Lucene search
K

248 matches found

Fedora
Fedora
added 2010/11/24 10:35 p.m.38 views

[SECURITY] Fedora 14 Update: udunits2-2.1.19-1.fc14

The Unidata units utility, udunits2, supports conversion of unit specificat ions between formatted and binary forms, arithmetic manipulation of unit specifications, and conversion of values between compatible scales of measurement. A unit is the amount by which a physical quantity is measured. Fo...

5CVSS2AI score0.27924EPSS
Exploits1
OpenVAS
OpenVAS
added 2010/09/10 12:0 a.m.19 views

RedHat Update for sudo RHSA-2010:0675-01

Check for the Version of sudo OpenVAS Vulnerability Test RedHat Update for sudo RHSA-2010:0675-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

6.2CVSS9.3AI score0.00362EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2010/09/07 12:49 p.m.42 views

Important: Red Hat Security Advisory: sudo security update

An updated sudo package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

6.2CVSS7.3AI score0.00362EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/02/10 12:0 a.m.30 views

RedHat Security Advisory RHSA-2009:0267

The remote host is missing updates announced in advisory RHSA-2009:0267. The sudo superuser do utility allows system administrators to give certain users the ability to run commands as root with logging. A flaw was discovered in a way sudo handled group specifications in run as lists in the sudoe...

6.9CVSS0.7AI score0.00406EPSS
Exploits1References2
Gentoo Linux
Gentoo Linux
added 2009/02/06 12:0 a.m.34 views

sudo: Privilege escalation

Background sudo allows a system administrator to give users the ability to run commands as other users. Description Harald Koenig discovered that sudo incorrectly handles group specifications in RunasAlias and related entries when a group is specified in the list using %group syntax, to allow a...

7.8CVSS2.4AI score0.00406EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2009/02/06 12:0 a.m.36 views

RHEL 5 : sudo (RHSA-2009:0267)

The remote Redhat Enterprise Linux 5 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2009:0267 advisory. The sudo superuser do utility allows system administrators to give certain users the ability to run commands as root with logging. A flaw was...

7.8CVSS7.4AI score0.00406EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2009/02/05 3:59 p.m.35 views

Moderate: Red Hat Security Advisory: sudo security update

An updated sudo package to fix a security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The sudo superuser do utility allows system administrators to give certain users the ability to run...

7.8CVSS7AI score0.00406EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2007/07/30 9:17 p.m.23 views

CVE-2007-4097

Tor before 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which allows remote attackers to obtain sensitive information, contrary to specifications...

6.4CVSS6AI score0.02228EPSS
Exploits0References1
Prion
Prion
added 2007/07/30 9:17 p.m.21 views

Code injection

Tor before 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which allows remote attackers to obtain sensitive information, contrary to specifications...

6.4CVSS7AI score0.02228EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2007/07/30 9:0 p.m.23 views

CVE-2007-4097

Tor before 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which allows remote attackers to obtain sensitive information, contrary to specifications...

6.5AI score0.02228EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2007/07/30 9:0 p.m.25 views

CVE-2007-4097

Tor before 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which allows remote attackers to obtain sensitive information, contrary to specifications...

6.4CVSS4.8AI score0.02228EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.42 views

Ubuntu 4.10 : php4 vulnerability (USN-66-2)

Ubuntu Security Notice USN-66-1 described a circumvention of the 'openbasedir' restriction by using the cURL module. Adam Conrad discovered that the fix from USN-66-1 still allowed to bypass this restriction with certain variants of path specifications. In addition this update fixes the crash of...

5.6AI score
Exploits0
NVD
NVD
added 2005/12/28 1:3 a.m.20 views

CVE-2005-4533

Argument injection vulnerability in scponlyc in scponly 4.1 and earlier, when both scp and rsync compatibility are enabled, allows local users to execute arbitrary applications via "getopt" style argument specifications, which are not filtered...

7.5CVSS7.1AI score0.01456EPSS
Exploits0References6
securityvulns
securityvulns
added 2005/07/23 12:0 a.m.38 views

[Full-disclosure] ICMP attacks against TCP: Conclusions

Folks, My posts to this list have tried to show how easy it is to perform ICMP attacks against TCP. The attacks are blind, so the attacker does not need to be a "man in the middle" to perform then. The typical number of packets required to perform any of these attacks is about 16000 in many cases...

6.8AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.20 views

CVE-2002-2112

RCA Digital Cable Modem DCM225 and DCM225E, and other modems that must conform to the Data-over-Cable Service Interface Specifications DOCSIS standard, uses the "public" community string for SNMP access, which allows remote attackers to read or write MIB information...

5CVSS6.7AI score0.01388EPSS
Exploits0References4
CVE
CVE
added 2002/07/04 4:0 a.m.41 views

CVE-2002-0637

InterScan VirusWall 3.52 build 1462 is affected by CVE-2002-0637. The vulnerability arises from email headers that violate RFC syntax via space gap patterns (examples include Content-Type :", Content-Transfer-Encoding :, missing space before a boundary, and boundary= ), which an attacker can expl...

7.5CVSS7.1AI score0.05746EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2001/12/30 5:0 a.m.19 views

CVE-2001-1210

Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications DOCSIS standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings...

6.4CVSS6.5AI score0.02331EPSS
Exploits0References4
exploitpack
exploitpack
added 2000/05/16 12:0 a.m.31 views

Stake AntiSniff 1.0.1Researchers 1.0 - DNS Overflow (2)

Stake AntiSniff 1.0.1Researchers 1.0 - DNS Overflow 2 // source: https://www.securityfocus.com/bid/1207/info Certain versions of @Stake Inc.'s Antisniffer software contain a remotely exploitable buffer overflow. AntiSniff is a program that was released by L0pht Heavy Industries in July of 1999. I...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2000/05/16 12:0 a.m.40 views

Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (2)

// source: https://www.securityfocus.com/bid/1207/info Certain versions of @Stake Inc.'s Antisniffer software contain a remotely exploitable buffer overflow. AntiSniff is a program that was released by L0pht Heavy Industries in July of 1999. It attempts, through a number of tests, to determine if...

7.4AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.10 views

Office 2013 1058

Office 2013 1058...

0.9AI score
Exploits0
Rows per page
Query Builder