CVE-2013-4319

pbsmom in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to execute arbitrary jobs by submitting a command...

Cisco IOS Software Queue Wedge Denial of Service Vulnerability (cisco-sa-20130925-wedge)

A vulnerability in the T1/E1 driver queue implementation of Cisco IOS Software could allow an unauthenticated, remote attacker to cause an interface wedge condition, which could lead to loss of connectivity, loss of routing protocol adjacency, and could result in a denial of service DoS scenario...

CVE-2013-5477

The T1/E1 driver-queue functionality in Cisco IOS 12.2 and 15.0 through 15.3, when an HDLC32 driver is used, allows remote attackers to cause a denial of service interface queue wedge via bursty network traffic, aka Bug ID CSCub67465...

Design/Logic Flaw

The T1/E1 driver-queue functionality in Cisco IOS 12.2 and 15.0 through 15.3, when an HDLC32 driver is used, allows remote attackers to cause a denial of service interface queue wedge via bursty network traffic, aka Bug ID CSCub67465...

CVE-2013-5477

Cisco IOS Software vulnerability CVE-2013-5477 affects T1/E1 driver queue logic in Cisco IOS 12.2 and 15.0–15.3 when using the HDLC32 driver. The flaw in the T1/E1 driver queue implementation allows remote, unauthenticated attackers to trigger a denial-of-service via bursty traffic, causing an in...

Console: Stored cross-site scripting (XSS)

Multiple cross-site scripting XSS vulnerabilities in Fuse Management Console in Red Hat JBoss Fuse 6.0.0 before patch 3 and JBoss A-MQ 6.0.0 before patch 3 allow remote attackers to inject arbitrary web script or HTML via the 1 user field in the create user page or 2 profile version to the create...

Cisco IOS Software Queue Wedge Denial of Service Vulnerability

A vulnerability in the T1/E1 driver queue implementation of Cisco IOS Software could allow an unauthenticated, remote attacker to cause an interface wedge condition, which could lead to loss of connectivity, loss of routing protocol adjacency, and could result in a denial of service DoS scenario...

Cisco Releases Semiannual IOS Software Security Advisory Bundled Publication

Cisco has released its semiannual Cisco IOS Software Security Advisory Bundled Publication. This publication includes eight Security Advisories that address vulnerabilities in Cisco IOS Software. Exploits of these vulnerabilities could result in a denial of service DoS condition, interface queue...

OTRS < 2.3.5 Queue Access Restriction Bypass Vulnerability

Open Ticket Request System OTRS is prone to a restriction bypass vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

OTRS < 3.0.0-beta1 ACL-customer-status Ticket Restriction Bypass Vulnerability

OTRS Open Ticket Request System is prone to a restriction bypass vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

tcp(port&seq) backdoor

Автор: slashd Что это? Реализации скрытого канала передачи данных на сервер с помощью стандартных полейв нашем случае поля SEQ и Source Port TCP-заголовка. Теоритическая часть. Реализовать скрытую передачу данных с помощью TCP-заголовка можно несколькими способами. Клиентхакер иницирующий...

DEBIAN-CVE-2013-5721

The dissectmqrr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service application crash via a crafted packet...

DEBIAN-CVE-2012-6580

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for remote attackers to spoof details of a message's origin or interfere with encryption-policy auditin...

DEBIAN-CVE-2012-6579

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to configure encryption or signing for certain outbound e-mail, and possibly cause a denial of service loss of e-mail readability, via an e-mail message to a queue's address...

DEBIAN-CVE-2012-6578

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled with a "Sign by default" queue configuration, uses a queue's key for signing, which might allow remote attackers to spoof messages by leveraging the lack of authentication semantics...

CVE-2012-6578

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled with a "Sign by default" queue configuration, uses a queue's key for signing, which might allow remote attackers to spoof messages by leveraging the lack of authentication semantics...

CVE-2012-6578

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled with a "Sign by default" queue configuration, uses a queue's key for signing, which might allow remote attackers to spoof messages by leveraging the lack of authentication semantics...

Oracle Linux 4 : sendmail (ELSA-2007-0252)

From Red Hat Security Advisory 2007:0252 : Updated sendmail packages that fix a security issue and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. Sendmail is a very widely used Mail...

Oracle Linux 5 : kernel (ELSA-2008-0885)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-0885 advisory. - sound sndseqosssynthmakeinfo info leak Eugene Teo 458000 458001 CVE-2008-3272 - mm tmpfs: restore missing clearhighpage Eugene Teo 426082...

tor -- guard discovery

The Tor Project reports: Disable middle relay queue overfill detection code due to possible guard discovery attack...