62 matches found
SUSE CVE-2016-8645
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service system crash via a crafted application that makes sendto system calls, related to net/ipv4/tcpipv4.c and net/ipv6/tcpipv6.c...
openSUSE: Security Advisory for vsftpd (SUSE-SU-2022:3457-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE-SU-2022:3457-1 Security update for vsftpd
This update for vsftpd fixes the following issues: - CVE-2021-3618: Enforced security checks against ALPACA attack PM-3322, jscSLE-23896, bsc1187686, bsc1187678. - Added hardening to systemd services bsc1181400. Bugfixes: - Fixed a seccomp failure in FIPS mode when SSL was enabled bsc1052900. -...
SUSE: Security Advisory (SUSE-SU-2022:3383-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:3320-1 Security update for vsftpd
This update for vsftpd fixes the following issues: - CVE-2021-3618: Enforced security checks against ALPACA attack bsc1187678, bsc1187686, PM-3322. Bugfixes: - Fixed a seccomp failure in FIPS mode when SSL was enabled bsc1052900. - Allowed wait4 to be called so that the broker can wait for its...
CVE-2016-8399
A flaw was found in the Linux networking subsystem where a local attacker with CAPNETADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto...
Denial Of Service (DOS)
Linux kernel is vulnerable to the Linux kernel since 3.6-rc1 with 'net.ipv4.tcpfastopen' set to 1 can hit BUG statement in tcpcollapse function after making a number of certain syscalls. Local users could cause an application crash via a crafted application that makes sendto system calls, related...
EulerOS 2.0 SP2 : curl (EulerOS-SA-2018-1427)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that curl and libcurl might send their Authentication header to a third party HTTP server upon receiving an HTTP REDIRECT reply. This...
EulerOS 2.0 SP3 : curl (EulerOS-SA-2018-1401)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that curl and libcurl might send their Authentication header to a third party HTTP server upon receiving an HTTP REDIRECT reply. This...
Virtuozzo 7 : readykernel-patch (VZA-2017-097)
According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux networking subsystem where a local attacker with CAPNETADMIN capabilities could cause ...
kernel: net: Out of bounds stack read in memcpy_fromiovec
A flaw was found in the Linux networking subsystem where a local attacker with CAPNETADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto...
Heap overflow
When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name longer than about 515 bytes, the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used...
CVE-2017-1000100
When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name longer than about 515 bytes, the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used...
CVE-2017-1000100
When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name longer than about 515 bytes, the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used...
CVE-2017-1000100
When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name longer than about 515 bytes, the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used...
kernel: net: Out of bounds stack read in memcpy_fromiovec
A flaw was found in the Linux networking subsystem where a local attacker with CAPNETADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto...
kernel: net: Out of bounds stack read in memcpy_fromiovec
A flaw was found in the Linux networking subsystem where a local attacker with CAPNETADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto...
DEBIAN-CVE-2016-8645
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service system crash via a crafted application that makes sendto system calls, related to net/ipv4/tcpipv4.c and net/ipv6/tcpipv6.c...
Code injection
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service system crash via a crafted application that makes sendto system calls, related to net/ipv4/tcpipv4.c and net/ipv6/tcpipv6.c...
UBUNTU-CVE-2016-8645
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service system crash via a crafted application that makes sendto system calls, related to net/ipv4/tcpipv4.c and net/ipv6/tcpipv6.c...