15 matches found
Red Hat Satellite Licensing Issue Vulnerability
Red Hat Satellite is a systems management platform from Red Hat, Inc. The platform can be used to extend the Linux infrastructure and provide system management functions such as administration, configuration, and monitoring.A security vulnerability exists in Red Hat Satellite. No details of the...
Debian Security Advisory DSA 3470-1 (qemu-kvm - security update)
Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service via resource exhaustion, that could occur when receiving large packet...
qemu -- code execution on host machine
Petr Matousek of Red Hat Inc. reports: Due converting PIO to the new memory read/write api we no longer provide separate I/O region lenghts for read and write operations. As a result, reading from PIT Mode/Command register will end with accessing pit-channels with invalid index and potentially...
libpng chunk decompression integer overflow vulnerability
Overview The libpng library contains an integer overflow vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Portable Network Graphics PNG image format is used as an alternative to other image formats such as the Graphi...
[SECURITY] [DSA 2315-1] openoffice.org security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2315-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano October 05, 2011 http://www.debian.org/security/faq -...
DSA-2315-1 openoffice.org - multiple vulnerabilities
Bulletin has no description...
Linux kernel RDS protocol vulnerability
Overview The RDS protocol implementation of Linux kernels 2.6.30 through 2.6.38-rc8 contain a local privilege escalation vulnerability. Description Kernel functions fail to properly check if a user supplied address exists in the user segment of memory. By providing a kernel address to a socket ca...
XFS Deleted Inode Local Information Disclosure Vulnerability
Exploit for linux platform in category local exploits ============================================================ XFS Deleted Inode Local Information Disclosure Vulnerability ============================================================ stalehandle.c - attempt to create a stale handle and open it...
BIND 9 DNSSEC validation code could cause fake NXDOMAIN responses
Overview A vulnerability exists in the BIND 9 DNSSEC validation code that could be used by an attacker to generate fake NXDOMAIN responses. Description BIND 9 contains a vulnerability in DNSSEC validation code. According to ISC: There was an error in the DNSSEC NSEC/NSEC3 validation code that cou...
MIT Kerberos kadmind principal renaming stack buffer overflow
Overview The MIT Kerberos administration daemon kadmind contains a stack buffer overflow that may allow a remote, authenticated attacker to execute arbitrary code or cause a denial of service. Description A vulnerability exists in the way the principal renaming operation used by the Kerberos...
libpng denial of service vulnerability
Overview The libpng library contains a denial-of-service vulnerability. Description The libpng library can be used to allow other applications to render PNG images.The libpng library contains a denial-of-service vulnerability. From the Libpng-1.2.16-ADVISORY: This vulnerability could be used to...
Samba NDR MS-RPC heap buffer overflow
Overview Samba fails to properly handle malformed MS-RPC packets. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code. Description Samba is a widely used open-source implementation of Server Message Block SMB/Common Internet File System CIFS. Network Data...
gzip contains an array out-of-bounds vulnerability in make_table()
Overview The gzip program contains a stack modification vulnerability that may allow an attacker to execute arbitrary code, or create a denial-of-service condition.. Description The gzip program is used to compress and decompress archived files.A stack modification vulnerability exists in gzip. A...
MySQL fails to properly validate COM_TABLE_DUMP packets
Overview MySQL contains a buffer overflow that may allow a remote, authenticated attacker to execute arbitrary code on a vulnerable server. Description MySQL and COMTABLEDUMPMySQL is an open-source database system available for Microsoft Windows, Linux, and other UNIX-based operating systems...
nfs-utils vulnerable to buffer overflow in "getquotainfo()" in "rquota_server.c"
Overview A vulnerability in nfs-utils could permit an attacker to execute arbitrary code on the system or cause a denial of service. Description The NFS protocol provides remote access to shared files accross networks. The nfs-utils package provides an NFS client and server for Linux systems...