EUVD-2013-1799

Malware in sbrugna...

The vulnerability of the microprogrammed software of the Moxa NE-4100T serial interface converter lies in the lack of authentication procedures, which allows attackers to circumvent existing security restrictions.

The vulnerability of the Microprogrammed Software for Serial Interface Converters Moxa NE-4100T is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to gain increased privileges remotely...

The vulnerability of the serial interface converter NPort IAW5250A-6I/O, related to information disclosure, allows a hacker to gain access to information about the web server.

The vulnerability of the NPort IAW5250A-6I/O serial interface converter is related to information disclosure. Exploiting this vulnerability can allow a remote attacker to disclose information about the web server...

Unmasking mystery boxes on ship’s bridges

We pen test a variety of vessel and platform types across different fleets and operators. In every single test to date we have unearthed a system or device, that of the few crew that were aware, no-one could tell us what it is was for. In other scenarios an undocumented system or device would be...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3360-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3360-1 advisory. It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive...

USN-3360-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker...

Ubuntu 16.10 : linux, linux-raspi2 vulnerabilities (USN-3359-1)

It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 Dmitry Vyukov, Andrey Konovalov, Florian Westphal, and Eric Dumazet discovered that the netfiler subsyste...

Ubuntu Update for linux-ec2 USN-1808-1

Check for the Version of linux-ec2 OpenVAS Vulnerability Test $Id: gbubuntuUSN18081.nasl 8448 2018-01-17 16:18:06Z teissa $ Ubuntu Update for linux-ec2 USN-1808-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

USN-1781-1: Linux kernel (OMAP4) vulnerabilities

Andrew Jones discovered a flaw with the xeniret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service crash the system or gain guest OS privilege. CVE-2013-0228 A flaw was reported in...

Ubuntu: Security Advisory (USN-1767-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 12.04 LTS : linux vulnerabilities (USN-1767-1)

Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. CVE-2013-0190 A failure to validate input was discovered in the Linux kernel's Xen netback network backend driver. ...

[USN-1767-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1767-1 March 18, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Ubuntu Update for linux USN-1767-1

Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN17671.nasl 8650 2018-02-03 12:16:59Z teissa $ Ubuntu Update for linux USN-1767-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; y...

USN-1767-1: Linux kernel vulnerabilities

Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. CVE-2013-0190 A failure to validate input was discovered in the Linux kernel's Xen netback network backend driver. ...

Ubuntu: Security Advisory (USN-1745-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-1774

The chaseport function in drivers/usb/serial/ioti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service NULL pointer dereference and system crash via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter...

Null pointer dereference

The chaseport function in drivers/usb/serial/ioti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service NULL pointer dereference and system crash via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter...

CVE-2013-1774

The chaseport function in drivers/usb/serial/ioti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service NULL pointer dereference and system crash via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter...

CVE-2013-1774

CVE-2013-1774 affects the Linux kernel (drivers/usb/serial/io_ti.c) prior to 3.7.4. The chase_port function allows local users to trigger a NULL pointer dereference and system crash by performing a read or write on a disconnected Edgeport USB serial converter, resulting in a denial of service. Th...

UBUNTU-CVE-2013-1774

The chaseport function in drivers/usb/serial/ioti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service NULL pointer dereference and system crash via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter...