EUVD-2013-2190

Malware in sbrugna...

EUVD-2014-3518

Malware in sbrugna...

K56063421: OpenVZ vulnerability CVE-2014-3519

Security Advisory Description The openbyhandleat function in vzkernel before 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAPDACREADSEARCH capability to bypass an intended container protection mechanism and access...

SUSE CVE-2006-0038

Integer overflow in the doreplace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAPNETADMIN rights to cause a buffer overflow in the copyfromuser function...

SUSE CVE-2013-2239

vzkernel before 042stab080.2 in the OpenVZ modification for the Linux kernel 2.6.32 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via 1 a crafted ploop driver ioctl call, related to the ploopgetdeviceioc function in...

Design/Logic Flaw

The openbyhandleat function in vzkernel before 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAPDACREADSEARCH capability to bypass an intended container protection mechanism and access arbitrary files on a filesystem...

CVE-2014-3519

The CVE-2014-3519 details: OpenVZ modification for the Linux kernel 2.6.32, before 042stab090.5, with simfs, exposes open_by_handle_at in vzkernel to local container users with CAP_DAC_READ_SEARCH, bypassing container protections and enabling access to arbitrary files via file_handle-related vect...

CVE-2014-3519

The openbyhandleat function in vzkernel before 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAPDACREADSEARCH capability to bypass an intended container protection mechanism and access arbitrary files on a filesystem...

Udp2raw-tunnel - A UDP Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket [Bypass UDP FireWalls]

A UDP Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket, helps you Bypass UDP FireWalls or Unstable UDP Environment. Its Encrypted, Anti-Replay and Multiplexed.It also acts as a Connection Stabilizer. Support Platforms A Linux host including desktop Linux, Android...

Encrypted, Anti-Replay, Multiplexed Udp Tunnel: Udp2raw-tunnel

A UDP Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket, helps you Bypass UDP FireWalls or Unstable UDP Environment. Its Encrpyted, Anti-Replay and Multiplexed. It also acts as a Connection Stabilizer. Features Send / Receive UDP Packet with fake-tcp/icmp headers...

vzctl: Security bypass

Background vzctl is a set of control tools for the OpenVZ server virtualization solution. Description It was discovered that vzctl determined the virtual environment VE layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory. This allows local simfs container CT ro...

vzctl local security bypass vulnerability

vzctl is a set of tools used to manage OpenVZ, an OS-level server virtualization solution for Linux-based platforms. A local security bypass vulnerability exists in vzctl. A local attacker could exploit this vulnerability to bypass security restrictions and perform unauthorized operations...

[SECURITY] [DSA 3357-1] vzctl security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3357-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 13, 2015 https://www.debian.org/security/faq -...

New Debian Releases Fix PHP, VirtualBox Bugs

The maintainers of Debian have released new packages to fix several vulnerabilities, including a number of bugs in PHP and an unspecified flaw in Oracle’s VirtualBox application. Among the patches is one for the VirtualBox bug, which is difficult to describe, because Oracle no longer publishes an...

Debian DSA-3357-1 : vzctl - security update

It was discovered that vzctl, a set of control tools for the OpenVZ server virtualisation solution, determined the storage layout of containers based on the presence of an XML file inside the container. An attacker with local root privileges in a simfs-based container could gain control over...

[SECURITY] [DSA 3357-1] vzctl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3357-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 13, 2015 https://www.debian.org/security/faq -...

DSA-3357-1 vzctl - security update

Bulletin has no description...

Debian Security Advisory DSA 3357-1 (vzctl - security update)

It was discovered that vzctl, a set of control tools for the OpenVZ server virtualisation solution, determined the storage layout of containers based on the presence of an XML file inside the container. An attacker with local root privileges in a simfs-based container could gain control over...

Debian DLA-103-1 : linux-2.6 security update

This security upload has been prepared in cooperation of the Debian Kernel, Security and LTS Teams and features the upstream stable release 2.6.32.64 see https://lkml.org/lkml/2014/11/23/181 for more information for that. It fixes the CVEs described below. Note: if you are using the openvz flavor...

[SECURITY] [DLA 103-1] linux-2.6 security update

Package : linux-2.6 Version : CVE-2014-90902.6.32-48squeeze9 CVE ID : CVE-2012-6657 CVE-2013-0228 CVE-2013-7266 CVE-2014-4157 CVE-2014-4508 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4943 CVE-2014-5077 CVE-2014-5471 CVE-2014-5472 This security upload has been prepared in cooperation of th...