7916 matches found
Code injection
The ISDN implementation in Cisco IOS 15.3S allows remote attackers to cause a denial of service device reload via malformed Q931 SETUP messages, aka Bug ID CSCut37890...
CVE-2015-0731
The ISDN implementation in Cisco IOS 15.3S allows remote attackers to cause a denial of service device reload via malformed Q931 SETUP messages, aka Bug ID CSCut37890...
Oracle Linux 7 : kexec-tools (ELSA-2015-0986)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-0986 advisory. 2.0.7-19.0.1.el71.2 - kdumpctl: exclude defaulthugepagesz setting from kdump kernel cmdline Sriharsha Yadagudde Orabug: 19134999 - kdumpctl: verify if kernel...
kexec-tools: insecure use of /tmp/*$$* filenames
It was found that the module-setup.sh script provided by kexec-tools created temporary files in an insecure way. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrary files...
SUSE-SU-2015:0945-1 Security update for spacewalk-java, spacewalk-setup
The spacewalk-java and spacewalk-setup packages were updated to fix one security issue: CVE-2014-8162: RPC API XML External Entities file disclosure. bsc922525 Security Issues: CVE-2014-8162...
kexec-tools security, bug fix, and enhancement update
2.0.7-19.0.1.el71.2 - kdumpctl: exclude defaulthugepagesz setting from kdump kernel cmdline Sriharsha Yadagudde Orabug: 19134999 - kdumpctl: verify if kernel support securelevel interface Sriharsha Yadagudde Orabug: 18905671 2.0.7-19.2 - dracut-module-setup: Enhance kdump to support the bind...
DEBIAN-CVE-2015-3294
The tcprequest function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setupreply function, which allows remote attackers to read process memory and cause a denial of service out-of-bounds read and crash via a malformed DNS request...
HP ThinPro OS /usr/bin/hpobl elevation of privilege vulnerability
HP ThinPro OS is a thin client operating system. A vulnerability in HP ThinPro OS /usr/bin/hpobl when invoking Firefox after setup allows attackers to exploit the vulnerability to gain access to the device with root privileges...
Local PHP File Inclusion in ResourceSpace
High-Tech Bridge Security Research Lab discovered vulnerability in ResourceSpace, which can be exploited to include arbitrary local PHP file, execute PHP code, and compromise vulnerable web application and even entire web server on which the application is hosted. The vulnerability exists due to...
Drupal Smart Trim Module Cross-Site Scripting Vulnerability
Drupal is a free and open source content management system developed in PHP. Smart Trim Module for Drupal is a module application for Drupal. The Drupal Smart Trim Module for Drupal handles cross-site scripting vulnerabilities in field setup forms, allowing remote attackers to exploit the...
Mandriva Linux Security Advisory : setup (MDVSA-2015:208)
Updated setup package fixes security vulnerability : An issue has been identified in Mandriva Business Server 2's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes...
UBUNTU-CVE-2015-3294
The tcprequest function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setupreply function, which allows remote attackers to read process memory and cause a denial of service out-of-bounds read and crash via a malformed DNS request...
Updated setup packages fix security vulnerabilities
Updated setup package fixes security issue An issue has been identified in Mageia 4's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes this issue by enforcing that...
MGASA-2015-0162 Updated setup packages fix security vulnerabilities
Updated setup package fixes security issue An issue has been identified in Mageia 4's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes this issue by enforcing that...
Same as TD-9436T camera RTSP protocol buffer overflow vulnerability
Tongwei TD-9436T camera is a product of Shenzhen Tongwei Digital Technology Co. In normal user's mode, if an RTSP packet is sent with a method of setup and the string between two consecutive semicolons in the Transport field is longer than 135, the machine will crash with a buffer overflow. An...
[ MDVSA-2015:184 ] setup
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:184 http://www.mandriva.com/en/support/security/ Package : setup Date : March 30, 2015 Affected: Business Server 2.0 Problem Description: Updated setup package fixes security vulnerability: An issue has been...
Faceless: Bypass Setup by External Activity Invoke
Tool Used: Drozer Operating System: Android Kitkat 4.4.2 Note: Make sure the application is running on the device connected to the system. 1. With the help of Drozer tool, list down the activities exported by the application using the following command: run app.activity.info -a im.delight.faceles...
Mandriva Linux Security Advisory : setup (MDVSA-2015:184)
Updated setup package fixes security vulnerability : An issue has been identified in Mandriva Business Server 2's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes...
Updated setup package fixes security vulnerability
An issue has been identified in Mageia 4's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes this issue by enforcing that those files are owned by the root user and...
MGASA-2015-0116 Updated setup package fixes security vulnerability
An issue has been identified in Mageia 4's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes this issue by enforcing that those files are owned by the root user and...