SuSE 10 Security Update : Xen (ZYPP Patch Number 8359)

XEN received various security and bugfixes : - xen: Timer overflow DoS vulnerability XSA-20. CVE-2012-4535 - xen: Memory mapping failure DoS vulnerability XSA-22 The following additional bugs have beenfixed:. CVE-2012-4537 - L3: Xen BUG at ioapic.c:129 26102-x86-IOAPIC-legacy-not-first.patch...

Timer overflow DoS vulnerability

ISSUE DESCRIPTION A guest which sets a VCPU with an inappropriate deadline can cause an infinite loop in Xen, blocking the affected physical CPU indefinitely. IMPACT A malicious guest administrator can trigger the bug. If the Xen watchdog is enabled, the whole system will crash. Otherwise the gue...

[Network Database Scanner v1.0] Software to remotely detect the type of Database services running on the network system

Network Database Scanner is the free software to remotely detect the type of Database services running on the network system. It can help you to scan single or multiple systems on your internal network or on the Internet. It uses smart timer based Connect method which makes the scanning faster th...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6.1 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which...

CVE-2011-5188

Cross-site scripting XSS vulnerability in the Support Timer module 6.x-1.x before 6.x-1.4 for Drupal allows remote authenticated users with the "track time spent" permission to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-5188

Drupal: The Support Timer module (6.x-1.x) is vulnerable to Cross-Site Scripting (XSS) when used or configured with version prior to 6.x-1.4. The issue can be exploited by remote authenticated users who have the track time spent permission, through unsanitized user-supplied content. A fix is avai...

CVE-2011-5188

Cross-site scripting XSS vulnerability in the Support Timer module 6.x-1.x before 6.x-1.4 for Drupal allows remote authenticated users with the "track time spent" permission to inject arbitrary web script or HTML via unspecified vectors...

Scientific Linux Security Update : kernel on SL6.x i386/x86_64

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fix : - Using the SGIO IOCTL to issue SCSI requests to partitions or LVM volumes resulted in the requests being passed to the underlying block device. If a privileged user only had access to a single...

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

Security fixes : - a NULL pointer dereference flaw was found in the Linux kernel NFSv4 implementation. Several of the NFSv4 file locking functions failed to check whether a file had been opened on the server before performing locking operations on it. A local, unprivileged user on a system with a...

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

CVE-2009-1439 kernel: cifs: memory overwrite when saving nativeFileSystem field during mount CVE-2009-1633 kernel: cifs: fix potential buffer overruns when converting unicode strings sent by server CVE-2009-1389 kernel: r8169: fix crash when large packets are received These updated packages fix t...

CentOS Update for kernel CESA-2010:0936 centos4 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 4472)

This kernel update fixes the following security problems : - It was possible for local user to become root by exploiting a bug in the IA32 system call emulation. This affects x8664 platforms with kernel 2.4.x and 2.6.x before 2.6.22.7 only. CVE-2007-4573 - An information disclosure vulnerability ...

Ubuntu Update for linux-ec2 USN-1388-1

Ubuntu Update for Linux kernel vulnerabilities USN-1388-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13881.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux-ec2 USN-1388-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Th...

Ubuntu 10.04 LTS : linux vulnerabilities (USN-1389-1)

Paolo Bonzini discovered a flaw in Linux's handling of the SGIO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device. CVE-2011-4127 A flaw was found in KVM's Programmable Interval Timer PIT...

Ubuntu: Security Advisory (USN-1389-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1389-1: Linux kernel vulnerabilities

Paolo Bonzini discovered a flaw in Linux's handling of the SGIO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device. CVE-2011-4127 A flaw was found in KVM's Programmable Interval Timer PIT...

kernel: kvm: pit timer with no irqchip crashes the system

The createpittimer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer PIT interrupt requests IRQs when a virtual interrupt controller irqchip is not available, which allows local users to cause a denial of service NUL...

USN-1384-1: Linux kernel (Oneiric backport) vulnerabilities

A bug was discovered in the Linux kernel's calculation of OOM Out of memory scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. CVE-2011-4097 Paolo Bonzini...

Null pointer dereference

The createpittimer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer PIT interrupt requests IRQs when a virtual interrupt controller irqchip is not available, which allows local users to cause a denial of service NUL...

UBUNTU-CVE-2011-4622

The createpittimer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer PIT interrupt requests IRQs when a virtual interrupt controller irqchip is not available, which allows local users to cause a denial of service NUL...