Most of the links lead to the corresponding files at CERT or
other organisations. So changes take place immediately,
especially which patches should be installed or which changes
in the configuration should be made to avoid this vulnerability.
Some of the files are transferred by FTP.
By the way: If we're not publishing well-known risks
inheritant in any widely used platform or program that
doesn't mean this particular platform or program is safe
to use!
Here you find our network security search engine!
|
This is some information you send: |
|
|
Your Browser |
CCBot/2.0 |
|
Your IP address |
ec2-72-44-48-122.compute-1.amazonaws.com [72.44.48.122] |
|
Your referer |
(filtered or not existing) |
Last change 3 hours ago | ||||||||
Current month, Last month, Last 10 messages, Last 20 messages (index only) | ||||||||
Chosen the last 10 messages | ||||||||
|
|
||||||||
The kernel packages contain the Linux kernel, the core of any Linux operating system.
A flaw was found in the way the Xen hypervisor AMD IOMMU driver handles interrupt remapping entries.
Due to this, a local user can conduct a Denial-of-Service (DoS) under certain conditions.
|
||||||||
|
|
||||||||
The kpasswd service provided by kadmind is vulnerable to a UDP ping-pong attack. Updated packages are available now. |
||||||||
|
|
||||||||
JBoss Enterprise Application Platform 6.1.0 fixes multiple (also serious) security issues, various bugs, and adds enhancements. It's now available from the Red Hat Customer Portal. |
||||||||
|
|
||||||||
Updated kernel-rt packages that fix several security issues and multiple bugs are now available for Red Hat Enterprise MRG 2.3. Exploiting them by local users, some attack vectors like Denial-of-Service (DoS) or Root Compromise are possible. |
||||||||
|
|
||||||||
Wireshark is a popular network protocol analyzer. When analysing data, the RELOAD dissector could go into an infinite loop, meaning a Denial-of-Service (DoS). Wireshark 1.6.15 adresses these issues and delivers further bug fixes. |
||||||||
|
|
||||||||
IBM Security Virtual Server Protection for VMware System can be affected by several vulnerabilities in OpenSSL. These vulnerabilities include obtaining sensitive information and denial of service vulnerabilities that could be exploited remotely by an attacker. Fixes are available now. |
||||||||
|
|
||||||||
A user who has been successfully authenticated by Connect:Direct for UNIX executes Connect:Directls file copying functionality with elevated file system privileges. So file system permissions can be bypassed. A fix addresses this issue. |
||||||||
|
|
||||||||
A vulnerability exists in EMC VNX and EMC Celerra Control Station that could result in elevation of privileges by a lower level administrator with access to the system. Updates are available now. |
||||||||
|
|
||||||||
The node secret is a symmetric encryption key that RSA Authentication Manager and RSA Authentication Agents use to protect network communications. In affected products, the node secret is encrypted and stored on the agent host using a dated encryption algorithm and weak key. All agent software which leverages the RSA SecurID Authentication API should be updated to use stronger encryption and stronger keys. |
||||||||
|
|
||||||||
A vulnerability in device authentication of Cisco Unified Communications Manager (CUCM) could allow an unauthenticated, remote attacker to impact application response. The vulnerability is due to incomplete throttling of authentication requests. An attacker could exploit this vulnerability by sending multiple authentication requests in a short period of time. An update is available via the common support channels. |