Lucene search
+L

7197 matches found

RedHat Linux
RedHat Linux
added 2009/12/23 2:5 p.m.68 views

Important: Red Hat Security Advisory: rhev-hypervisor security and bug fix update

An updated rhev-hypervisor package that fixes security issues and several bugs is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The rhev-hypervisor package provides a Red Hat Enterprise Virtualization RHEV Hypervisor ISO disk...

7.8CVSS6.9AI score0.27924EPSS
Exploits23References4
Tenable Nessus
Tenable Nessus
added 2009/12/23 12:0 a.m.63 views

SuSE 10 Security Update : the Linux Kernel (i386) (ZYPP Patch Number 6726)

This update fixes a several security issues and various bugs in the SUSE Linux Enterprise 10 SP 2 kernel. The following security issues were fixed: CVE-2009-3939: A sysctl variable of the megaraidsas driver was worldwriteable, allowing local users to cause a denial of service or potential code...

7.8CVSS7.1AI score0.12461EPSS
Exploits12References24
ThreatPost
ThreatPost
added 2009/12/21 6:4 p.m.9 views

Attackers Buying Own Data Centers for Botnets, Spam

The malware writers and criminals who run botnets for years have been using shared hosting platforms and so-called bulletproof hosting providers as bases of operations for their online crimes. But, as law enforcement agencies and security experts have moved to take these providers offline, the...

7AI score
Exploits0References3
OSV
OSV
added 2009/12/19 12:0 a.m.11 views

DSA-1960-1 acpid - weak file permissions

Bulletin has no description...

6.9CVSS6.1AI score0.00318EPSS
Exploits0
Packet Storm
Packet Storm
added 2009/12/18 12:0 a.m.23 views

TFTP Server Buffer Overflow

!/usr/bin/env python This vuln is already owned by Muts , but i want to add the second methode Note: we don't have more space for shellcode or Skape egghunter 23 bytes only after SEH option I used the jumpback because is the best and easiest way for exploiting a SEH overwrite option Reference:...

0.6AI score
Exploits0
OpenVAS
OpenVAS
added 2009/12/15 12:0 a.m.45 views

NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability

NTP.org SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.100399";...

6.4CVSS7.2AI score0.32288EPSS
Exploits3References3
RedHat Linux
RedHat Linux
added 2009/12/11 1:42 p.m.5 views

Untrusted applet causes DoS by filling up disk space

Sun Java Runtime Environment JRE 1.5.06 and earlier, JDK 1.5.06 and earlier, and SDK 1.5.06 and earlier allows remote attackers to cause a denial of service disk consumption by using the Font.createFont function to create temporary files of arbitrary size in the %temp% directory...

6.4CVSS6AI score0.12692EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2009/12/11 12:0 a.m.31 views

Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 8.1 / 9.0 / 9.1 / current : ntp (SSA:2009-343-01)

New ntp packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix a security issue. If a spoofed mode 7 packet is sent to a vulnerable NTP daemon it may cause CPU and/or disk space exhaustion, resulting in a denial of service...

6.4CVSS7.4AI score0.32288EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2009/12/10 12:0 a.m.23 views

Fedora Core 12 FEDORA-2009-12395 (php-pear-Mail)

The remote host is missing an update to php-pear-Mail announced via advisory FEDORA-2009-12395. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright ...

7.5CVSS9.4AI score0.02402EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2009/12/10 12:0 a.m.24 views

Fedora Core 11 FEDORA-2009-11740 (wget)

The remote host is missing an update to wget announced via advisory FEDORA-2009-11740. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

6.8CVSS5.9AI score0.03517EPSS
Exploits1References2
Cent OS
Cent OS
added 2009/12/08 10:18 p.m.75 views

ntp security update

CentOS Errata and Security Advisory CESA-2009:1651 An updated ntp package that fixes two security issues is now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Network Time Protocol NTP is used to...

6.8CVSS7.2AI score0.32288EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2009/11/30 12:0 a.m.46 views

SuSE9 Security Update : IBM Java2 and SDK (YOU Patch Number 12531)

IBM Java 1.4.2 was updated to Service Refresh 13 Fixpack 2 At least following security issues are fixed by this update : - A vulnerability in the Java Runtime Environment JRE with storing temporary font files might allow an untrusted applet or application to consume a disproportionate amount of...

5CVSS5.5AI score0.03584EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/11/30 12:0 a.m.38 views

SuSE 11 Security Update : IBM Java 1.4.2 (SAT Patch Number 1525)

IBM Java 1.4.2 was updated to Service Refresh 13 Fixpack 2 At least following security issues are fixed by this update: CVE-2009-1100: A vulnerability in the Java Runtime Environment JRE with storing temporary font files might allow an untrusted applet or application to consume a disproportionate...

5CVSS5.5AI score0.03584EPSS
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2009/11/15 12:0 a.m.24 views

CVS Max-dotdot Protocol Command Integer Overflow (CVE-2004-0417)

Concurrent Versions System CVS is an open-source network-transparent version control system. CVS itself does not listen for, or accept network connections. To implement remote repository access, it can be installed as an inetd service, or invoked with the rsh/ssh command. Data between the server...

5CVSS7.5AI score0.03069EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2009/11/10 12:0 a.m.17 views

Microsoft Active Directory LSASS Recursive Stack Overflow (MS09-066; CVE-2009-1928)

Active Directory provides central authentication and authorization services for Windows-based systems. Active Directory Application Mode ADAM is a Lightweight Directory Access Protocol LDAP directory service that runs as a user service. A denial of service vulnerability has been discovered in...

7.8CVSS6.3AI score0.3002EPSS
Exploits1
ThreatPost
ThreatPost
added 2009/11/06 5:3 p.m.16 views

Where Are We A Year After McColo Shutdown?

In the year since the shutdown of notorious Web hosting firm McColo, spammers are growing strong. Part of this is the result of improvements by botnet operators. Like anyone who is successful what they do, the people controlling the most powerful botnets in cyber-space learn from their mistakes...

2.2AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2009/11/03 6:21 p.m.6 views

kernel: personality: fix PER_CLEAR_ON_SETID

The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PERCLEARONSETID setting that does not clear the ADDRCOMPATLAYOUT and MMAPPAGEZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to 1 conduct NULL...

7.2CVSS6.1AI score0.00439EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2009/10/28 12:0 a.m.23 views

Novell NetWare LSASS CIFS.NLM Driver Stack Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Novell NetWare...

0.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/10/28 12:0 a.m.51 views

Mandriva Linux Security Advisory : kernel (MDVSA-2009:289)

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel : The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PERCLEARONSETID setting that does not clear the ADDRCOMPATLAYOUT and MMAPPAGEZERO flags when executing a setuid or setgid program, which makes it easi...

7.2CVSS6.7AI score0.01243EPSS
Exploits6References10
Ubuntu
Ubuntu
added 2009/10/22 12:48 a.m.113 views

USN-852-1: Linux kernel vulnerabilities

Solar Designer discovered that the z90crypt driver did not correctly check capabilities. A local attacker could exploit this to shut down the device, leading to a denial of service. Only affected Ubuntu 6.06. CVE-2009-1883 Michael Buesch discovered that the SGI GRU driver did not correctly check...

7.8CVSS6.6AI score0.08156EPSS
Exploits45
Rows per page
Query Builder