

CentOS 5 : kernel (CESA-2010:0398)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

RHEL 5 : kernel (RHSA-2010:0398)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

CVE-2010-0437

CVE-2010-0437 affects the Linux kernel, specifically versions prior to 2.6.27. The vulnerability resides in ip6_dst_lookup_tail() (net/ipv6/ip6_output.c) where certain conditions involving an IPv6 TUN interface and a large number of neighbors are mishandled, allowing a remote attacker to cause a ...

kernel: ipv6: fix ip6_dst_lookup_tail() NULL pointer dereference

The ip6dstlookuptail function in net/ipv6/ip6output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service NULL pointer dereference and OOPS or...

MySQL yaSSL CertDecoder::GetName Buffer Overflow

This module exploits a stack buffer overflow in the yaSSL 1.9.8 and earlier implementation bundled with MySQL. By sending a specially crafted client certificate, an attacker can execute arbitrary code. This vulnerability is present within the CertDecoder::GetName function inside...