Lenovo Rescue and Recovery version 4.20 suffers from a heap overflow in the file system filter kernel driver which could allow an attacker to overwrite kernel memory leading to elevation of privilege.
b6cfc77e131af76632d4e48351d6e7633e6fa344597cae913e2e3a8ca80df110A vulnerability results from the Net::HTTPS library from Ruby versions 1.8.5 and 1.8.6 failing to validate the name on the SSL certificate against the DNS name requested by the user. By not validating the name, the library allows an attacker to present a cryptographically valid certificate with an invalid CN.
30fcafc5523a3be23deee577529d910574c4482ca24286ec62b4815b2b3dcf84
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed