7923 matches found
(RHSA-2018:0051) Important: rhevm-setup-plugins security, bug fix, and enhancement update
The rhevm-setup-plugins package adds functionality exclusive only to Red Hat Virtualization Manager, and is not available for the upstream ovirt-engine. It includes the configuration of the Red Hat Support plugin, copying downstream-only artifacts to the ISO domain, and links to the knowledgebase...
Relayer - SMB Relay Attack Script
Relayer is an SMB relay Attack Script that automates all the necessary steps to scan for systems with SMB signing disabled and relaying authentication request to these systems with the objective of gaining a shell. Great when performing Penetration testing. Relayer makes use of Unicorn from...
XenDesktop Setup Wizard completes without error, but there's no VM has been created in Hyper-V SCVMM
XenDesktop Setup Wizard completes without error, but no VM has been created in Hyper-V SCVMM. And there's noparticular error messages from CDF trace either...
jenkins -- Two startup race conditions
The Jenkins project reports: A race condition during Jenkins startup could result in the wrong order of execution of commands during initialization. On Jenkins 2.81 and newer, including LTS 2.89.1, this could in rare cases we estimate less than 20% of new instances result in failure to initialize...
How to configure Monitor to check services status of RADIUS servers ?
Configure Monitor for RADIUS server...
CVE-2017-16690
A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll located in your Syswow64 / System32 folder from the folder the executable is in a...
Oracle Linux 7 : postgresql (ELSA-2017-3402)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3402 advisory. 9.2.23-3 - setup: keep PGSETUP variables after switching to not-privileged user 9.2.23-2 - fix CVE-2017-12172 Tenable has extracted the preceding...
Fedora 26 : 2:docker (2017-3976710f1e)
Resolves: 1510351 - CVE-2017-14992 built docker @projectatomic/docker-1.13.1 commit 584d391 built docker-novolume-plugin commit 385ec70 built rhel-push-plugin commit af9107b built docker-lvm-plugin commit 8647404 built docker-runc @projectatomic/docker-1.13.1 commit 1c91122 built docker-container...
difuze - Fuzzer for Linux Kernel Drivers
Fuzzer for Linux Kernel Drivers Tested on Ubuntu = 14.04.5 LTS As explained in our paper, There are two main components of difuze: Interface Recovery and Fuzzing Engine 1. Interface Recovery The Interface recovery mechanism is based on LLVM analysis passes. Every step of interface recovery are...
PT-2017-3822 · Libtiff +5 · Libtiff +5
Name of the Vulnerable Software and Affected Versions: LibTIFF version 4.0.9 Description: The issue is related to a heap-based buffer overflow in the TIFFSetupStrips function of the LibTIFF library. This can be exploited by a remote attacker using a specially crafted TIFF file, potentially leadin...
Command Execution Vulnerability in the pelco Sarix Enhanced Dot1xSetupController.php File
pelco Sarix Enhanced is a webcam. A command execution vulnerability exists in the pelco Sarix Enhanced Dot1xSetupController.php file. The vulnerability is caused due to the program failing to properly perform validity checks when processing user-submitted data, allowing an attacker who has been...
Arbitrary File Deletion Vulnerability in the Pelco Sarix Enhanced GeneralSetupController.php File
pelco Sarix Enhanced is a webcam. An arbitrary file deletion vulnerability exists in the pelco Sarix Enhanced GeneralSetupController.php file. The vulnerability is due to the program failing to properly check for uploaded files when processing them, an attacker can delete arbitrary files in the...
CVE-2017-15996
elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service excessive memory allocation or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper...
CVE-2017-16239
In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using Nova Filter...
The vulnerability of the Exchange ActiveSync component of the iOS operating system allows a hacker to delete data from the device.
The vulnerability of the Exchange ActiveSync component of the iOS operating system is related to improper handling of permissions during account setup. Exploiting this vulnerability allows a malicious actor to delete data from the device during account setup, by capturing the open AutoDiscover V1...
The vulnerability of the lp_setup() function in the Secure Boot environment loader of the Linux operating system allows a hacker to cause a system failure.
The vulnerability of the lpsetup function, a loader for the Secure Boot mechanism in Linux kernel, arises from writing beyond buffer boundaries. The Linux driver/char/lp.c code does not perform boundary checking on the parportnr array. Exploiting this vulnerability could allow an attacker to caus...
CrunchRAT - HTTPS-based Remote Administration Tool (RAT)
CrunchRAT currently supports the following features: File upload File download Command execution It is currently single-threaded only one task at a time, but multi-threading or multi-tasking is currently in the works. Additional features will be included at a later date. Server The server-side of...
FFlets Easy Setup Tool Installer Untrusted Search Path Vulnerability
Flets Easy Setup Tool is a Flets easy setup tool from NIPPON TELEGRAPH AND TELEPHONE WEST, Japan.Installer is one of the installation programs. An untrusted search path vulnerability exists in the Installer in Flets Easy Setup Tool 1.2.0 and earlier versions. An attacker can exploit this...
CVE-2017-16525
The usbserialconsoledisconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service use-after-free and system crash or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup...
CVE-2017-10825
Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...