Scientific Linux Security Update : openldap on SL5.x i386/x86_64 (20140224)

A denial of service flaw was found in the way the OpenLDAP server daemon slapd performed reference counting when using the rwm rewrite/remap overlay. A remote attacker able to query the OpenLDAP server could use this flaw to crash the server by immediately unbinding from the server after sending ...

compat, openldap security update

CentOS Errata and Security Advisory CESA-2014:0206 Updated openldap packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base...

openldap: segfault on certain queries with rwm overlay

The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service slapd crash by unbinding immediately after a search request, which triggers rwmconndestroy to free the session context while it is being used by...

Fedora 20 : openldap-2.4.39-2.fc20 (2014-2012)

"fix rmw reference counting bug new upstream release 1059186 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Fedora Security Advisory 2014-2012. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

RHEL 6 : openldap (RHSA-2014:0126)

Updated openldap packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

openldap: segfault on certain queries with rwm overlay

The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service slapd crash by unbinding immediately after a search request, which triggers rwmconndestroy to free the session context while it is being used by...

Debian Security Advisory DSA 2469-1 (linux-2.6 - privilege escalation/denial of service)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-4086Eric Sandeen reported an issue in the journaling layer for ext4 filesyste...

Fedora 18 : xen-4.2.2-10.fc18 (2013-11874)

XSA-45/CVE-2013-1918 breaks page reference counting let pygrub handle set default='$nextentry' line in F19 libxl: Set vfb and vkb devid if not done so by the caller Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...

Fedora 17 : xen-4.1.5-9.fc17 (2013-11871)

XSA-45/CVE-2013-1918 breaks page reference counting let pygrub handle set default='$nextentry' line in F19 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as muc...

Updated xen package fixes security issues

This update fixes the following security issues: XSA-52/CVE-2013-2076: Information leak on XSAVE/XRSTOR capable AMD CPUs XSA-53/CVE-2013-2077: Hypervisor crash due to missing exception recovery on XRSTOR XSA-54/CVE-2013-2078: Hypervisor crash due to missing exception recovery on XSETBV...

Page reference counting error due to XSA-45/CVE-2013-1918 fixes

ISSUE DESCRIPTION The XSA-45/CVE-2013-1918 patch making error handling paths preemptible broke page reference counting by not retaining a reference on pages stored for deferred cleanup. This would lead to the hypervisor prematurely attempting to free the page, generally crashing upon finding the...

Microsoft Internet Explorer Mouse Movement Information Disclosure

A design weakness vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in reference counting while handling the fireEvent method. Remote attackers can exploit this vulnerability by enticing the target user to view a malicious HTML document...

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

This update fixes the following security issues : - a flaw was found in the CIFSSMBWrite function in the Linux kernel Common Internet File System CIFS implementation. A remote attacker could send a specially crafted SMB response packet to a target CIFS client, resulting in a kernel panic denial o...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Fedora Core 11 FEDORA-2009-10891 (cups)

The remote host is missing an update to cups announced via advisory FEDORA-2009-10891. OpenVAS Vulnerability Test $Id: fcore200910891.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-10891 cups Authors: Thomas Reinke Copyright: Copyright c 2009 E-Sof...

Fedora Core 12 FEDORA-2009-11314 (cups)

The remote host is missing an update to cups announced via advisory FEDORA-2009-11314. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Fedora 12 : cups-1.4.2-7.fc12 (2009-11314)

New release, including fix for XSS vulnerability in web interface CVE-2009-2820 and for improper reference counting in abstract file descriptors handling interface CVE-2009-3553. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

PT-2009-5898 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.32-rc5 Description: The issue is related to the get instantiation keyring function in the KEYS subsystem, which does not properly maintain the reference count of a keyring. This allows local users to gain...

FreeBSD Security Advisory FreeBSD-SA-04:02.shmat

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:02.shmat Security Advisory The FreeBSD Project Topic: shmat reference counting bug Category: core Module: kernel Announced: 2004-02-05 Credits: Joost Pol...

shmat reference counting bug

A programming error in the shmat2 system call can result in a shared memory segment's reference count being erroneously incremented. It may be possible to cause a shared memory segment to reference unallocated kernel memory, but remain valid. This could allow a local attacker to gain read or writ...