IBM Spectrum Scale and General Parallel File System Arbitrary Code Execution Vulnerability

IBM GPFS is an enterprise file management system optimized for petabyte-scale storage management.IBM Spectrum Scale is a data and file management solution based on IBM GPFS. A security vulnerability exists in IBM Spectrum Scale and GPFS that could be exploited by a local attacker to inject...

Fedora 24 : parallel-20160222-1.fc24 (2016-6c03d31846)

Update to version 20160222-1 to fix bugs 1285888,1307846,1320511,1320956,1320958 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora Update for parallel FEDORA-2016-6

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 24 Update: parallel-20160222-1.fc24

GNU Parallel is a shell tool for executing jobs in parallel using one or mo re machines. A job is typically a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of file s, a list of hosts, a list of users, or a list of tables. If yo...

IBM Spectrum Scale and General Parallel File System Elevation of Privilege Vulnerability

IBM GPFS is an enterprise file management system optimized for petabyte-scale storage management.IBM Spectrum Scale is a data and file management solution based on IBM GPFS. IBM Spectrum Scale and IBM GPFS have a security vulnerability in the handling of the mmapplypolicy command that allows a...

Fedora 23 : parallel-20160222-1.fc23 (2016-73eb29f890)

Update to version 20160222-1 to fix bugs 1285888,1307846,1320511,1320956,1320958 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora Update for parallel FEDORA-2016-73

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 22 : parallel-20160222-1.fc22 (2016-7eb5caa94d)

Update to version 20160222-1 to fix bugs 1285888,1307846,1320511,1320956,1320958 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora Update for parallel FEDORA-2016-7

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 23 Update: parallel-20160222-1.fc23

GNU Parallel is a shell tool for executing jobs in parallel using one or mo re machines. A job is typically a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of file s, a list of hosts, a list of users, or a list of tables. If yo...

[SECURITY] Fedora 22 Update: parallel-20160222-1.fc22

GNU Parallel is a shell tool for executing jobs in parallel using one or mo re machines. A job is typically a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of file s, a list of hosts, a list of users, or a list of tables. If yo...

American Fuzzy Lop Utilities: afl-utils

Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization afl-utils is a collection of utilities to assist fuzzing with american-fuzzy-lop afl . afl-utils includes tools for: automated crash sample collection, verification, reduction and analys...

HackerOne: Hogging up all the resources on hackerone.com

Please note. I believe that some of the issues described below can also be used on their own and/or combined in other configurations to achieve different results, e.g. "paying" a bounty of zero or team avoiding to resolve and unpleasant issue. I am however describing the very likely doomsday...

FreeBSD : glibc -- getaddrinfo stack-based buffer overflow (2dd7e97e-d5e8-11e5-bcbd-bc5ff45d0f28)

Fabio Olive Leite reports : A stack-based buffer overflow was found in libresolv when invoked from nssdns, allowing specially crafted DNS responses to seize control of EIP in the DNS client. The buffer overflow occurs in the functions senddg send datagram and sendvc send TCP for the NSS module...

Apple Mac OSX - io_service_close Use-After-Free

Exploit for macOS platform in category dos / poc / Source: https://code.google.com/p/google-security-research/issues/detail?id=597 It turns out that the spoofed no-more-senders notification bug when applied to iokit objects was actually just a more complicated way to hit ::clientClose in parallel...

Apple Mac OSX - IOBluetoothHCIPacketLogUserClient Memory Corruption

Apple Mac OSX - IOBluetoothHCIPacketLogUserClient Memory Corruption / Source: https://code.google.com/p/google-security-research/issues/detail?id=572 The OS data types OSArray etc are explicity not thread safe; they rely on their callers to implement the required locking to serialize all accesses...

Apple Mac OSX - io_service_close Use-After-Free

Apple Mac OSX - ioserviceclose Use-After-Free / Source: https://code.google.com/p/google-security-research/issues/detail?id=597 It turns out that the spoofed no-more-senders notification bug when applied to iokit objects was actually just a more complicated way to hit ::clientClose in parallel. W...

IBM Spectrum Scale and General Parallel File System Denial of Service Vulnerability

IBM Spectrum Scale and General Parallel File System GPFS are both products of IBM Corporation of the U.S.A. IBM GPFS is an enterprise file management system optimized for petabyte-scale storage management.IBM Spectrum Scale is a set of data and file management solutions based on IBM GPFS. IBM...

IBM Spectrum Scale (GPFS) Hadoop Connector Vulnerable

IBM Spectrum Scale and General Parallel File System GPFS is a scalable data and file management solution based on IBM GPFS an enterprise file management system optimized for petabyte-scale storage management from IBM, USA. The solution helps customers reduce storage costs while improving security...

CVE-2015-7430

The Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 before 2.7.0-3 for IBM Spectrum Scale and General Parallel File System GPFS allows local users to read or write to arbitrary GPFS data via unspecified vectors...