Displaying 20 results from an estimated 5000 matches similar to: "possible XEN vulnerabilities?"
2008 Jun 19
3
Bug#487097: xen-unstable: multiple security issues
Source: xen-unstable
Version: 3.3-unstable+hg17602-1
Severity: grave
Tags: security, patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for xen-unstable.
CVE-2008-1943[0]:
| Buffer overflow in the backend of XenSource Xen Para Virtualized Frame
| Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial
| of service (crash) and possibly execute
2008 Jun 19
2
Bug#487095: xen-3: multiple security issues
Source: xen-3
Version: 3.2.1-1
Severity: grave
Tags: security, patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for xen-3.
CVE-2008-1943[0]:
| Buffer overflow in the backend of XenSource Xen Para Virtualized Frame
| Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial
| of service (crash) and possibly execute arbitrary code via a crafted
|
2013 Feb 13
0
Announce: Puppet Dashboard 1.2.22 Available [ security release ]
This release of Puppet Dashboard addresses CVE-2013-0277 and
CVE-2013-0269. These are vulnerabilities that affect Ruby on Rails,
specifically around YAML serialization and JSON handling. They expose
vulnerable systems to SQL Injection, Denial of Service Attacks, and
arbitrary YAML deserialization.
Additionally, CVE-2013-0276 and CVE-2013-0263 affect vendored
components of Puppet Dashboard, but by
2008 Jun 19
0
Bug#487095: Bug#487095: xen-3: multiple security issues
reopen 487095
reopen 487097
thanks
Hi,
since you thought it's necessary to complain to me about
this bug report on IRC I'm replying to this bug now as well.
> On Thu, Jun 19, 2008 at 04:56:54PM +0200, Thomas Bl?sing wrote:
> > CVE-2008-1943[0]:
> > | Buffer overflow in the backend of XenSource Xen Para Virtualized Frame
> > | Buffer (PVFB) 3.0 through 3.1.2 allows
2012 Sep 20
1
AIX 5.8p1?
Good Morning,
We just performed some security scanning on one of our AIX systems and these vulnerabilities was returned:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4755
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5000
We are currently running: 5.8.0.6101
The latest on IBMs
2005 May 15
1
About the vulnerabilities in tcpdump and gzip.
Dear list,
About a week ago, right after 5.4-RELEASE was released, I received a
mail from Gentoo Linux's security announcement list about a flaw in
tcpdump and gzip. Since none of them are operating system related, I
assumed a -p1 and -p2 of the 5.4-RELEASE. Instead, we got a patch for
the HTT security issue so I wonder, is the FreeBSD version of tcpdump
and/or gzip are secured or simply
2007 Nov 17
1
Bug#451626: CVE-2007-5907, CVE-2007-5906 possible denial of service vulnerability
Package: xen-3
Version: 3.1.0-1
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for xen-3.
CVE-2007-5907[0]:
| Xen 3.1.1 does not prevent modification of the CR4 TSC from
| applications, which allows pv guests to cause a denial of service
| (crash).
CVE-2007-5906[1]:
| Xen 3.1.1 allows virtual guest system users to cause a
|
2008 Mar 18
0
[gentoo-announce] [ GLSA 200803-25 ] Dovecot: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200803-25
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Dovecot:
2008 Jul 12
3
Bug#490409: CVE-2008-2004: privilege escalation
Package: xen-3
Severity: grave
Tags: security
Justification: user security hole
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for xen-3.
CVE-2008-2004[0]:
| The drive_init function in QEMU 0.9.1 determines the format of a raw
| disk image based on the header, which allows local guest users to read
| arbitrary files on the host by modifying the header to identify
2002 May 13
0
FreeBSD Security Notice FreeBSD-SN-02:02
-----BEGIN PGP SIGNED MESSAGE-----
=============================================================================
FreeBSD-SN-02:02 Security Notice
The FreeBSD Project
Topic: security issues in ports
Announced: 2002-05-13
I. Introduction
Several ports in the FreeBSD Ports
2006 Sep 19
0
FreeBSD Security Advisory FreeBSD-SA-06:21.gzip
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-06:21.gzip Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities in gzip
Category: contrib
Module: gzip
Announced:
2006 Sep 19
0
FreeBSD Security Advisory FreeBSD-SA-06:21.gzip
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-06:21.gzip Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities in gzip
Category: contrib
Module: gzip
Announced:
2006 Sep 19
0
FreeBSD Security Advisory FreeBSD-SA-06:21.gzip
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-06:21.gzip Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities in gzip
Category: contrib
Module: gzip
Announced:
2003 Oct 03
0
FreeBSD Security Advisory FreeBSD-SA-03:18.openssl
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-03:18.openssl Security Advisory
The FreeBSD Project
Topic: OpenSSL vulnerabilities in ASN.1 parsing
Category: crypto
Module: openssl
Announced:
2005 Jun 09
0
FreeBSD Security Advisory FreeBSD-SA-05:10.tcpdump
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-05:10.tcpdump Security Advisory
The FreeBSD Project
Topic: Infinite loops in tcpdump protocol decoding
Category: contrib
Module: tcpdump
2005 Jun 09
0
FreeBSD Security Advisory FreeBSD-SA-05:10.tcpdump
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-05:10.tcpdump Security Advisory
The FreeBSD Project
Topic: Infinite loops in tcpdump protocol decoding
Category: contrib
Module: tcpdump
2002 Jul 30
1
OpenSSL Security Advisory [30 July 2002]
Hi,
FYI - don't sue me for posting this here - I know, everyone who needs this info *should* have it already, but maybe not ;-)
Kind regards,
B. Courtin
--
OpenSSL Security Advisory [30 July 2002]
This advisory consists of two independent advisories, merged, and is
an official OpenSSL advisory.
Advisory 1
==========
A.L. Digital Ltd and The Bunker (http://www.thebunker.net/) are
2004 Sep 08
1
new gaim packages? (RHSA-2004:400-01)
has this package been rebuilt? I didn't see an announcement for it.
--Ajay, who's not bitchin', just wondering...
-------- Original Message --------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated gaim package fixes security issues
Advisory
2003 Apr 07
0
FreeBSD Security Notice FreeBSD-SN-03:01
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SN-03:01 Security Notice
The FreeBSD Project
Topic: security issue in samba ports
Announced: 2003-04-07
I. Introduction
Several ports in the
2003 Apr 07
0
FreeBSD Security Notice FreeBSD-SN-03:01
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SN-03:01 Security Notice
The FreeBSD Project
Topic: security issue in samba ports
Announced: 2003-04-07
I. Introduction
Several ports in the