3335 matches found
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3554)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3554 advisory. kernel-uek 4.1.12-37.2.2 - sctp: Prevent soft lockup when sctpaccept is called during a timeout event Karl Heiss Orabug: 23222731 CVE-2015-8767 Tenable has...
CVE-2016-2094
The HTTPS NIO Connector allows remote attackers to cause a denial of service thread consumption by opening a socket and not sending an SSL handshake, aka a read-timeout vulnerability...
CVE-2016-2094
The HTTPS NIO Connector allows remote attackers to cause a denial of service thread consumption by opening a socket and not sending an SSL handshake, aka a read-timeout vulnerability...
Design/Logic Flaw
The HTTPS NIO Connector allows remote attackers to cause a denial of service thread consumption by opening a socket and not sending an SSL handshake, aka a read-timeout vulnerability...
CVE-2016-2094
The HTTPS NIO Connector allows remote attackers to cause a denial of service thread consumption by opening a socket and not sending an SSL handshake, aka a read-timeout vulnerability...
CVE-2016-2094
The vulnerability CVE-2016-2094 affects Tomcat’s HTTPS NIO Connector, where a remote attacker can cause a denial of service by opening a socket and not sending an SSL handshake, triggering a read-timeout and thread consumption. The provided documents describe the vulnerability and impact but do n...
Unbreakable Enterprise kernel security update
2.6.39-400.278.2 - sctp: Prevent soft lockup when sctpaccept is called during a timeout event Karl Heiss Orabug: 23222773 CVE-2015-8767...
kernel: SCTP denial of service during timeout
A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctpaccept during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a deni...
OpenSSH < 6.9 Multiple Vulnerabilities
Binary data 9308.prm...
Symantec Brightmail 10.6.0-7 - LDAP Credentials Disclosure (Metasploit)
Exploit for java platform in category web applications Exploit Title: Symantec Brightmail ldap credential Grabber Date: 18/04/2016 Exploit Author: Fakhir Karim Reda Vendor Homepage:...
Changme - A Default Credential Scanner
Changeme is designed to be simple to add new credentials without having to write any code or modules. changeme keeps credential data separate from code. All credentials are stored in yaml files so they can be both easily read by humans and processed by changeme. Credential files can be created by...
Foxit Reader < 7.3.4 Multiple Vulnerabilities
The version of Foxit Reader installed on the remote Windows host is prior to 7.3.4. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists that is triggered when handling FlateDecode streams. An unauthenticated, remote attacker can exploit this, via a crafted PDF...
EAP: HTTPS NIO connector uses no timeout when reading SSL handshake from client
A read-timeout flaw was found in the HTTPS NIO Connector handling of SSL handshakes. A remote, unauthenticated attacker could create a socket and cause a thread to remain occupied indefinitely so long as the socket remained open denial of service...
EAP: HTTPS NIO connector uses no timeout when reading SSL handshake from client
A read-timeout flaw was found in the HTTPS NIO Connector handling of SSL handshakes. A remote, unauthenticated attacker could create a socket and cause a thread to remain occupied indefinitely so long as the socket remained open denial of service...
EAP: HTTPS NIO connector uses no timeout when reading SSL handshake from client
A read-timeout flaw was found in the HTTPS NIO Connector handling of SSL handshakes. A remote, unauthenticated attacker could create a socket and cause a thread to remain occupied indefinitely so long as the socket remained open denial of service...
EAP: HTTPS NIO connector uses no timeout when reading SSL handshake from client
A read-timeout flaw was found in the HTTPS NIO Connector handling of SSL handshakes. A remote, unauthenticated attacker could create a socket and cause a thread to remain occupied indefinitely so long as the socket remained open denial of service...
EAP: HTTPS NIO connector uses no timeout when reading SSL handshake from client
A read-timeout flaw was found in the HTTPS NIO Connector handling of SSL handshakes. A remote, unauthenticated attacker could create a socket and cause a thread to remain occupied indefinitely so long as the socket remained open denial of service...
openSUSE Security Update : dropbear (openSUSE-2016-387)
dropbear was updated to 2016.72 to fix the following issues : Changes in dropbear : - updated to upstream version 2016.72 - Validate X11 forwarding input. Could allow bypass of authorizedkeys command= restrictions, found by github.com/tintinweb. Thanks for Damien Miller for a patch. - used as bug...
openSUSE Security Update : dropbear (openSUSE-2016-393)
This update for dropbear fixes the following issues : - dropbear was updated to upstream version 2016.72 - Validate X11 forwarding input. Could allow bypass of authorizedkeys command= restrictions, found by github.com/tintinweb. Thanks for Damien Miller for a patch. - used as bug fix release for...
Multiple CCTV-DVR Vendors - Remote Code Execution
!/usr/bin/python Blog post: http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html ''' Vendors List Ademco ATS Alarmes technolgy and ststems Area1Protection Avio Black Hawk Security Capture China security systems Cocktail Service Cpsecured CP PLUS Digital Eye'z no website...