Samsung Handsets Distributed With Malware-Infected Memory Cards

Another mobile-phone manufacturer has fallen victim to an increasingly common attack in which phones’ memory cards are infected with malware during the manufacturing process and then shipped out to customers. The latest victim is Samsung, which has acknowledged that the microSD cards in a batch o...

Ubuntu Update for xorg-server vulnerabilities USN-939-1

Ubuntu Update for Linux kernel vulnerabilities USN-939-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9391.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for xorg-server vulnerabilities USN-939-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu: Security Advisory (USN-939-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2010-1986

Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service memory consumption and application crash via JavaScript code that creates multiple arrays containing elements with long string values, and then appends long strings to the content of a P element, related ...

Ubuntu 8.04 LTS / 9.04 / 9.10 : xorg-server vulnerabilities (USN-939-1)

Loic Minier discovered that xvfb-run did not correctly keep the X.org session cookie private. A local attacker could gain access to any local sessions started by xvfb-run. Ubuntu 9.10 was not affected. CVE-2009-1573 It was discovered that the X.org server did not correctly handle certain...

AIX 610004 : U833912

The remote host is missing AIX PTF U833912 which is related to the security of the package bos.sysmgt.quota You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

AIX 610001 : U831329

The remote host is missing AIX PTF U831329 which is related to the security of the package devices.fcp.disk.rte You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

Rsync File Handling Integer Overflow (CVE-2003-0962)

RSync is an open source utility that provides fast incremental file transfer. There exists a heap overflow vulnerability in the Rsync server. The flaw is caused by an insufficient boundary checks when handling malformed requests. Successful exploitation would allow the attacker to overwrite, crea...

PT-2010-2050 · Microsoft · Directshow +8

Name of the Vulnerable Software and Affected Versions: Microsoft DirectX versions prior to the fixed version Microsoft Windows 2000 SP4 Microsoft Windows XP SP2 and SP3 Microsoft Windows Server 2003 SP2 Microsoft Windows Vista Gold, SP1, and SP2 Microsoft Windows Server 2008 Gold, SP2, and R2...

AIX 530010 : U823128

The remote host is missing AIX PTF U823128 which is related to the security of the package devices.pciex.8680c71014108003.diag You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...

Mandriva Update for run-parts MDVA-2010:009 (run-parts)

Check for the Version of run-parts OpenVAS Vulnerability Test Mandriva Update for run-parts MDVA-2010:009 run-parts Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

AIX 610004 : U830407

The remote host is missing AIX PTF U830407 which is related to the security of the package bos.net.nfs.adt You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

Mandriva Update for run-parts MDVA-2010:009 (run-parts)

Check for the Version of run-parts OpenVAS Vulnerability Test Mandriva Update for run-parts MDVA-2010:009 run-parts Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

FreeBSD Security Advisory (FreeBSD-SA-09:16.rtld.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:16.rtld.asc SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2009-4230

Multiple stack-based buffer overflows in src/Task.cc in the FastCGI program in IIPImage Server before 0.9.8 might allow remote attackers to execute arbitrary code via vectors associated with crafted arguments to the 1 RGN::run, 2 JTLS::run, or 3 SHD::run function. NOTE: some of these details are...

Code injection

The rtld function in the Run-Time Link-Editor rtld in libexec/rtld-elf/rtld.c in FreeBSD 7.1 and 8.0 does not clear the 1 LDLIBMAP, 2 LDLIBRARYPATH, 3 LDLIBMAPDISABLE, 4 LDDEBUG, and 5 LDELFHINTSPATH environment variables, which allows local users to gain privileges by executing a setuid or setgu...

CVE-2009-4146

The rtld function in the Run-Time Link-Editor rtld in libexec/rtld-elf/rtld.c in FreeBSD 7.1, 7.2, and 8.0 does not clear the LDPRELOAD environment variable, which allows local users to gain privileges by executing a setuid or setguid program with a modified LDPRELOAD variable containing an...

CVE-2009-4146

The CVE-2009-4146 entry concerns FreeBSD's run-time linker (rtld) in libexec/rtld-elf/rtld.c. The underlying issue is that rtld's unsetenv logic does not clear LD_PRELOAD when __findenv() fails, enabling a local user to influence library loading via a modified LD_PRELOAD path and gain privileges ...

Serious Zero-Day Flaw Found in FreeBSD, Exploit Published

A researcher has published an explanation of a new flaw in FreeBSD that allows an attacker to take control of a vulnerable machine. The vulnerability could give an attacker root access to the FreeBSD machine, and the FreeBSD developers have published a patch for the flaw early Tuesday. The...

** FreeBSD local r00t zeroday

FreeBSD local r00t 0day Discovered & Exploited by Nikolaos Rangos also known as Kingcope. Nov 2009 "BiG TiME" "Go fetch your FreeBSD r00tkitz" // http://www.youtube.com/watch?v=dDnhthI27Fg There is an unbelievable simple local r00t bug in recent FreeBSD versions. I audited FreeBSD for local r00t...