Vulnerability & Exploit Database

Displaying all 10 entries

Results for: CVE-2015-0274 Back to search

Cisco NX-OS: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability (CVE-2015-0721) Vulnerability

  • Severity: 9
  • Published: October 06, 2016

Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669...

USN-2544-1: Linux kernel vulnerabilities Vulnerability

  • Severity: 7
  • Published: March 16, 2015

The XFS implementation in the Linux kernel before 3.15 improperly uses an old size value during remote attribute replacement, which allows local users to cause a denial of service (transaction overrun and data corruption) or possibly gain privileges by leveraging XFS filesystem access.

USN-2543-1: Linux kernel (Trusty HWE) vulnerabilities Vulnerability

  • Severity: 7
  • Published: March 16, 2015

The XFS implementation in the Linux kernel before 3.15 improperly uses an old size value during remote attribute replacement, which allows local users to cause a denial of service (transaction overrun and data corruption) or possibly gain privileges by leveraging XFS filesystem access.

Amazon Linux AMI: Security patch for kernel (ALAS-2015-489) (CVE-2015-0274) Vulnerability

  • Severity: 7
  • Published: March 09, 2015

The XFS implementation in the Linux kernel before 3.15 improperly uses an old size value during remote attribute replacement, which allows local users to cause a denial of service (transaction overrun and data corruption) or possibly gain privileges by leveraging XFS filesystem access.

SUSE: CVE-2014-9294: SUSE Linux Security Advisory Vulnerability

  • Severity: 8
  • Published: December 19, 2014

util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.

SUSE: CVE-2014-9293: SUSE Linux Security Advisory Vulnerability

  • Severity: 8
  • Published: December 19, 2014

The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.

RHSA-2015:0290: kernel security, bug fix, and enhancement update Vulnerability

  • Severity: 7
  • Published: November 29, 2014

The kernel packages contain the Linux kernel, the core of any Linuxoperating system.Red Hat would like to thank Eric Windisch of the Docker project forreporting CVE-2015-0274, Andy Lutomirski for reporting CVE-2014-3690, andRobert ?wi?cki for reporting CVE-2014-7825 and CVE-2014-7826.This update also fixes several hundred bugs and adds n...

ELSA-2015-0290 Important: Oracle Linux kernel security, bug fix, and enhancement update Vulnerability

  • Severity: 8
  • Published: September 28, 2014

The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.