Ubuntu Update for linux-ti-omap4 USN-1645-1

Ubuntu Update for Linux kernel vulnerabilities USN-1645-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16451.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux-ti-omap4 USN-1645-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.n...

Ubuntu 12.10 : linux vulnerabilities (USN-1646-1)

Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. CVE-2012-0957 Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cau...

PT-2012-5462 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.7.2 Description: The issue concerns the load script function in fs/binfmt script.c, which does not properly handle recursion. This allows local users to obtain sensitive information from kernel stack memory vi...

CVE-2012-4530

The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

Ubuntu: Security Advisory (USN-1599-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-3430

CVE-2012-3430 : In the Linux kernel before 3.0.44, the function rds_recvmsg in net/rds/recv.c fails to initialize a structure member, allowing a local attacker to read potentially sensitive kernel stack memory via recvfrom or recvmsg on an RDS socket. Impact: information disclosure. Affected: Lin...

Memory corruption

The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows...

CVE-2012-3967

The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows...

Scientific Linux Security Update : php53 on SL5.x i386/x86_64

A flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only...

Scientific Linux Security Update : apr on SL4.x, SL5.x, SL6.x i386/x86_64

It was discovered that the aprfnmatch function used an unconstrained recursion when processing patterns with the '' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching such as an httpd server using th...

CentOS Update for php53 CESA-2011:0196 centos5 x86_64

Check for the Version of php53 OpenVAS Vulnerability Test CentOS Update for php53 CESA-2011:0196 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

UBUNTU-CVE-2012-3430

The rdsrecvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a 1 recvfrom or 2 recvmsg system call on an RDS socket...

CVE-2012-3368

Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach...

Integer overflow

Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach...

CVE-2012-3368

Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach...

CVE-2012-3368

CVE-2012-3368 affects dtach 0.8 due to an integer signedness error in attach.c that can allow remote disclosure of daemon stack memory after an improper connection-close, demonstrated by using an IRC client in dtach. Exploitation context is opportunistic and requires a specific sequence; no in‑do...

CVE-2012-3368

Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach...

CVE-2012-3368

Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach...

ZDI-12-094 : RealNetworks Helix Server rn5auth Credential Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-094 : RealNetworks Helix Server rn5auth Credential Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-094 June 21, 2012 - -- CVE ID: CVE-2012-0942 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...

CVE-2011-1080

The doreplace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability ...