search for: flaws

Displaying 20 results from an estimated 1970 matches for "flaws".

Did you mean: flags
2016 Nov 01
3
CVE-2016-5195 DirtyCOW: Critical Linux Kernel Flaw
On Tue, November 1, 2016 6:25 pm, Tony Mountifield wrote: > In article <5818CD31.4050008 at moving-picture.com>, > James Pearson <james-p at moving-picture.com> wrote: >> Leonardo Oliveira Ortiz wrote: >> > RedHat and Centos 4.x can be explored by this flaw? >> >> See: >> >> https://access.redhat.com/security/cve/cve-2016-5195 > > In
2016 Nov 02
2
CVE-2016-5195 DirtyCOW: Critical Linux Kernel Flaw
Dear Sir/s, Can a crashed centos system be restore to its previous state before it crash? And if so, can you please tell me how to do it? Thanks, your help is very much appreciated. ----- Original Message ----- From: "Richard" <lists-centos at listmail.innovate.net> To: "CentOS mailing list" <centos at centos.org> Sent: Tuesday, November 1, 2016 5:05:59 PM
2016 Nov 01
2
CVE-2016-5195 DirtyCOW: Critical Linux Kernel Flaw
Leonardo Oliveira Ortiz wrote: > RedHat and Centos 4.x can be explored by this flaw? See: https://access.redhat.com/security/cve/cve-2016-5195 James Pearson
2011 Mar 07
0
Fwd: STARTTLS bug - background story
...vailable at: http://www.kb.cert.org/vuls/id/555316 http://www.postfix.org/CVE-2011-0411.html Problem overview and impact =========================== The TLS protocol encrypts communication and protects it against modification by other parties. This protection exists only if a) software is free of flaws, and b) clients verify the server's TLS certificate, so that there can be no "man in the middle" (servers usually don't verify client certificates). The problem discussed in this writeup is caused by a software flaw. The flaw allows an attacker to inject client commands into an S...
2018 Jan 05
2
Intel Flaw
How does the latest Intel flaw relate to CentOS 6.x systems that run under VirtualBox hosted on Windows 7 computers? Given the virtual machine degree of separation from the hardware, can this issue actually be detected and exploited in the operating systems that run virtually?? If there is a slow down associated with the fix, how much might it impact the virtual systems?
2003 Jan 24
1
WHITEHAT DISCOVERS SERIOUS SECURITY FLAW AFFECTING ALL WEB SERVER S WORLDWIDE
FYI, Santa Clara, Calif., Jan. 20, 2003 -- WhiteHat Security, Inc. a Santa Clara, California based company that specializes in Web Application Security, has discovered a serious security flaw affecting all web server world wide. From months of extensive research and testing, WhiteHat has found a way to exploit a flaw in the way all web servers communicate.
2016 Aug 12
3
Linux TCP flaw
Hi So after reading this, felt I should apply the fix to a CentOS6 VPS that I have. http://www.zdnet.com/article/linux-tcp-flaw-lets-anyone-hijack-internet-traffic/ The article doesn't talk about CentOS or Redhat, but I assume the problem is the same, and hoping the solution is the same. However that doesn't seem to be the case. [root at vps ~]# uname -r 2.6.32-042stab108.7 [root at
2014 Apr 14
1
Samba 4.1.6 huge security flaw
Hi all, I've been running Samba 4.1.6 in production for 2 weeks now and it's been great. However I noticed a huge security flaw today that I hit only once. I access Samba4 shares over the VPN that is irrelevant since the security access is user-based, not IP based. What happens right after the connection, Windows tries to read the shares and some are empty, but they are not supposed to
2016 Aug 12
1
Linux TCP flaw
Thanks for the info Peter. The VPS is running on a Plesk environment. ------ Original Message ------ From: "Peter" <peter at pajamian.dhs.org> To: centos at centos.org Sent: 12/08/2016 3:36:32 PM Subject: Re: [CentOS] Linux TCP flaw >On 12/08/16 17:33, Andrew Dent wrote: >> So after reading this, felt I should apply the fix to a CentOS6 VPS >>that >> I
2016 Nov 01
0
RES: CVE-2016-5195 “DirtyCOW”: Critical Linux Kernel Flaw
RedHat and Centos 4.x can be explored by this flaw? -----Mensagem original----- De: centos-bounces at centos.org [mailto:centos-bounces at centos.org] Em nome de Valeri Galtsev Enviada em: sexta-feira, 28 de outubro de 2016 12:50 Para: CentOS mailing list <centos at centos.org> Assunto: Re: [CentOS] CVE-2016-5195 ???DirtyCOW???: Critical Linux Kernel Flaw On Fri, October 28, 2016 9:43
2016 Nov 01
0
CVE-2016-5195 DirtyCOW: Critical Linux Kernel Flaw
In article <5818CD31.4050008 at moving-picture.com>, James Pearson <james-p at moving-picture.com> wrote: > Leonardo Oliveira Ortiz wrote: > > RedHat and Centos 4.x can be explored by this flaw? > > See: > > https://access.redhat.com/security/cve/cve-2016-5195 In other words, no: RHEL 4 and CentOS4 are not affected by this flaw. Tony -- Tony Mountifield
2016 Nov 02
0
CVE-2016-5195 DirtyCOW: Critical Linux Kernel Flaw
> Date: Tuesday, November 01, 2016 18:49:56 -0500 > From: Valeri Galtsev <galtsev at kicp.uchicago.edu> > > On Tue, November 1, 2016 6:25 pm, Tony Mountifield wrote: >> In article <5818CD31.4050008 at moving-picture.com>, >> James Pearson <james-p at moving-picture.com> wrote: >>> Leonardo Oliveira Ortiz wrote: >>> > RedHat and Centos
2000 Jun 09
0
Security Update: flaws in the SSL transaction handling of Netscape
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ Caldera Systems, Inc. Security Advisory Subject: flaws in the SSL transaction handling of Netscape Advisory number: CSSA-2000-017.0 Issue date: 2000 June, 09 Cross reference: ______________________________________________________________________________ 1. Problem Description There are some flaws in the SSL transaction...
2016 Oct 28
2
CVE-2016-5195 “DirtyCOW”: Critical Linux Kernel Flaw
On Fri, October 28, 2016 9:43 am, Johnny Hughes wrote: > On 10/22/2016 07:49 PM, Valeri Galtsev wrote: >> Dear All, >> >> I guess, we all have to urgently apply workaround, following, say, this: >> >> https://gryzli.info/2016/10/21/protect-cve-2016-5195-dirtycow-centos-7rhel7cpanelcloudlinux/ >> >> At least those of us who still have important multi
2011 Aug 13
1
Latent flaw in SEXPREC definition
There seems to be a latent flaw in the definition of struct SEXPREC in Rinternals.h, which likely doesn't cause problems now, but could if the relative sizes of data types changes. The SEXPREC structure contains a union that includes a primsxp, symsxp, etc, but not a vecsxp. However, in allocVector in memory.c, zero-length vectors are allocated using allocSExpNonCons, which appears to
2024 Jul 13
2
[Bug 1758] New: Design flaw in chain traversal
https://bugzilla.netfilter.org/show_bug.cgi?id=1758 Bug ID: 1758 Summary: Design flaw in chain traversal Product: nftables Version: unspecified Hardware: x86_64 OS: Ubuntu Status: NEW Severity: major Priority: P5 Component: kernel Assignee: pablo at netfilter.org
2015 Mar 10
2
Bug#780227: XSA-123 / CVE-2015-2151 Hypervisor memory corruption due to x86 emulator flaw
Package: xen-hypervisor-4.1-amd64 Version: 4.1.4-3+deb7u4 Severity: critical Hi, Not sure how come I'm the first one to file this kind of a bug report :) but here goes JFTR... http://xenbits.xen.org/xsa/advisory-123.html was embargoed, but advance warning was given to several big Xen VM farms, which led to e.g. https://aws.amazon.com/premiumsupport/maintenance-2015-03/
2007 Jun 28
2
minor flaw in integrate()
Hi, I noticed a minor flaw in integrate() from package stats: Taking up arguments lower and upper from integrate(), if (lower == Inf) && (upper == Inf) or if (lower == -Inf) && (upper == -Inf) integrate() calculates the value for (lower==-Inf) && (upper==Inf). Rather, it should return 0. Quick fix: ### old code ### ### [snip] else {
2024 Sep 06
1
BUG: atan(1i) / 5 = NaN+Infi ?
...but the behaviour is undesirable). I think this is a design flaw rather than a bug. The distinction is important: if it is a design flaw, then a change is harder, because users who rely on the behaviour deserve more help in adapting than those who rely on a bug. Bugs should be fixed. Design flaws need thinking about, and sometimes shouldn't be fixed. On the other hand, I was unable to find documentation saying that the current behaviour is intended, so I could be wrong. Duncan Murdoch > > On Fri, 6 Sept 2024 at 10:12, Bert Gunter <bgunter.4567 at gmail.com> wrote: >&...
2010 Mar 08
3
Security problem with Samba on Linux - affects 3.5.0, 3.4.6 and 3.3.11
Security problem with Samba on Linux ------------------------------------ In Samba releases 3.5.0, 3.4.6 and 3.3.11 new code was added to fix a problem with Linux asynchronous IO handling. This code introduced a severe security flaw which was undetected until now. We are releasing new binaries and fixed source code as release numbers: 3.5.1, 3.4.7 and 3.3.12 with this fix included. This will be