Denial of service

Cisco IOS 15.2S allows remote attackers to cause a denial of service interface queue wedge via malformed UDP traffic on port 465, aka Bug ID CSCts48300...

hostmap-bfk NSE Script

Discovers hostnames that resolve to the target's IP address by querying the online database at . The script is in the "external" category because it sends target IPs to a third party in order to query their database. This script was formerly until April 2012 known as hostmap.nse. Script Arguments...

[SECURITY] Fedora 16 Update: condor-7.7.5-0.2.fc16

Condor is a specialized workload management system for compute-intensive jobs. Like other full-featured batch systems, Condor provides a job queueing mechanism, scheduling policy, priority scheme, resource monitoring, and resource management. Users submit their serial or parallel jobs to Condor,...

SiT! Support Incident Tracker 3.64 XSS / CSRF / SQL Injection

Advisory Details: High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in SiT! Support Incident Tracker, which can be exploited to perform SQL injection, cross-site scripting, cross-site request forgery attacks. 1 Input passed via the "start" GET parameter to...

CVE-2011-5072

Multiple SQL injection vulnerabilities in Support Incident Tracker aka SiT! before 3.65 allow remote attackers to execute arbitrary SQL commands via the 1 start parameter to portal/kb.php; 2 contractid parameter to contractaddservice.php; 3 id parameter to editescalationpath.php; 4 unlock, 5 lock...

SonicWall AntiSpam & EMail v7.x - Multiple Vulnerabilities

Document Title: =============== SonicWall AntiSpam & EMail v7.x - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=58 Release Date: ============= 2012-01-07 Vulnerability Laboratory ID VL-ID: ==================================== 5...

Kaspersky IS&AV 2011/12 - Memory Corruption Vulnerability

No description provided by source. References: =========== http://www.vulnerability-lab.com/getcontent.php?id=129 Introduction: ============= Kaspersky Internet Security 2011 has everything that you need to stay safe and secure while you re surfing the web. It provides constant protection for you...

SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 5219 / 5222 / 5223)

The SUSE Linux Enterprise 11 Service Pack 1 kernel was updated to 2.6.32.46 and fixes various bugs and security issues. The following security issues have been fixed : - A signedness issue in CIFS could possibly have lead to to memory corruption, if a malicious server could send crafted replies t...

Fedora Update for python-celery FEDORA-2011-16549

Check for the Version of python-celery OpenVAS Vulnerability Test Fedora Update for python-celery FEDORA-2011-16549 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

[SECURITY] Fedora 16 Update: python-celery-2.2.8-1.fc16

An open source asynchronous task queue/job queue based on distributed message passing. It is focused on real-time operation, but supports scheduling as well. The execution units, called tasks, are executed concurrently on one or more worker nodes using multiprocessing, Eventlet or gevent. Tasks c...

Oracle Database Multiple Vulnerabilities (January 2009 CPU)

The remote Oracle database server is missing the January 2009 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Job Queue - Oracle OLAP - Oracle Spatial - Oracle Streams - SQLPlus Windows GUI %NASLMINLEVEL 70300 C Tenable Network...

GroupWise Internet Agent < 8.0.2 HP3 iCalendar TZNAME Property Heap Overflow

The version of Novell GroupWise Internet Agent hosted on the remote computer is earlier than 8.0.2 HP3. Such versions are potentially affected by a heap overflow vulnerability due to the way the application parses the TZNAME property of the VTIMEZONE component within a received VCALENDAR message...

Moderate: Red Hat Security Advisory: system-config-printer security update

Updated system-config-printer packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

CVE-2011-2907

Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBSOHOST variable to the qsub program...

Design/Logic Flaw

Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBSOHOST variable to the qsub program...

CVE-2011-2907

Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBSOHOST variable to the qsub program...

Ruby随机数字生成本地拒绝服务漏洞

BUGTRAQ ID: 49015 CVE ID: CVE-2011-2686 Ruby是一种功能强大的面向对象的脚本语言。 Ruby在处理随机数字生成的实现上存在本地拒绝服务漏洞，本地攻击者可利用此漏洞造成拒绝服务。 Yukihiro Matsumoto Ruby 1.8.7 x 厂商补丁： Yukihiro Matsumoto ------------------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.ruby-lang.org/ !/usr/bin/python Title: Omnicom Alpha 4.0e LPD Serv...

Debian: Security Advisory (DSA-2270-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: kernel: net_sched: fix qdisc_notify()

The qdiscnotify function in net/sched/schapi.c in the Linux kernel before 2.6.35 does not prevent tcfillqdisc function calls referencing builtin aka CQFBUILTIN Qdisc structures, which allows local users to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified...

kernel: IB/uverbs: Handle large number of entries in poll CQ

The ibuverbspollcq function in drivers/infiniband/core/uverbscmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially fille...