[slackware-security] glibc

New glibc packages are available for Slackware 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/glibc-2.15-i486-8slack14.0.txz: Rebuilt. Patched to fix integer overflows in pvalloc, valloc, and...

HP Data Protector CRS Opcode 234 Stack Buffer Overflow (CVE-2013-2326)

A buffer overflow has been reported in HP Data Protector. The vulnerability exists in the Cell Request Service crs.exe, which listens on a randomly chosen port. The application fails to sanitize input with opcode 234, which can result in a stack buffer overflow. A remote, unauthenticated attacker...

HP Data Protector CRS Opcode 211 Stack Buffer Overflow

Added: 07/24/2013 CVE: CVE-2013-2333 BID: 60309 OSVDB: 93867 Background HP Data Protector is an automated data backup solution. Problem A buffer overflow vulnerability in crs.exe when handling requests with opcode 211 allows remote attackers to execute arbitrary commands. Resolution Apply a patch...

HP Data Protector CRS Opcode 305 Stack Buffer Overflow (CVE-2013-2330)

A stack buffer overflow has been reported in HP Data Protector. The vulnerability is in the Cell Request service, which listens on a randomly chosen port. The application fails to sanitize input with opcode 305, which can result in a stack-based buffer overflow. A remote, unauthenticated attacker...

Oracle Linux 6 : kernel (ELSA-2013-0496)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0496 advisory. - virt xen: Fix stack corruption in xenfailsafecallback for 32bit PVOPS guests Andrew Jones 896050 CVE-2013-0190 - block sgio: use different default...

HP Data Protector opcode 259 buffer overflow

Added: 07/09/2013 CVE: CVE-2013-2329 BID: 60304 OSVDB: 93863 Background HP Data Protector is an automated data backup solution. Problem A buffer overflow vulnerability when handling requests with opcode 259 allows remote attackers to execute arbitrary commands. Resolution Apply a patch referenced...

HP Data Protector opcode 259 buffer overflow

Added: 07/09/2013 CVE: CVE-2013-2329 BID: 60304 OSVDB: 93863 Background HP Data Protector is an automated data backup solution. Problem A buffer overflow vulnerability when handling requests with opcode 259 allows remote attackers to execute arbitrary commands. Resolution Apply a patch referenced...

HP Data Protector opcode 259 buffer overflow

Added: 07/09/2013 CVE: CVE-2013-2329 BID: 60304 OSVDB: 93863 Background HP Data Protector is an automated data backup solution. Problem A buffer overflow vulnerability when handling requests with opcode 259 allows remote attackers to execute arbitrary commands. Resolution Apply a patch referenced...

Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 211 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcode 211, the...

Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 234 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcode 234, the...

Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 1091 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcode 1091, the...

Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 1092 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcode 1092, the...

Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 305 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcode 305, the...

Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 259 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcode 259, the...

Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 235 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcode 235, the...

[ShellNoob v1.0] Shellcode Writing Toolkit

ShellNoob is a writing toolkit, that helps you to writting some shellcodes, converting to different formats, resolving some boring steps. Features: convert shellcode between different formats currently supported: asm, bin, hex, obj, exe, C, python, ruby, pretty interactive opcode-to-binary...

EMC AlphaStor Device Manager Buffer Overflow (CVE-2013-0930)

A stack-based buffer overflow vulnerability has been reported in EMC AlphaStor Device Manager. The vulnerability is due to a lack of boundary checking when processing certain opcode messages in rrobotd.exe. Unauthenticated attackers can exploit this vulnerability to execute arbitrary code in the...

Oracle Linux 6 kernel security and bugfix update

2.6.32-358.el6 - fs Fix sget race with failing mount Eric Sandeen 883276 2.6.32-357.el6 - virt xen: Fix stack corruption in xenfailsafecallback for 32bit PVOPS guests Andrew Jones 896050 CVE-2013-0190 - block sgio: use different default filters for each device class Paolo Bonzini 875361...

Unbreakable Enterprise kernel security and bug fix update

2.6.39-400.17.1 - This is a fix on dlmcleanmasterlist Xiaowei.Hu - RDS: fix rds-ping spinlock recursion jeff.liu Orabug: 16223050 - vhost: fix length for cross region descriptor Michael S. Tsirkin Orabug: 16387183 CVE-2013-0311 - kabifix: block/scsi: Allow request and error handling timeouts to b...

kernel security and bug fix update

2.6.32-279.22.1 - virt kvm: invalid opcode oops on SETSREGS with OSXSAVE bit set Petr Matousek 862903 862904 CVE-2012-4461 - fs fuse: optimize fusedirectio Brian Foster 865305 858850 - fs fuse: optimize fusegetuserpages Brian Foster 865305 858850 - fs fuse: use getuserpagesfast Brian Foster 86530...