search for: denial

Bill Moran wrote: > This report seems pretty vague. I'm unsure as to whether the alleged > "bug" gives the user any more permissions than he'd already have? Anyone > know any details? This is a local denial of service bug, which was fixed 6 weeks ago in HEAD and RELENG_6. There is no opportunity for either remote denial of service or any privilege escalation. > VI. VENDOR RESPONSE > > "The policy of the FreeBSD Security Team is that local denial of service > bugs not be treated as...

On 9/20/19 8:58 AM, Eric Blake wrote: > On 9/12/19 12:41 PM, Richard W.M. Jones wrote: >> We have discovered a potential Denial of Service / Amplification Attack >> in nbdkit. > > Unfortunately, our fix for this issue cause another potential Denial of > Service attack: > >> >> Lifecycle >> --------- >> >> Reported: 2019-09-11 Fixed: 2019-09-11 Published: 2019-09-12 >&gt...

...ntOS 7.6 system, I get the following: #============= httpd_t ============== #!!!! This avc is allowed in the current policy allow httpd_t httpd_sys_script_t:process signull; Noting that on my 7.6 system with selinux enforcing with selinux policy packages at version 3.13.1-229, it notes that your denial would not happen. If you don't have it installed policycoreutils-python provides the audit2allow and audit2why binaries which can help you generate a policy to avoid this denial if you want. Also, I often find that to truly diagnose the issue, I need to run the following: # semodule --disabl...

TITLE: KAME Project "ipcomp6_input()" Denial of Service CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote DESCRIPTION: A vulnerability has been reported in the KAME Project, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "ipcomp6_in...

Subject: logcheck-database: Tweak to ssh rules to ignore AllowGroups denial Package: logcheck-database Version: 1.3.13 Severity: minor *** Please type your report below this line *** Similar to how AllowUsers denials are ignored, also ignore AllowGroups: ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: User [-_.[:alnum:]]+ from [-_.[:alnum:]]+ not allowed...

Package: xen-3 Version: 3.1.0-1 Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xen-3. CVE-2007-5907[0]: | Xen 3.1.1 does not prevent modification of the CR4 TSC from | applications, which allows pv guests to cause a denial of service | (crash). CVE-2007-5906[1]: | Xen 3.1.1 allows virtual guest system users to cause a | denial of service (hypervisor crash) by using a debug | register (DR7) to set certain breakpoints. If you fix this vulnerability please also include the CVE id in your changelog entry. A patch fo...

Hello, I was wondering if any one has seen issues with selinux name_bind denials that result from having IP:PORT bindings for services to specific IP addresses managed on an interface under NetworkManager's control? I do realize that people will probably say stop using NetworkManager, and I may, but the behavior is strange, and I'd like to have a better understanding...

...m the core can tell about the background and possible fixes? <p>Regards, Stefan ------- Forwarded message follows ------- Date sent: Wed, 12 May 2004 13:50:17 +0200 To: secunia_security_advisories@stefan-neufeind.de Subject: [SA11578] Icecast Basic Authorization Denial of Service Vulnerability From: Secunia Security Advisories <sec-adv@secunia.com> <p>TITLE: Icecast Basic Authorization Denial of Service Vulnerability SECUNIA ADVISORY ID: SA11578 VERIFY ADVISORY: http://secunia.com/advisories/11578/ CRITICAL: Moderately critical IMPACT:...

Hi, I''ve been writing a login application to utilize the features of both PAM and libpwdb. Not surprisingly, this has meant looking at some old code.. The following denial of service attack seems to work quite nicely on my ancient Red Hat 3.0.3 system with the standard login application. Perhaps this is not a problem with 4.0? Does anyone know about other distributions? joe$ nvi /var/log/wtmp [ Now no-one else can log in ] This is a problem with advisory locking...

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: BitchX denial of service vulnerability Advisory ID: RHSA-2000:042-01 Issue date: 2000-07-06 Updated on: 2000-07-06 Product: Red Hat Powertools Keywords: DoS Cross references: N/A --------------------------------------------------------------------- 1. Topic: A denial of...

Asterisk Project Security Advisory - AST-2013-002 Product Asterisk Summary Denial of Service in HTTP server Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Major Exploits...

Asterisk Project Security Advisory - AST-2013-002 Product Asterisk Summary Denial of Service in HTTP server Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Major Exploits...

I setup postfix/dovecot on a new machine and now all works well with the small exception of dovecot triggering selinux avc denials on some temp... files here is a sample alert: Summary SELinux is preventing /usr/libexec/dovecot/deliver (dovecot_deliver_t) "link" to temp.localhost.678.40caaf5592891c46 (user_home_dir_t). Detailed Description SELinux denied access requested by /usr/libexec/dovecot/delive...

We have discovered a potential Denial of Service / Amplification Attack in nbdkit. Lifecycle --------- Reported: 2019-09-11 Fixed: 2019-09-11 Published: 2019-09-12 There is no CVE number assigned for this issue yet, but the bug is being categorized and processed by Red Hat's security team which may result in a CVE being publis...

There are conflicting reports about wether or not Red Hat 4.0 is vulnerable to the login-lockout described earlier. I have the impression that if you install the updates it will have been fixed. Approval of messages about this subject is now restricted to "here is a patch", and a vendors "We have made a patch available". Roger.

Asterisk Project Security Advisory - AST-2014-008 Product Asterisk Summary Denial of Service in PJSIP Channel Driver Subscriptions Nature of Advisory Denial of Service Susceptibility Remote authenticated sessions Sever...

Asterisk Project Security Advisory - AST-2014-008 Product Asterisk Summary Denial of Service in PJSIP Channel Driver Subscriptions Nature of Advisory Denial of Service Susceptibility Remote authenticated sessions Sever...

Asteroid is a SIP denial of service attack tools which affected older versions of Asterisk the Open Source PBX and may affect other products running the SIP protocol. There are thousands of custom (mis)crafted SIP packets which were sent to a older versions of Asterisk that caused errors stopping Asterisk. The packets wer...

Hello Everyone, ISC has released new versions of BIND 8 which address a remotely exploitable denial-of-service vulnerability that may allow an attacker to perform `negative cache poisoning'--- convincing a name server that certain RRs do not exist (even though they may). I do not know of any workaround at this time. I have committed fixes to the RELENG_5_1 and RELENG_4_9 security branches....

Hi, on an up to date CentOS 5.4 x86_64 (test machine), I systematically get the following SELinux denial when I start a QEMU/KVM virtual machine via virt-manager: SELinux is preventing qemu-kvm (qemu_t) "execute" to /dev/zero (zero_device_t). (full alert below) Running the command suggested by the alert (restorecon -v '/dev/zero') does not solve the problem. This does not prevent...