4504 matches found
Tmp files readable by other users
Overview Affected versions of sync-exec use files located in /tmp/ to buffer command results before returning values. As /tmp/ is almost always set with world readable permissions, this may allow low privilege users on the system to read the results of commands run via sync-exec under a higher...
Update Rollup 11 for System Center 2012 R2 Data Protection Manager
Update Rollup 11 for System Center 2012 R2 Data Protection Manager Introduction This article describes the issues that are fixed in Update Rollup 11 for Microsoft System Center 2012 R2 Data Protection Manager. It also contains the installation instructions for this update. Note We recommend that...
DEBIAN-CVE-2016-7433
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...
CVE-2016-7433
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...
Design/Logic Flaw
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...
CVE-2016-7433
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...
CVE-2016-7433
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...
CVE-2016-7433
CVE-2016-7433 affects ntpd (ntp) prior to 4.2.8p9. Root cause: initial sync calculations regression where the root distance did not include peer dispersion. This can cause incorrect timing calculations, with documented potential for denial of service or disruption. Remediation: upgrade ntp to 4.2...
UBUNTU-CVE-2016-7433
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...
CVE-2016-7433
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...
MS17-002: Description of the security update for SharePoint Server 2016: January 10, 2017
MS17-002: Description of the security update for SharePoint Server 2016: January 10, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, se...
High network usage after you implement file screening on a Windows Server 2012 R2-based Work Folders sync server
High network usage after you implement file screening on a Windows Server 2012 R2-based Work Folders sync server This article describes an issue that occurs on a Windows Server 2012 R2-based Work Folders sync server. You can fix this issue by using the update in this article. Before you install...
SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:3195-1)
This update for ntp fixes the following issues: ntp was updated to 4.2.8p9. Security issues fixed : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428,...
CVE-2016-7944
Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INTMAX, which triggers the client to stop reading data and get out of sync...
Sync Breeze Enterprise Buffer Overflow Vulnerability
Sync Breeze Enterprise is a file synchronization utility that allows you to synchronize and manage the disk files of your networked computers, mainly used to categorize, save and manage files. A buffer overflow vulnerability exists in Sync Breeze Enterprise version 9.1.16, which can be exploited ...
Downloads Resources over HTTP
Overview Affected versions of bionode-sra insecurely downloads resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. While the exact severity of impact for a vulnerability like this is highly variable and depends on...
Provisioning Services and Daylight Saving Time
During a Target Device TD boot or reboot, after Daylight Saving Time DST but prior to any vDisk maintenance, you might notice that the TD system time is not consistent with the system time of the PVS Server. A user has reported the inability to log on to the domain. Log on with a local user accou...
Sync Breeze Enterprise Server Buffer Overflow Vulnerability (Nov 2016)
Sync Breeze Enterprise Server is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Sync Breeze Enterprise 9.1.16 Buffer Overflow
!/usr/bin/python print "Sync Breeze Enterprise 9.1.16 Login Buffer Overflow" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYSTEM You do not need to be authenticated, password below is...
Sync Breeze Enterprise 9.1.16 - Buffer Overflow Exploit
Exploit for windows platform in category remote exploits !/usr/bin/python print "Sync Breeze Enterprise 9.1.16 Login Buffer Overflow" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYSTEM...