厂商或团体 debian 的搜索结果 (1081)

CVE-2017-11565(发布:2017-07-23 16:29:00)N
CVSS5.0

[原文]debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for Tor was designed to execute aa-exec from the standard system pathname if the apparmor package is installed, but implements this incorrectly (with a wrong assumption that the specific pathname would remain the same forever), which allows attackers to bypass intended AppArmor restrictions by leveraging the silent loss of this protection mechanism. NOTE: this does not affect systems, such as default Debian stretch installations, on which Tor startup relies on a systemd unit file (instead of this tor.init script).

CVE-2015-5194(发布:2017-07-21 10:29:00)NMPS
CVSS5.0

[原文]The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

CVE-2015-5195(发布:2017-07-21 10:29:00)NMPS
CVSS5.0

[原文]ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.

CVE-2015-5219(发布:2017-07-21 10:29:00)NMPS
CVSS5.0

[原文]The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

CVE-2015-5300(发布:2017-07-21 10:29:00)NMPS
CVSS5.0

[原文]The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).

CVE-2016-4000(发布:2017-07-06 12:29:00)NMP
CVSS7.5

[原文]Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a crafted serialized PyFunction object.

12345678下一页尾页 第1页 / 共181页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站