Linux Kernel CVE-2013-4312 Multiple Local Denial of Service Vulnerabilities
Monthly Archives: February 2016
Vuln: Linux Kernel 'fs/fuse/file.c' Local Denial of Service Vulnerability
Linux Kernel ‘fs/fuse/file.c’ Local Denial of Service Vulnerability
Vuln: Linux Kernel CVE-2015-7550 Null Pointer Deference Local Denial of Service Vulnerability
Linux Kernel CVE-2015-7550 Null Pointer Deference Local Denial of Service Vulnerability
DSA-3487 libssh2 – security update
Andreas Schneider reported that libssh2, a SSH2 client-side library,
passes the number of bytes to a function that expects number of bits
during the SSHv2 handshake when libssh2 is to get a suitable value for
group order
in the Diffie-Hellman negotiation. This weakens
significantly the handshake security, potentially allowing an
eavesdropper with enough resources to decrypt or intercept SSH sessions.
DSA-3488 libssh – security update
Aris Adamantiadis discovered that libssh, a tiny C SSH library,
incorrectly generated a short ephemeral secret for the
diffie-hellman-group1 and diffie-hellman-group14 key exchange methods.
The resulting secret is 128 bits long, instead of the recommended sizes
of 1024 and 2048 bits respectively. This flaw could allow an
eavesdropper with enough resources to decrypt or intercept SSH sessions.
Vuln: Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
Vuln: ISC BIND CVE-2015-8704 Remote Denial of Service Vulnerability
ISC BIND CVE-2015-8704 Remote Denial of Service Vulnerability
Vuln: Linux Kernel Crypto API CVE-2013-7421 Local Security Bypass Vulnerability
Linux Kernel Crypto API CVE-2013-7421 Local Security Bypass Vulnerability
Vuln: Linux Kernel CVE-2015-5307 Denial of Service Vulnerability
Linux Kernel CVE-2015-5307 Denial of Service Vulnerability
WebSVN 2.3.3 Cross Site Scripting
WebSVN version 2.3.3 suffers from a cross site scripting vulnerability.