Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.33 views

Oracle Solaris Third-Party Patch Update : tcsd (cve_2012_0698_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of service daemon crash via a crafted typeoffset value in a TCP packet to port 30003. CVE-2012-0698 %NASLMINLEVEL 70300 C Tenable Network...

5CVSS5.4AI score0.10509EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.28 views

Oracle Solaris Third-Party Patch Update : quagga (cve_2013_2236_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - Stack-based buffer overflow in the newmsglsachangenotify function in the OSPFD API ospfapi.c in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers...

2.6CVSS7.8AI score0.0208EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.31 views

Oracle Solaris Third-Party Patch Update : cvs (cve_2012_0804_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer overflow in the proxyconnect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service crash and possibly execute arbitrary code via a crafted...

10CVSS6.3AI score0.08396EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.23 views

Oracle Solaris Third-Party Patch Update : keystone (cve_2014_2828_authentication_issues)

The remote Solaris system is missing necessary patches to address security updates : - The V3 API in OpenStack Identity Keystone 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service CPU consumption via a large number of the same authenticati...

7.8CVSS5.5AI score0.03129EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.55 views

Oracle Solaris Third-Party Patch Update : thunderbird (multiple_vulnerabilities_in_thunderbird4)

The remote Solaris system is missing necessary patches to address security updates : - CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote web...

9.3CVSS8.4AI score0.0663EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.27 views

Oracle Solaris Third-Party Patch Update : slocate (cve_2007_0227_information_disclosure)

The remote Solaris system is missing necessary patches to address security updates : - slocate 3.1 does not properly manage database entries that specify names of files in protected directories, which allows local users to obtain the names of private files. NOTE: another researcher reports that t...

5CVSS5.4AI score0.01673EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.25 views

Oracle Solaris Third-Party Patch Update : ibutils (cve_2013_2561_link_following)

The remote Solaris system is missing necessary patches to address security updates : - OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on 1 ibdiagnet.db, 2 ibdiagnet.fdbs, 3 ibdiagnetibis.log, 4 ibdiagnet.log, 5 ibdiagnet.lst, 6 ibdiagnet.mcfdbs, 7...

6.3CVSS5.5AI score0.00475EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.31 views

Oracle Solaris Third-Party Patch Update : memcached (cve_2013_0179_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - The processbindelete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service segmentation fault via a...

1.8CVSS8.2AI score0.01498EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.20 views

Oracle Solaris Third-Party Patch Update : gtk (cve_2012_2370_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - Multiple integer overflows in the readbitmapfiledata function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service application crash via a negative 1 height or 2 width in ...

5CVSS6.5AI score0.04096EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.27 views

Oracle Solaris Third-Party Patch Update : nova (cve_2014_3517_information_disclosure)

The remote Solaris system is missing necessary patches to address security updates : - api/metadata/handler.py in OpenStack Compute Nova before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess...

4.3CVSS5.4AI score0.01938EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.64 views

Oracle Solaris Third-Party Patch Update : nss (cve_2013_1620_lucky_thirteen)

The remote Solaris system is missing necessary patches to address security updates : - The TLS implementation in Mozilla Network Security Services NSS does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which...

4.3CVSS7AI score0.35584EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.33 views

Oracle Solaris Third-Party Patch Update : kerberos (cve_2014_4345_numeric_errors)

The remote Solaris system is missing necessary patches to address security updates : - Off-by-one error in the krb5encodekrbsecretkey function in plugins/kdb/ldap/ libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 1.6.x through 1.11.x before 1.11.6 and 1.12....

8.5CVSS7.1AI score0.08085EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.35 views

Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark8)

The remote Solaris system is missing necessary patches to address security updates : - The ieee802154maprec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote...

4.3CVSS6.2AI score0.01987EPSS
Exploits2References7
Rows per page
Query Builder