Sharp Zaurus SL-5500 upgrade ROM v3.1 - serious Samba issue

The Sharp Zaurus is a linux-based PDA running Embedix. In the May version of the Sharp Zaurus newsletter, version 3.1 of the flash ROM was announced with various new versions of software and added OS functionality. The linux kernel went from 2.4.6 to 2.4.18. The Zaurus docking station comes with ...

Important: Red Hat Security Advisory: : New kernel 2.2 packages fix vulnerabilities

Updated kernel packages for Red Hat Linux 6.2 and 7.0 are now available that fix several security vulnerabilities. The Linux kernel handles the basic functions of the operating system. A bug in the kernel module loader code allows a local user to gain root privileges. The Common Vulnerabilities a...

CVE-2003-0019

umlnet in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode...

CVE-2003-0001

Multiple ethernet Network Interface Card NIC device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak...

Etherleak: Ethernet frame padding information leakage (A010603-1)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Etherleak: Ethernet frame padding information leakage Release Date: 01/06/2003 Application: Ethernet device driver software Platform: Multiple Severity: Information disclosure Authors: Ofir...

Network device drivers reuse old frame buffer data to pad packets

Overview Many network device drivers reuse old frame buffer data to pad packets, resulting in an information leakage vulnerability that may allow remote attackers to harvest sensitive information from affected devices. Description The Ethernet standard IEEE 802.3 specifies a minimum data field si...

CVE-2002-1976

ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKETMRPROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap...

Oracle Database tnslsnr Service Remote Version Disclosure

The remote host is running the Oracle tnslsnr service, a network interface to Oracle databases. This product allows a remote user to determine the presence and version number of a given Oracle installation. oracletnslsnrversion - NASL script to do a TNS VERSION command against the Oracle tnslsnr...

CVE-2000-0873

netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities...