Powered by Deep Web Technologies
Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


1

NEHRP - Hazard Vulnerability and Disaster Resiliency ...  

Science Conference Proceedings (OSTI)

... Hazard Vulnerability and Disaster Resiliency. 2013. ... gaps for achieving resilience in the ... protection, emergency response, business continuity, and ...

2

Vulnerability and social risk management in India and Mexico  

E-Print Network (OSTI)

The development of effective community, regional and national risk-management strategies, especially for systemic risks, such as natural disasters, entails understanding the determinants of social vulnerability in individuals ...

Flores Ballesteros, Luis

2008-01-01T23:59:59.000Z

3

Information Products Laboratory for Emergency Response The three-tiered disaster management approach, disaster planning, disaster response and disaster  

E-Print Network (OSTI)

IPLER Information Products Laboratory for Emergency Response 1 The three-tiered disaster management approach, disaster planning, disaster response and disaster recovery, is ripe for innovation through on understanding user needs in terms of disaster management and response, defining the range of possible solutions

Zanibbi, Richard

4

Plutonium Vulnerability Management Plan  

Science Conference Proceedings (OSTI)

This Plutonium Vulnerability Management Plan describes the Department of Energy`s response to the vulnerabilities identified in the Plutonium Working Group Report which are a result of the cessation of nuclear weapons production. The responses contained in this document are only part of an overall, coordinated approach designed to enable the Department to accelerate conversion of all nuclear materials, including plutonium, to forms suitable for safe, interim storage. The overall actions being taken are discussed in detail in the Department`s Implementation Plan in response to the Defense Nuclear Facilities Safety Board (DNFSB) Recommendation 94-1. This is included as Attachment B.

NONE

1995-03-01T23:59:59.000Z

5

Decision support for disaster management  

E-Print Network (OSTI)

support system for disaster response and recovery usingJ (2006) Improving disaster response efforts with decisionSpringerlink.com Abstract Disaster response and recovery are

Rolland, Erik; Patterson, Raymond A.; Ward, Keith; Dodin, Bajis

2010-01-01T23:59:59.000Z

6

Disaster waste management: A review article  

SciTech Connect

Depending on their nature and severity, disasters can create large volumes of debris and waste. The waste can overwhelm existing solid waste management facilities and impact on other emergency response and recovery activities. If poorly managed, the waste can have significant environmental and public health impacts and can affect the overall recovery process. This paper presents a system overview of disaster waste management based on existing literature. The main literature available to date comprises disaster waste management plans or guidelines and isolated case studies. There is ample discussion on technical management options such as temporary storage sites, recycling, disposal, etc.; however, there is little or no guidance on how these various management options are selected post-disaster. The literature does not specifically address the impact or appropriateness of existing legislation, organisational structures and funding mechanisms on disaster waste management programmes, nor does it satisfactorily cover the social impact of disaster waste management programmes. It is envisaged that the discussion presented in this paper, and the literature gaps identified, will form a basis for future comprehensive and cohesive research on disaster waste management. In turn, research will lead to better preparedness and response to disaster waste management problems.

Brown, Charlotte, E-mail: charlotte.brown@pg.canterbury.ac.nz [University of Canterbury, Private Bag 4800, Christchurch 8140 (New Zealand); Milke, Mark, E-mail: mark.milke@canterbury.ac.nz [University of Canterbury, Private Bag 4800, Christchurch 8140 (New Zealand); Seville, Erica, E-mail: erica.seville@canterbury.ac.nz [University of Canterbury, Private Bag 4800, Christchurch 8140 (New Zealand)

2011-06-15T23:59:59.000Z

7

Modeling s-t Path Availability to Support Disaster Vulnerability Assessment of Network Infrastructure  

E-Print Network (OSTI)

The maintenance of system flow is critical for effective network operation. Any type of disruption to network facilities (arcs/nodes) potentially risks loss of service, leaving users without access to important resources. It is therefore an important goal of planners to assess infrastructures for vulnerabilities, identifying those vital nodes/arcs whose debilitation would compromise the most source-sink (s-t) interaction or system flow. Due to the budgetary limitations of disaster management agencies, protection/fortification and planning for the recovery of these vital infrastructure facilities is a logical and efficient proactive approach to reducing worst-case risk of service disruption. Given damage to a network, evaluating the potential for flow between s-t pairs requires assessing the availability of an operational s-t path. Recent models proposed for identifying infrastructure vital to system flow have relied on enumeration of all s-t paths to support this task. This paper proposes an alternative model...

Matisziw, Timothy C

2010-01-01T23:59:59.000Z

8

Workforce management strategies in a disaster scenario.  

Science Conference Proceedings (OSTI)

A model of the repair operations of the voice telecommunications network is used to study labor management strategies under a disaster scenario where the workforce is overwhelmed. The model incorporates overtime and fatigue functions and optimizes the deployment of the workforce based on the cost of the recovery and the time it takes to recover. The analysis shows that the current practices employed in workforce management in a disaster scenario are not optimal and more strategic deployment of that workforce is beneficial.

Kelic, Andjelka; Turk, Adam L.

2008-08-01T23:59:59.000Z

9

Emergency Animal Management during Disasters  

E-Print Network (OSTI)

This publication explains how communities and counties can incorporate animal issues into their emergency management plans. It explains what local plans should include, what role county Extension agents can play, and how animal management plans can best be used.

Dement, Angela

2006-10-23T23:59:59.000Z

10

Managing Risk in Disaster Scenarios with Autonomous Robots  

E-Print Network (OSTI)

of damage. · The initial response to the disaster is limited to only those local rescue assets that have had some limited use in disaster response, most notably the responses led by the Center for Robot1 Managing Risk in Disaster Scenarios with Autonomous Robots Daniel P. Stormont and Vicki H. Allan

Allan, Vicki H.

11

Using Remote Sensing for Natural Disaster Management Tara Srihari  

E-Print Network (OSTI)

and maintenance [5]. #12;2.1 Acquiring Data Disaster response is dynamic and time sensitive. Some data needsUsing Remote Sensing for Natural Disaster Management Tara Srihari Department of Computing Sciences.srihari@villanova.edu December 8, 2008 Abstract Natural disasters can cause devastating human, property, and economic loss

12

SENDROM: sensor networks for disaster relief operations management  

Science Conference Proceedings (OSTI)

SENDROM is a new sensor network architecture to manage the rescue operations after large scale disasters. This architecture mainly consists of sensor nodes deployed prior to a disaster and central nodes that can query sensor nodes. Central nodes are ... Keywords: data dissemination, disaster relief operations, sesnor networks, task dissemination

Erdal Cayirci; Tolga Coplu

2007-06-01T23:59:59.000Z

13

An emergency GSM satellite portable terminal for disaster management  

Science Conference Proceedings (OSTI)

Natural Disaster occurs without prior intimation and often come along with the destruction of the local telecommunication infrastructure causing severe problems for rescue operations. Emergency Telecommunication restoration systems (ETRS) play an ever-increasing ... Keywords: ETRS, GSM, abis, disaster management, satellite

P. K. Srinivasan

2011-12-01T23:59:59.000Z

14

T-731:Symantec IM Manager Code Injection Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

T-731:Symantec IM Manager Code Injection Vulnerability T-731:Symantec IM Manager Code Injection Vulnerability T-731:Symantec IM Manager Code Injection Vulnerability September 30, 2011 - 8:30am Addthis PROBLEM: Symantec IM Manager Code Injection Vulnerability. PLATFORM: IM Manager versions prior to 8.4.18 are affected. ABSTRACT: Symantec IM Manager is prone to a vulnerability that will let attackers run arbitrary code. referecnce LINKS: Symantec Security Advisory SYM11-012 Symantec Security Updates Bugtraq ID: 49742 IMPACT ASSESSMENT: High Discussion: Symantec was notified of Cross-Site Scripting and Code injection/execution issues present in the Symantec IM Manager management console. The management console fails to properly filter/validate external inputs. Successful exploitation of SQL Injection or Remote Code execution might

15

A research-based approach to simulation in disaster management  

Science Conference Proceedings (OSTI)

The need for emergency management models has increased in response to the rise in disasters in recent years. The need for a set of standards to be applied to the practise of emergency management has been identified by local and state officials (Local ...

Asli Soyler; Maria T. Bull; Yanshen Zhu; Abeer Sharawi; Pamela McCauley Bush

2012-05-01T23:59:59.000Z

16

V-182: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Symantec Endpoint Protection Manager Buffer Overflow 2: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability V-182: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability June 20, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in Symantec Endpoint Protection Manager PLATFORM: The vulnerability is reported in versions 12.1.x prior to 12.1 RU3 ABSTRACT: Symantec was notified of a pre-authentication buffer overflow found in the Symantec Endpoint Protection Manager (SEPM) and Symantec Endpoint Protection Center (SPC) REFERENCE LINKS: Secunia Advisory SA53864 SecurityTracker Alert ID: 1028683 Symantec Adivsory SYM13-005 CVE-2013-1612 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to a boundary error within secars.dll and can be exploited to cause a buffer overflow via the web-based management

17

V-182: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

82: Symantec Endpoint Protection Manager Buffer Overflow 82: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability V-182: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability June 20, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in Symantec Endpoint Protection Manager PLATFORM: The vulnerability is reported in versions 12.1.x prior to 12.1 RU3 ABSTRACT: Symantec was notified of a pre-authentication buffer overflow found in the Symantec Endpoint Protection Manager (SEPM) and Symantec Endpoint Protection Center (SPC) REFERENCE LINKS: Secunia Advisory SA53864 SecurityTracker Alert ID: 1028683 Symantec Adivsory SYM13-005 CVE-2013-1612 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to a boundary error within secars.dll and can be exploited to cause a buffer overflow via the web-based management

18

THE CONTRIBUTION OF RADIO SCIENCES TO DISASTER MANAGEMENT T. J. Tanzia  

E-Print Network (OSTI)

-based Information for Disaster Management and Emergency Response), developed by UNOOSA (United Nations Office use them to rapidly provide summary maps to bodies responsible for disaster management (governmentTHE CONTRIBUTION OF RADIO SCIENCES TO DISASTER MANAGEMENT T. J. Tanzia , F. Lefeuvreb a CNRS

Paris-Sud XI, Université de

19

V-161: IBM Maximo Asset Management Products Java Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

61: IBM Maximo Asset Management Products Java Multiple 61: IBM Maximo Asset Management Products Java Multiple Vulnerabilities V-161: IBM Maximo Asset Management Products Java Multiple Vulnerabilities May 22, 2013 - 12:46am Addthis PROBLEM: IBM Maximo Asset Management Products Java Multiple Vulnerabilities PLATFORM: IBM Maximo Asset Management 6.x IBM Maximo Asset Management 7.x IBM Maximo Asset Management Essentials 7.x ABSTRACT: Asset and Service Mgmt Products - Potential security exposure when using JavaTM based applications due to vulnerabilities in Java Software Developer Kits. REFERENCE LINKS: IBM Reference #:1638135 Secunia Advisory SA53451 CVE-2013-0401 CVE-2013-2433 CVE-2013-2434 CVE-2013-0402 CVE-2013-1488 CVE-2013-1491 CVE-2013-1518 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1558 CVE-2013-1561 CVE-2013-1563 CVE-2013-1564 CVE-2013-1569

20

V-161: IBM Maximo Asset Management Products Java Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: IBM Maximo Asset Management Products Java Multiple 1: IBM Maximo Asset Management Products Java Multiple Vulnerabilities V-161: IBM Maximo Asset Management Products Java Multiple Vulnerabilities May 22, 2013 - 12:46am Addthis PROBLEM: IBM Maximo Asset Management Products Java Multiple Vulnerabilities PLATFORM: IBM Maximo Asset Management 6.x IBM Maximo Asset Management 7.x IBM Maximo Asset Management Essentials 7.x ABSTRACT: Asset and Service Mgmt Products - Potential security exposure when using JavaTM based applications due to vulnerabilities in Java Software Developer Kits. REFERENCE LINKS: IBM Reference #:1638135 Secunia Advisory SA53451 CVE-2013-0401 CVE-2013-2433 CVE-2013-2434 CVE-2013-0402 CVE-2013-1488 CVE-2013-1491 CVE-2013-1518 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1558 CVE-2013-1561 CVE-2013-1563 CVE-2013-1564 CVE-2013-1569

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


21

V-180: IBM Application Manager For Smart Business Multiple Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

V-180: IBM Application Manager For Smart Business Multiple V-180: IBM Application Manager For Smart Business Multiple Vulnerabilities V-180: IBM Application Manager For Smart Business Multiple Vulnerabilities June 18, 2013 - 12:38am Addthis PROBLEM: IBM Application Manager For Smart Business Multiple Vulnerabilities PLATFORM: IBM Application Manager For Smart Business 1.x ABSTRACT: A security issue and multiple vulnerabilities have been reported in IBM Application Manager For Smart Business REFERENCE LINKS: Security Bulletin 1640752 Secunia Advisory SA53844 CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-2190 CVE-2012-2191 CVE-2012-2203 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4820 CVE-2012-4821 CVE-2012-4822 CVE-2012-4823 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5079

22

Important elements of disaster management and mitigation and design and development of a software tool  

Science Conference Proceedings (OSTI)

Natural Disasters causing damage to human life, property, infrastructure and economy has emerged as a global challenge. Requisite safety measures have to be provided for natural hazards. Prevention is better than cure. Once disaster occurred, it is very ... Keywords: catastrophe, disaster, industrial, management, mitigation, natural, plans

Gurumurthy Vijayan Iyer; Nikos E. Mastorakis

2006-06-01T23:59:59.000Z

23

Evaluating disaster management knowledge model by using a frequency-based selection technique  

Science Conference Proceedings (OSTI)

Disaster Management (DM) is a multidisciplinary endeavour and a very difficult knowledge domain to model. It is a diffused area of knowledge that is continuously evolving and informally represented. Metamodel is the output artefact of metamodelling, ... Keywords: disaster management, frequency-based selection, knowledge model, metamodel, model transformation

Siti Hajar Othman; Ghassan Beydoun

2012-09-01T23:59:59.000Z

24

Mobile medical disaster relief technology : enhancing communication, medical logistics, data creation, and crisis mapping for vulnerable communities  

E-Print Network (OSTI)

This thesis explores the field of disaster relief and recovery, and the application of emerging technologies that are both used by, and use the data generated by communities affected by natural disaster. This thesis analyzes ...

Intrator, Kira (Kira Rachel)

2012-01-01T23:59:59.000Z

25

Combining Mobile XMPP Entities and Cloud Services for Collaborative Post-Disaster Management in Hybrid Network Environments  

Science Conference Proceedings (OSTI)

Crises such as the Fukushima incident in Japan showed the demand for flexible and easy-to-use monitoring and communication systems to support post-disaster management (i.e. the organization of actions in the follow-up of disasters), especially when critical ... Keywords: XMPP, cloud services, collaboration, mDNS, post-disaster management

Ronny Klauck; Michael Kirsche

2013-04-01T23:59:59.000Z

26

Building & Enhancing Interorganizational Relationships for Disaster Preparedness and Response Capacity: a Study of Community-based Organizations Serving Vulnerable Populations: a Focus on the Homeless  

E-Print Network (OSTI)

contribute to disaster and response capacity are explored.Role of Nonprofits in Disaster Response: An Expanded Modellook like in disaster response mode? (How would you

Nilsen, Donata Christiane

2012-01-01T23:59:59.000Z

27

Emergency management span of control optimizing organizational structures to better prepare Vermont for the next major or catastrophic disaster .  

E-Print Network (OSTI)

??During a statewide disaster in Vermont, one of the most important actions Vermont Emergency Management should take during the response phase is to maintain awareness… (more)

Schumacher, Ludwig J.

2008-01-01T23:59:59.000Z

28

U-214: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U-214: HP Network Node Manager Java JDK / JRE Multiple U-214: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities U-214: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities July 17, 2012 - 7:00am Addthis PROBLEM: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in version 9.0x running on HP-UX, Linux, Solaris, and Windows. ABSTRACT: Vulnerabilities could be remotely exploited resulting in unauthorized information disclosure, modification, Denial of Service (DoS). reference LINKS: HP Support document ID: c03405642 Secunia Advisory SA49966 IMPACT ASSESSMENT: High Discussion: HP has acknowledged some vulnerabilities in HP Network Node Manager, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to disclose potentially

29

U-214: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: HP Network Node Manager Java JDK / JRE Multiple 4: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities U-214: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities July 17, 2012 - 7:00am Addthis PROBLEM: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in version 9.0x running on HP-UX, Linux, Solaris, and Windows. ABSTRACT: Vulnerabilities could be remotely exploited resulting in unauthorized information disclosure, modification, Denial of Service (DoS). reference LINKS: HP Support document ID: c03405642 Secunia Advisory SA49966 IMPACT ASSESSMENT: High Discussion: HP has acknowledged some vulnerabilities in HP Network Node Manager, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to disclose potentially

30

Group value and intention to use - A study of multi-agency disaster management information systems for public safety  

Science Conference Proceedings (OSTI)

This paper examines and extends the theory of information systems success in the context of large-scale disaster management (DM) for public safety. In the recent past, various evaluation reports on DM efforts have concluded that information quality and ... Keywords: Disaster management, Group value, Information systems success, Intention to use, Public sector, Task support, User satisfaction

JinKyu Lee; Nitesh Bharosa; Jing Yang; Marijn Janssen; H. R. Rao

2011-01-01T23:59:59.000Z

31

Abstract We describe in this article a framework for disaster response process management. This framework can be used to develop information systems sup-  

E-Print Network (OSTI)

57 Abstract We describe in this article a framework for disaster response process management disaster response process management with business process management and argue why it is substantial, such as flexible workflow systems, are not suitable for disaster response processes. We propose an information

Paris-Sud XI, Université de

32

The Vulnerability of Mobile Home Residents in Tornado Disasters: The 2008 Super Tuesday Tornado in Macon County, Tennessee  

Science Conference Proceedings (OSTI)

Mobile home residents are known to be highly vulnerable to tornadoes and account for a considerable portion of tornado-related fatalities. The problem is partially related to the limited protection provided by the structure; however, shortcomings ...

Philip L. Chaney; Greg S. Weaver

2010-07-01T23:59:59.000Z

33

Managing the risks of extreme events and disasters to advance climate change adaptation. Special report of the Intergovernmental Panel on Climate Change (IPCC)  

SciTech Connect

This Special Report on Managing the Risks of Extreme Events and Disasters to Advance Climate Change Adaptation (SREX) has been jointly coordinated by Working Groups I (WGI) and II (WGII) of the Intergovernmental Panel on Climate Change (IPCC). The report focuses on the relationship between climate change and extreme weather and climate events, the impacts of such events, and the strategies to manage the associated risks. This Special Report, in particular, contributes to frame the challenge of dealing with extreme weather and climate events as an issue in decision making under uncertainty, analyzing response in the context of risk management. The report consists of nine chapters, covering risk management; observed and projected changes in extreme weather and climate events; exposure and vulnerability to as well as losses resulting from such events; adaptation options from the local to the international scale; the role of sustainable development in modulating risks; and insights from specific case studies. (LN)

Field, C.B.; Barros, V.; Stocker, T.F. (and others)

2012-07-01T23:59:59.000Z

34

Eliciting Local Spatial Knowledge for Community-Based Disaster Risk Management: Working with Cybertracker in Georgian Caucasus  

Science Conference Proceedings (OSTI)

CyberTracker CT participatory field data collection software is used as an element of Participatory GIS for acquiring, geo-referencing, storing and transferring local spatial knowledge. It has been developed initially for animal tracking, ecological ... Keywords: Community Surveys, Disaster Risk, Georgia, Local Knowledge, Participatory GIS Geo-Information Systems, Software Application, Vulnerability

Valentina Spanu, Michael Keith McCall

2013-04-01T23:59:59.000Z

35

Business Intelligence Modeling: A Case Study of Disaster Management Organization in Pakistan  

E-Print Network (OSTI)

Business Intelligence Modeling: A Case Study of Disaster Management Organization in Pakistan Sohail Asghar Department of Computer Science Mohammad Ali Jinnah University, Islamabad, Pakistan e-mail: sohail@umac.mo Touqeer Hussain Shaheed Zulfikar Ali Bhutto Institute of Science and Technology, Islamabad, Pakistan e

Fong, Chi Chiu "Simon"

36

T-614: Cisco Unified Communications Manager Database Security Vulnerability  

Energy.gov (U.S. Department of Energy (DOE))

The vulnerability is due to unspecified errors in the affected software that may allow the attacker to perform SQL injections. An authenticated, remote attacker could inject arbitrary SQL code on the system, allowing the attacker to take unauthorized actions.

37

V-177: VMware vCenter Chargeback Manager File Upload Handling Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

177: VMware vCenter Chargeback Manager File Upload Handling 177: VMware vCenter Chargeback Manager File Upload Handling Vulnerability V-177: VMware vCenter Chargeback Manager File Upload Handling Vulnerability June 13, 2013 - 6:00am Addthis PROBLEM: vCenter Chargeback Manager Remote Code Execution PLATFORM: VMware vCenter Chargeback Manager 2.x ABSTRACT: The vCenter Chargeback Manager contains a critical vulnerability that allows for remote code execution REFERENCE LINKS: Secunia Advisory SA53798 VMWare Security Advisory VMSA-2013-0008 CVE-2013-3520 IMPACT ASSESSMENT: Medium DISCUSSION: The vCenter Chargeback Manager (CBM) contains a flaw in its handling of file uploads. Exploitation of this issue may allow an unauthenticated attacker to execute code remotely. IMPACT: System Access SOLUTION: Vendor recommends updating to version 2.5.1

38

Management response plan for the Chemical Safety Vulnerability Working Group report. Volume 2  

SciTech Connect

The Chemical Safety Vulnerability (CSV) Working Group was established to identify adverse conditions involving hazardous chemicals at DOE facilities that might result in fires or explosions, release of hazardous chemicals to the environment, or exposure of workers or the public to chemicals. A CSV Review was conducted in 146 facilities at 29 sites. Eight generic vulnerabilities were documented related to: abandoned chemicals and chemical residuals; past chemical spills and ground releases; characterization of legacy chemicals and wastes; disposition of legacy chemicals; storage facilities and conditions; condition of facilities and support systems; unanalyzed and unaddressed hazards; and inventory control and tracking. Weaknesses in five programmatic areas were also identified related to: management commitment and planning; chemical safety management programs; aging facilities that continue to operate; nonoperating facilities awaiting deactivation; and resource allocations. To address the facility-specific and site-specific vulnerabilities, responsible DOE and site-contractor line organizations have developed initial site response plans. These plans, presented as Volume 2 of this Management Response Plan, describe the actions needed to mitigate or eliminate the facility- and site-specific vulnerabilities identified by the CSV Working Group field verification teams. Initial site response plans are described for: Brookhaven National Lab., Hanford Site, Idaho National Engineering Lab., Lawrence Livermore National Lab., Los Alamos National Lab., Oak Ridge Reservation, Rocky Flats Plant, Sandia National Laboratories, and Savannah River Site.

Not Available

1994-09-01T23:59:59.000Z

39

COUNTER DISASTER AND RECOVERY PLAN -UNIVERSITY RECORDS  

E-Print Network (OSTI)

...................................................................................10 3.1 Disaster Response and Recovery Team...........................................10 3.2 Emergency Disaster Response.......................................................................23 6.1 AssessingCOUNTER DISASTER AND RECOVERY PLAN - UNIVERSITY RECORDS Records Management & Archives Murdoch

40

Management response plan for the Chemical Safety Vulnerability Working Group report. Volume 1  

SciTech Connect

The Chemical Safety Vulnerability (CSV) Working Group was established to identify adverse conditions involving hazardous chemicals at DOE facilities that might result in fires or explosions, release of hazardous chemicals to the environment, or exposure of workers or the public to chemicals. A CSV Review was conducted in 146 facilities at 29 sites. Eight generic vulnerabilities were documented related to: abandoned chemicals and chemical residuals; past chemical spills and ground releases; characterization of legacy chemicals and wastes; disposition of legacy chemicals; storage facilities and conditions; condition of facilities and support systems; unanalyzed and unaddressed hazards; and inventory control and tracking. Weaknesses in five programmatic areas were also identified related to: management commitment and planning; chemical safety management programs; aging facilities that continue to operate; nonoperating facilities awaiting deactivation; and resource allocations. Volume 1 contains a discussion of the chemical safety improvements planned or already underway at DOE sites to correct facility or site-specific vulnerabilities. The main part of the report is a discussion of each of the programmatic deficiencies; a description of the tasks to be accomplished; the specific actions to be taken; and the organizational responsibilities for implementation.

Not Available

1994-09-01T23:59:59.000Z

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


41

Author manuscript, published in "9th International Conference on the Design of Cooperative Systems (COOP'2010) (2010)" Design of a Collaborative Disaster Response Process Management System  

E-Print Network (OSTI)

Abstract We describe in this article a framework for disaster response process management. This framework can be used to develop information systems supporting those processes. It is grounded in several research approaches: literature research, case studies, end user interviews and workshops. We compare disaster response process management with business process management and argue why it is substantial different to it. Another main result of this comparison is that business process management technology, such as flexible workflow systems, are not suitable for disaster response processes. We propose an information system supporting disaster response processes based on our developed framework. Finally we present validation of the information system design and give outlook on our future research.

Jörn Franke; François Charoy

2010-01-01T23:59:59.000Z

42

Data management for geospatial vulnerability assessment of interdependencies in US power generation  

Science Conference Proceedings (OSTI)

Critical infrastructures maintain our society's stability, security, and quality of life. These systems are also interdependent, which means that the disruption of one infrastructure system can significantly impact the operation of other systems. Because of the heavy reliance on electricity production, it is important to assess possible vulnerabilities. Determining the source of these vulnerabilities can provide insight for risk management and emergency response efforts. This research uses data warehousing and visualization techniques to explore the interdependencies between coal mines, rail transportation, and electric power plants. By merging geospatial and nonspatial data, we are able to model the potential impacts of a disruption to one or more mines, rail lines, or power plants, and visually display the results using a geographical information system. A scenario involving a severe earthquake in the New Madrid Seismic Zone is used to demonstrate the capabilities of the model when given input in the form of a potentially impacted area. This type of interactive analysis can help decision makers to understand the vulnerabilities of the coal distribution network and the potential impact it can have on electricity production.

Shih, C.Y.; Scown, C.D.; Soibelman, L.; Matthews, H.S.; Garrett, J.H.; Dodrill, K.; McSurdy, S. [Carnegie Mellon University, Pittsburgh, PA (United States). Dept. of Civil & Environmental Engineering

2009-09-15T23:59:59.000Z

43

Security Automation and the National Vulnerability Database  

Science Conference Proceedings (OSTI)

... 6 Page 7. National Vulnerability Database Role Receive CVE ... Environmental Integrity ... Use Case: Vulnerability Management CVE 2012-3544 30 ...

2013-06-05T23:59:59.000Z

44

Corrective Action Plan for INEL low-level waste management ES&H vulnerabilities  

SciTech Connect

Low-level waste (LLW) activities at INEL include numerous waste generators, storage facilities, three treatment facilities, and one disposal facility. The Working Group Assessment Team (WGAT) conducted an assessment of the LLW management program in response to the Defense Nuclear Facilities Safety Board (DNFSB) Recommendation 94-2 (Conformance with Safety Standards at Department of Energy Low-Level Nuclear Waste and Disposal Facilities). Assessment included review of waste generators, liquid effluent treatment, storage facilities and practices, and a disposal facility with vaults and a shallow subsurface burial site. WGAT reviewed relevant documents and conducted tours concerning these LLW operations. The vulnerabilities identified by WGAT were similar to those self-identified by INEL (storage and disposal of LLW). This assessment resulted in the documentation of 8 vulnerabilities and 3 conditions. WGAT assessed the overall LLW/mixed low-level waste (MLLW) management program at INEL as being generally effective. As recommended by DNFSB, a site-specific Corrective Action Plan has been prepared and constitutes the initial site improvement activities.

1996-07-01T23:59:59.000Z

45

GAO-06-838R Contract Management: DOD Vulnerabilities to Contracting Fraud, Waste, and Abuse  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Accountability Office Accountability Office ington, DC 20548 Wash July 7, 2006 The Honorable John Warner Chairman The Honorable Carl Levin Ranking Member Committee on Armed Services United States Senate The Honorable Duncan Hunter Chairman The Honorable Ike Skelton Ranking Member Committee on Armed Services House of Representatives Subject: Contract Management: DOD Vulnerabilities to Contracting Fraud, Waste, and Abuse In recent years, the Department of Defense (DOD) has increasingly relied on goods and services provided by the private sector under contract. Since fiscal year 2000, DOD's contracting for goods and services has nearly doubled, and this trend is expected to continue. In fiscal year 2005 alone, DOD obligated nearly $270 billion on contracts for goods and services. Given the

46

Collaborative Post-Disaster Damage Mapping via Geo Web Services  

E-Print Network (OSTI)

Action focus on post disaster re- sponse, frequently linking disaster response and management efforts disaster response. ImageCat Inc., for example, has been developing tools for more efficient image based disaster response, most re- cently the Virtual Disaster Viewer (VDV) based on MS Virtual Earth, which

Köbben, Barend

47

Agent-Based Coordination Technologies in Disaster (Demo Paper)  

E-Print Network (OSTI)

be applied is that of emergency response or disaster management. Disaster management has become an importantAgent-Based Coordination Technologies in Disaster Management (Demo Paper) Sarvapali D. Ramchurn issue in the last few years due to the large number of disasters occurring such as hurricane Katrina

Vetsikas, Ioannis

48

Resilience in the Face of Disaster: Accounting for Varying Disaster Magnitudes, Resource  

E-Print Network (OSTI)

problem in disaster management is the complexity inherent in an emer- gency response. As such, plannersResilience in the Face of Disaster: Accounting for Varying Disaster Magnitudes, Resource Topologies-Based Model platform for urban disaster simulation and emergency planning, features a variety of reality

Mishra, Bud

49

Forecasting demand of commodities after natural disasters  

Science Conference Proceedings (OSTI)

Demand forecasting after natural disasters is especially important in emergency management. However, since the time series of commodities demand after natural disasters usually has a great deal of nonlinearity and irregularity, it has poor prediction ... Keywords: ARIMA, Demand forecasting, EMD, Emergency management, Natural disaster

Xiaoyan Xu; Yuqing Qi; Zhongsheng Hua

2010-06-01T23:59:59.000Z

50

Components of disaster-tolerant computing: analysis of disaster recovery, IT application downtime and executive visibility  

Science Conference Proceedings (OSTI)

This paper provides a review of disaster-tolerant Information Technology (IT). The state of traditional disaster recovery approaches is outlined. The risks of IT application downtime attributable to the increasing dependence on critical information ... Keywords: IT application availability, IT application downtime, business continuity, complex infrastructure systems, criticality-driven, disaster recovery, disaster tolerance, disaster-tolerant computing, emergency management, executive visibility, information technology, interaction, interdependent, survivability

Chad M. Lawler; Michael A. Harper; Stephen A. Szygenda; Mitchell A. Thornton

2008-02-01T23:59:59.000Z

51

Counting on Solar Power for Disaster Relief: Federal Energy Management Program (FEMP) Technical Assistance Fact Sheet  

DOE Green Energy (OSTI)

When disaster strikes, electric power is usually the first critically important service to be lost. After several years of research and development, portable electric generator sets (gensets) are now entering the marketplace. The new gensets make use of solar electric panels known as photovoltaics (PV) to produce electricity. These gensets are reliable, safe to operate, highly mobile and will supply much-needed power for emergency response teams.

NONE

1999-04-01T23:59:59.000Z

52

Corporate involvement in disaster response and recovery : an analysis of the Gujarat Earthquake  

E-Print Network (OSTI)

Disaster vulnerability is a serious issue in developing countries where globalization, development patterns, poverty and environmental degradation are placing more people at risk to natural disasters. Recent appeals for ...

Sayegh, Tracy, 1976-

2004-01-01T23:59:59.000Z

53

NSTB Summarizes Vulnerable Areas  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

NSTB Summarizes Vulnerable Areas NSTB Summarizes Vulnerable Areas Commonly Found in Energy Control Systems Experts at the National SCADA Test Bed (NSTB) discovered some common areas of vulnerability in the energy control systems assessed between late 2004 and early 2006. These vulnerabilities ranged from conventional IT security issues to specific weaknesses in control system protocols. The paper "Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems" describes the vulnerabilities and recommended strategies for mitigating them. It should be of use to asset owners and operators, control system vendors, system integrators, and third-party vendors interested in enhancing the security characteristics of current and future products.

54

Philosophy on Vulnerability Assessments  

NLE Websites -- All DOE Office Websites (Extended Search)

capabilities/vat/assess/ capabilities/vat/assess/ ARGONNE NATIONAL LABORATORY, Nuclear Engineering Division, 9700 South Cass Ave., Argonne, IL Philosophy on Vulnerability Assessments Argonne Vulnerability Assessment Team Roger G. Johnston, Ph.D., CPP , 630-252-6168 1. There are a number of conventional tools for finding security vulnerabilities. These include security surveys, risk management, design basis threat, CARVER Method, Delphi Method, software vulnerability assessment tools, infrastructure modeling, etc. 2. These tools have some value, and indeed we have used them all. 3. Experience has shown, however, that these methods do not usually result in dramatic improvements to security, nor do they reliably predict catastrophic security incidents that

55

National Vulnerability Database Full Vulnerability Listing  

Science Conference Proceedings (OSTI)

NVD Complete Vulnerability Listing. This web page contains direct links to every National Vulnerability Database vulnerability entry. ...

56

Equally Unprepared: Assessing the Hurricane Vulnerability of Undergraduate Students  

Science Conference Proceedings (OSTI)

Students have been described as being both particularly vulnerable to natural disasters and highly resilient in recovery. In addition, they often have been treated as a distinct, homogeneous group sharing similar characteristics. This research ...

Jason L. Simms; Margarethe Kusenbach; Graham A. Tobin

2013-07-01T23:59:59.000Z

57

International Disaster Medical Sciences Fellowship: Model Curriculum and Key Considerations for Establishment of an Innovative International Educational Program  

E-Print Network (OSTI)

Management Institute Independent Study Program Professional Development Series University on-line basic disaster training and

Koenig, Kristi L; Bey, Tareg; Schultz, Carl H

2009-01-01T23:59:59.000Z

58

Using Data Mining Techniques to Address Critical Information Exchange Needs in Disaster Affected  

E-Print Network (OSTI)

disaster information in the context of disaster management phases: Preparation, Response, RecoveryUsing Data Mining Techniques to Address Critical Information Exchange Needs in Disaster Affected Management and Disaster Recovery have gained immense importance in the wake of recent man and nature

Chen, Shu-Ching

59

Conceptual Modeling in Disaster Planning Using Agent Constructs  

Science Conference Proceedings (OSTI)

A disaster plan contains rules to be used by responders to deal with a disaster and save lives. Usually, the plan is not enacted by those who created it. This results in difficulty for responders in utilizating the plan. Conceptual models have been used ... Keywords: Disaster Management, Intelligent Agent, Modeling Grammar

Kafui Monu; Carson Woo

2009-11-01T23:59:59.000Z

60

A fuzzy clustering iterative model using chaotic differential evolution algorithm for evaluating flood disaster  

Science Conference Proceedings (OSTI)

Flood disaster is a kind of frequent natural hazards. The objective of flood disaster evaluation is to establish hazard assessment model for managing flood and preventing disaster. Base on the chaotic optimization theory, this paper proposes a chaotic ... Keywords: Chaotic map, Differential evolution algorithm, Evolutionary computation, Flood disaster evaluation, Fuzzy clustering

Yaoyao He; Jianzhong Zhou; Pangao Kou; Ning Lu; Qiang Zou

2011-08-01T23:59:59.000Z

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


61

Open Information Gateway for Disaster Management Chi-Sheng SHIH, Ling-Jyh CHEN, Ching-Ju LIN, and Wei-Ho CHUNG  

E-Print Network (OSTI)

is one of the fundamen- tal challenges to support timely and efficient disaster response and relief with probabilistic bandwidth guarantee. I. INTRODUCTION Success disaster response requires the collaboration from exchange for disaster response. In the last few decades, many attempts aimed on devel- oping special

Chen, Ling-Jyh

62

Argonne's Vulnerability  

NLE Websites -- All DOE Office Websites (Extended Search)

finding finding and fixing security flaws Argonne's Vulnerability assessment Team VAT researchers spend their workdays devising and demonstrating ways to defeat a wide variety of security devices, systems, and programs, ranging from electronic voting machines and global positioning systems (GPS) to nuclear safeguards programs and biometrics-based access control. This involves analyzing the security features, reverse-engineering the technology or

63

Seals Applications - Vulnerability Assessment Team - Nuclear...  

NLE Websites -- All DOE Office Websites (Extended Search)

Physical Security Maxims Read the Security Maxims Devil's Dictionary of Security Terms For more information: Vulnerability Assessment Section Sect. Manager: Roger G....

64

WTC Disaster Study Recommendations  

Science Conference Proceedings (OSTI)

... Technical aspects of evacuation and emergency response procedures; Specific ... resulting from the World Trade Center (WTC) disaster study impact ...

2013-11-26T23:59:59.000Z

65

DISASTER PLAN Library Materials  

E-Print Network (OSTI)

New York: Neal-Schuman; 1992. Kahn, Miriam. Disaster Response and Prevention for Computer And DataDISASTER PLAN Library Materials For the University of Toronto Library System September 2013 disaster planning for archives, libraries and record centres. Second edition. Boston: Scarecrow Press, 2002

Sokolowski, Marla

66

Hawaii Energy Strategy: Program guide. [Contains special sections on analytical energy forecasting, renewable energy resource assessment, demand-side energy management, energy vulnerability assessment, and energy strategy integration  

SciTech Connect

The Hawaii Energy Strategy program, or HES, is a set of seven projects which will produce an integrated energy strategy for the State of Hawaii. It will include a comprehensive energy vulnerability assessment with recommended courses of action to decrease Hawaii's energy vulnerability and to better prepare for an effective response to any energy emergency or supply disruption. The seven projects are designed to increase understanding of Hawaii's energy situation and to produce recommendations to achieve the State energy objectives of: Dependable, efficient, and economical state-wide energy systems capable of supporting the needs of the people, and increased energy self-sufficiency. The seven projects under the Hawaii Energy Strategy program include: Project 1: Develop Analytical Energy Forecasting Model for the State of Hawaii. Project 2: Fossil Energy Review and Analysis. Project 3: Renewable Energy Resource Assessment and Development Program. Project 4: Demand-Side Management Program. Project 5: Transportation Energy Strategy. Project 6: Energy Vulnerability Assessment Report and Contingency Planning. Project 7: Energy Strategy Integration and Evaluation System.

1992-09-01T23:59:59.000Z

67

WESTERN UNIVERSITY Disaster Plan  

E-Print Network (OSTI)

.7 Assumptions 1.7.1 Emergency 1.7.2 Disaster 1.8 Concept of Operations 1.8.1 Background 1.8.2 Emergency Response/Administrative Unit Responsibilities 1.8.8 Situation Reports 2. UTILIZING THE DISASTER PLAN 2.1 Emergency Process Members ­ Individual Responsibilities #12;WESTERN UNIVERSITY Disaster Plan January, 2013 2.7.1 VP

Sinnamon, Gordon J.

68

Photovoltaic application for disaster relief  

DOE Green Energy (OSTI)

Hurricanes, floods, tornados, and earthquakes are natural disasters that can happen at any time destroying homes, businesses, and natural surroundings. One such disaster, Hurricane Andrew, devastated South Florida leaving several hundred-thousand people homeless. Many people were without electrical service, functioning water and sewage systems, communications, and medical services for days, even weeks in the aftermath of the storm. Emergency management teams, the military, and countless public and private organizations staged a massive relief effort. Dependency on electrical utility power became a pronounced problem as emergency services were rendered to survivors and the rebuilding process started. Many of the energy needs of emergency management organizations, relief workers, and the general public can be satisfied with solar electric energy systems. Photovoltaic (PV) power generated from solar energy is quiet, safe, inexhaustible and pollution-free. Previously, photovoltaics have supplied emergency power for Hurricanes Hugo and Andrew, and the earthquake at Northridge in Southern California. This document focuses on photovoltaic technology and its application to disaster relief efforts.

Young, W.R. Jr.

1995-11-01T23:59:59.000Z

69

Development of USN based disaster prevention system in South Korea  

Science Conference Proceedings (OSTI)

It is possible to construct a systematic and efficient disaster prevention system utilizing ubiquitous sensor networks and wired/wireless communication infrastructure. In this paper, we suggest and design a USN (Ubiquitous Sensor Network) platform to ... Keywords: USN, WSN, disaster, gateway, management server, prevention, ubiquitous

Dae-Hyun Ryu; Seung-Hoon Nam

2008-12-01T23:59:59.000Z

70

Natural Disasters: Some Empirical  

Science Conference Proceedings (OSTI)

Page 1. j N8SIR 74-473 Natural Disasters: Some Empirical and Economic Considerations G. Thomas Sav Buildine Economies ...

2008-03-06T23:59:59.000Z

71

The use of social media within the global disaster alert and coordination system (GDACS)  

Science Conference Proceedings (OSTI)

The Global Disaster Alert and Coordination System (GDACS) collects near real-time hazard information to provide global multi-hazard disaster alerting for earthquakes, tsunamis, tropical cyclones, floods and volcanoes. GDACS alerts are based on calculations ... Keywords: disaster management, emergency response, impact analysis, social media, twitter

Beate Stollberg; Tom de Groeve

2012-04-01T23:59:59.000Z

72

Auto-scaling Emergency Call Centres using Cloud Resources to Handle Disasters  

E-Print Network (OSTI)

elements of an emergency response to a disaster event. However, frequently the phone net- work an IT infrastructure that scales in response to the demands of disaster management. In this paper, we introduce Technology (IT) plays a central role in disaster response and emergency man- agement [2]. Therefore

New South Wales, University of

73

Franke et al. Temporal Coordination of Disaster Response Activities Proceedings of the 7th  

E-Print Network (OSTI)

Franke et al. Temporal Coordination of Disaster Response Activities Proceedings of the 7th and regulations. The goal of this paper is to present an activity management system for disaster response. Temporal Coordination of Disaster Response Activities Proceedings of the 7th International ISCRAM

Paris-Sud XI, Université de

74

Project: Disaster and Failure Studies  

Science Conference Proceedings (OSTI)

... evacuation procedures, and the technical, social and economic factors that affect pre-disaster mitigation activities and post-disaster response efforts ...

2013-12-16T23:59:59.000Z

75

Obtaining Disaster Assistance for Public Infrastructure  

E-Print Network (OSTI)

County and municipal governments, as well as certain private non-profit organizations, may qualify for assistance in rebuilding public infrastructure after a natural disaster. This leaflet details the assistance programs available from the Federal Emergency Management Agency and from various other federal and state agencies.

Taylor, Greg

2005-10-10T23:59:59.000Z

76

Obtaining Disaster Assistance for Public Infrastructure (Spanish)  

E-Print Network (OSTI)

County and municipal governments, as well as certain private non-profit organizations, may qualify for assistance in rebuilding public infrastructure after a natural disaster. This leaflet details the assistance programs available from the Federal Emergency Management Agency and from various other federal and state agencies.

Taylor, Greg

2007-10-08T23:59:59.000Z

77

An OVAL-based active vulnerability assessment system for enterprise computer networks  

Science Conference Proceedings (OSTI)

Many security problems are caused by vulnerabilities hidden in enterprise computer networks. It is very important for system administrators to have knowledge about the security vulnerabilities. However, current vulnerability assessment methods may encounter ... Keywords: Attack path, Network security, Open vulnerability assessment language, Predicate logic, Relational database management system, Security vulnerability

Xiuzhen Chen; Qinghua Zheng; Xiaohong Guan

2008-11-01T23:59:59.000Z

78

Software Vulnerability Taxonomy Consolidation  

SciTech Connect

In today's environment, computers and networks are increasing exposed to a number of software vulnerabilities. Information about these vulnerabilities is collected and disseminated via various large publicly available databases such as BugTraq, OSVDB and ICAT. Each of these databases, individually, do not cover all aspects of a vulnerability and lack a standard format among them, making it difficult for end-users to easily compare various vulnerabilities. A central database of vulnerabilities has not been available until today for a number of reasons, such as the non-uniform methods by which current vulnerability database providers receive information, disagreement over which features of a particular vulnerability are important and how best to present them, and the non-utility of the information presented in many databases. The goal of this software vulnerability taxonomy consolidation project is to address the need for a universally accepted vulnerability taxonomy that classifies vulnerabilities in an unambiguous manner. A consolidated vulnerability database (CVDB) was implemented that coalesces and organizes vulnerability data from disparate data sources. Based on the work done in this paper, there is strong evidence that a consolidated taxonomy encompassing and organizing all relevant data can be achieved. However, three primary obstacles remain: lack of referencing a common ''primary key'', un-structured and free-form descriptions of necessary vulnerability data, and lack of data on all aspects of a vulnerability. This work has only considered data that can be unambiguously extracted from various data sources by straightforward parsers. It is felt that even with the use of more advanced, information mining tools, which can wade through the sea of unstructured vulnerability data, this current integration methodology would still provide repeatable, unambiguous, and exhaustive results. Though the goal of coalescing all available data, which would be of use to system administrators, software developers and vulnerability researchers is not yet achieved, this work has resulted in the most exhaustive collection of vulnerability data to date.

Polepeddi, S

2004-12-08T23:59:59.000Z

79

Materials Characterization Paper In Support of the Proposed Rulemaking – Identification of Nonhazardous Secondary Materials That Are Solid Waste Construction and Demolition Materials – Disaster Debris  

E-Print Network (OSTI)

winter storms, generate large amounts of debris. This poses a challenge for public officials who must manage this debris in a manner that is as efficient and cost-effective as possible. The debris resulting from natural disasters often includes building materials, sediments, vegetative debris, personal property, and other materials (EPA 2008, p. 11). Generally, this material has not been discarded. Rather, it is the product of a natural disaster. 2. Annual Quantities of Disaster Debris Generated and Used (1) Sectors that generate Disaster Debris: • Disaster debris may be generated by any sector affected by a natural disaster (e.g., households, businesses, government, etc.). (2) Quantities and prices of Disaster Debris generated:

unknown authors

2010-01-01T23:59:59.000Z

80

Quantifying software vulnerability  

Science Conference Proceedings (OSTI)

The technique known as ACE Analysis allows researchers to quantify a hardware structure's Architectural Vulnerability Factor (AVF) using simulation. This allows researchers to understand a hardware structure's vulnerability to soft errors and consider ... Keywords: fault tolerance, modeling, soft errors

Vilas Sridharan; David R. Kaeli

2008-05-01T23:59:59.000Z

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


81

Tornado Vulnerability in Texas  

Science Conference Proceedings (OSTI)

Tornado vulnerability depends on the incidence of and societal exposure to tornadoes for a particular location. This study assesses the vulnerability of Texas counties to tornadoes using tornado incidence and societal exposure composite scores. ...

Richard W. Dixon; Todd W. Moore

2012-01-01T23:59:59.000Z

82

On-Demand Information Portals for Disaster Yiming Ma, Dmitri V. Kalashnikov, Ram Hariharan, Sharad Mehrotra, Nalini Venkatasubramanian,  

E-Print Network (OSTI)

, and such information is indeed valuable to disaster managers or even citizens in their response. In this paper we in the response and planning during or after the disaster. This motivates us in the direction of an "InformationOn-Demand Information Portals for Disaster Situations Yiming Ma, Dmitri V. Kalashnikov, Ram

Kalashnikov, Dmitri V.

83

TOP 10 VULNERABILITIES OF CONTROL SYSTEMS AND THEIR ASSOCIATED...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

TOP 10 VULNERABILITIES OF CONTROL SYSTEMS AND THEIR ASSOCIATED MITIGATIONS Introduction SCADA Security for Managers and Operators Intermediate SCADA Security Training Course Slides...

84

wind engineering & natural disaster mitigation  

E-Print Network (OSTI)

wind engineering & natural disaster mitigation #12;wind engineering & natural disaster mitigation Investment WindEEE Dome at Advanced Manufacturing Park $31million Insurance Research Lab for Better Homes $8million Advanced Facility for Avian Research $9million #12;wind engineering & natural disaster mitigation

Sinnamon, Gordon J.

85

T-564: Vulnerabilities in Citrix Licensing administration components |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Vulnerabilities in Citrix Licensing administration 4: Vulnerabilities in Citrix Licensing administration components T-564: Vulnerabilities in Citrix Licensing administration components February 24, 2011 - 7:00am Addthis PROBLEM: Vulnerabilities in Citrix Licensing administration components. PLATFORM: Citrix Licensing Administration Console, formerly known as the License Management Console. ABSTRACT: The vulnerabilities impact all current versions of the Citrix Licensing Administration Console, formerly known as the License Management Console. reference LINKS: Citrix ID:CTX128167 SecurityTracker Alert ID:1025123 Citrix Support IMPACT ASSESSMENT: Medium Discussion: Citrix has been made aware of a number of vulnerabilities in a third-party component that is used by the Citrix Licensing administration console. These vulnerabilities could potentially allow an unauthorized user to gain

86

Role of Mass Media in the Disaster Preparedness and Sustainable Development of Society  

Science Conference Proceedings (OSTI)

Better understanding of the causes and effects of large earthquakes can assists in mitigation of damage and loss of lives as a result of destructive natural events. Well-informed and educated population living in geological hazard-prone regions can reduce catastrophic consequences of natural disasters and guaranty the sustainable development of healthy society. A development of information service for disaster management is of importance in reduction of the disaster's consequences.

Seid-Aliyeva, Dinara E. [Geology Institute, Azerbaijan National Academy of Sciences, 29A, H. Javid Ave., Baku 1143 (Azerbaijan)

2006-03-23T23:59:59.000Z

87

Flood Disaster Protection Act of 1973 | Open Energy Information  

Open Energy Info (EERE)

Disaster Protection Act of 1973 Disaster Protection Act of 1973 Jump to: navigation, search Statute Name Flood Disaster Protection Act of 1973 Year 1973 Url [[File:|160px|link=]] Description References FDPA Text[1] The National Flood Insurance Program (NFIP) is administered primarily under two statutes: the National Flood Insurance Act of 1968 and the Flood Disaster Protection Act of 1973 (FDPA). The NFIP is administered by a department of the Federal Emergency Management Agency (FEMA), the Federal Insurance Administration (FIA). The FDPA requires federal financial regulatory agencies to adopt regulations prohibiting their regulated lending institutions from making, increasing, extending or renewing a loan secured by improved real estate or a mobile home located or to be located in a SFHA in a community participating in the NFIP unless the property

88

V-094: IBM Multiple Products Multiple Vulnerabilities | Department of  

NLE Websites -- All DOE Office Websites (Extended Search)

94: IBM Multiple Products Multiple Vulnerabilities 94: IBM Multiple Products Multiple Vulnerabilities V-094: IBM Multiple Products Multiple Vulnerabilities February 19, 2013 - 1:41am Addthis PROBLEM: IBM Multiple Products Multiple Vulnerabilities PLATFORM: IBM Maximo Asset Management versions 7.5, 7.1, and 6.2 IBM Maximo Asset Management Essentials versions 7.5, 7.1, and 6.2 IBM SmartCloud Control Desk version 7.5 IBM Tivoli Asset Management for IT versions 7.2, 7.1, and 6.2 IBM Tivoli Change and Configuration Management Database versions 7.2 and 7.1 IBM Tivoli Service Request Manager versions 7.2, 7.1, and 6.2 ABSTRACT: A weakness and multiple vulnerabilities have been reported in multiple IBM products. REFERENCE LINKS: IBM Reference #:1625624 IBM Product Security Incident Response Blog Secunia Advisory SA52132

89

Applications of Solar Technology for Catastrophe Response, Claims Management, and Loss Prevention  

DOE Green Energy (OSTI)

Today's insurance industry strongly emphasizes developing cost-effective hazard mitigation programs, increasing and retaining commercial and residential customers through better service, educating customers on their exposure and vulnerabilities to natural disasters, collaborating with government agencies and emergency management organizations, and exploring the use of new technologies to reduce the financial impact of disasters. In June of 1998, the National Renewable Energy Laboratory (NREL) and the National Association of Independent Insurers (NAII) sponsored a seminar titled, ''Solar Technology and the Insurance Industry.'' Presentations were made by insurance company representatives, insurance trade groups, government and state emergency management organizations, and technology specialists. The meeting was attended by insurers, brokers, emergency managers, and consultants from more than 25 US companies. Leading insurers from the personal line and commercial carriers were shown how solar technology can be used in underwriting, claims, catastrophe response, loss control, and risk management. Attendees requested a follow-up report on solar technology, cost, and applications in disasters, including suggestions on how to collaborate with the utility industry and how to develop educational programs for business and consumers. This report will address these issues, with an emphasis on pre-disaster planning and mitigation alternatives. It will also discuss how energy efficiency and renewable technologies can contribute to reducing insurance losses.

Deering, A.; Thornton, J.P.

1999-02-17T23:59:59.000Z

90

GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material |  

NLE Websites -- All DOE Office Websites (Extended Search)

Removing Vulnerable Civilian Nuclear and Radiological Material | Removing Vulnerable Civilian Nuclear and Radiological Material | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Home > Media Room > Fact Sheets > GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material Fact Sheet GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material

91

GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material |  

National Nuclear Security Administration (NNSA)

Removing Vulnerable Civilian Nuclear and Radiological Material | Removing Vulnerable Civilian Nuclear and Radiological Material | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Home > Media Room > Fact Sheets > GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material Fact Sheet GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material

92

Disaster Planning and Mitigation Technologies: Interim Technology Inventory Report, Report #5  

Science Conference Proceedings (OSTI)

Natural and man-caused disasters are inevitable, recurrent, and increasing in frequency and magnitude. They are taking an ever larger economic and personal toll. This report identifies technologies and information that can assist utilities, their customers, and their communities in preventing, managing, and recovering from disasters.

2000-11-30T23:59:59.000Z

93

Disaster Planning and Mitigation Technologies, Interim Technology Inventory Report, Report #4  

Science Conference Proceedings (OSTI)

Natural and human-caused disasters are inevitable, recurrent, and increasing in frequency and magnitude. They are taking an ever-larger economic and personal toll. This report identifies technologies that can assist utilities, their customers, and their communities in preventing, managing, and recovering from disasters.

1999-11-22T23:59:59.000Z

94

Facts about FEMA Household Disaster Aid: Examining the 2008 Floods and Tornadoes in Missouri  

Science Conference Proceedings (OSTI)

Very little empirical work has been done on disaster aid in the United States. This paper examines post-disaster grants to households from the Federal Emergency Management Agency in the state of Missouri in 2008. That year, the state experienced ...

Carolyn Kousky

95

Recovery and Resilience After a Nuclear Power Plant Disaster: A Medical Decision model for Managing an Effective, Timely, and Balanced Response  

SciTech Connect

Based on experiences in Tokyo responding to the Fukushima Daiichi nuclear power plant crisis, a real-time, medical decision model is presented by which to make key health-related decisions given the central role of health and medical issues in such disasters. Focus is on response and recovery activities that are safe, timely, effective, and well-organized. This approach empowers on-site decision makers to make interim decisions without undue delay using readily available and high-level scientific, medical, communication, and policy expertise. Key features of this approach include ongoing assessment, consultation, information, and adaption to the changing conditions. This medical decision model presented is compatible with the existing US National Response Framework structure.

Coleman, C. Norman [National Cancer Institute, NIH; Blumenthal, Daniel J. [National Nuclear Security Administration (NNSA), Department of Energy

2013-05-01T23:59:59.000Z

96

NIST, FEMA Strengthen Disaster Response and Research ...  

Science Conference Proceedings (OSTI)

... history of successful collaborations following disasters, it is ... of mutual interest in fire, disaster prevention and ... a need for a NIST response to extreme ...

2013-01-03T23:59:59.000Z

97

Disaster Resilient Buildings and Infrastructure (+$5 million)  

Science Conference Proceedings (OSTI)

... fires) from becoming disasters by increasing the disaster resilience of the nation's buildings and infrastructure. The need for response and recovery ...

2010-10-05T23:59:59.000Z

98

Disaster Declarations USDA | Data.gov  

NLE Websites -- All DOE Office Websites (Extended Search)

county-level records of disaster designations made by the US Secretary of Agriculture in response to widespread and severe drought. Tags Disaster,Drought,Freeze,Hurricane,Earthqu...

99

Wind Engineering & Natural Disaster Mitigation  

E-Print Network (OSTI)

Wind Engineering & Natural Disaster Mitigation For more than 45 years, Western University has been internationally recognized as the leading university for wind engineering and wind- related research. Its of environmental disaster mitigation, with specific strengths in wind and earthquake research. Boundary Layer Wind

Sinnamon, Gordon J.

100

Facts about FEMA Household Disaster Aid: Examining the 2008 Floods and Tornadoes in Missouri  

Science Conference Proceedings (OSTI)

Very little empirical work has been done on disaster aid in the United States. This paper examines postdisaster grants to households from the Federal Emergency Management Agency in the state of Missouri in 2008, when the state experienced flooding,...

Carolyn Kousky

2013-10-01T23:59:59.000Z

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


101

PL 107-206, FEMA - Federal Emergency Management ...  

Science Conference Proceedings (OSTI)

“Taken from PL 107-206 FY 2002 Supplemental Appropriations bill…”. Federal Emergency Management Agency. DISASTER RELIEF. ...

2010-10-05T23:59:59.000Z

102

Modeling Fragility in Rapidly Evolving Disaster Response Systems  

E-Print Network (OSTI)

Multi-Organizational Disaster Response Systems." Pittsburgh,in Rapidly Evolving Disaster Response Systems Louise K.capacity in an actual disaster response system to determine

Comfort, Louise K.; Ko, Kilkon; Zagorecki, Adam

2003-01-01T23:59:59.000Z

103

Energy vulnerability relationships  

Science Conference Proceedings (OSTI)

The US consumption of crude oil resources has been a steadily growing indicator of the vitality and strength of the US economy. At the same time import diversity has also been a rapidly developing dimension of the import picture. In the early 1970`s, embargoes of crude oil from Organization of Producing and Exporting Countries (OPEC) created economic and political havoc due to a significant lack of diversity and a unique set of economic, political and domestic regulatory circumstances. The continued rise of imports has again led to concerns over the security of our crude oil resource but threats to this system must be considered in light of the diversity and current setting of imported oil. This report develops several important issues concerning vulnerability to the disruption of oil imports: (1) The Middle East is not the major supplier of oil to the United States, (2) The US is not vulnerable to having its entire import stream disrupted, (3) Even in stable countries, there exist vulnerabilities to disruption of the export stream of oil, (4) Vulnerability reduction requires a focus on international solutions, and (5) DOE program and policy development must reflect the requirements of the diverse supply. Does this increasing proportion of imported oil create a {open_quotes}dependence{close_quotes}? Does this increasing proportion of imported oil present a vulnerability to {open_quotes}price shocks{close_quotes} and the tremendous dislocations experienced during the 1970`s? Finally, what is the vulnerability of supply disruptions from the current sources of imported oil? If oil is considered to be a finite, rapidly depleting resource, then the answers to these questions must be {open_quotes}yes.{close_quotes} However, if the supply of oil is expanding, and not limited, then dependence is relative to regional supply sources.

Shaw, B.R.; Boesen, J.L.

1998-02-01T23:59:59.000Z

104

V-022: Attachmate Reflection Products Java Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Attachmate Reflection Products Java Multiple Vulnerabilities 2: Attachmate Reflection Products Java Multiple Vulnerabilities V-022: Attachmate Reflection Products Java Multiple Vulnerabilities November 13, 2012 - 1:00am Addthis PROBLEM: Attachmate Reflection Products Java Multiple Vulnerabilities PLATFORM: Reflection X 2011 Reflection Suite for X 2011 Reflection for Secure IT Server for Windows Reflection for Secure IT Client and Server for UNIX ABSTRACT: Security issues related to Reflection PKI Services Manager REFERENCE LINKS: PKI Services Manager Technical Note 2560 Secunia Advisory SA51256 CVE-2012-0551 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1720 CVE-2012-1721 CVE-2012-1722 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 CVE-2012-1726 IMPACT ASSESSMENT: High DISCUSSION: Attachmate has acknowledged multiple vulnerabilities in some Reflection

105

After The Tsunami: Human Rights of Vulnerable Populations  

E-Print Network (OSTI)

Minimum Standards in Disaster Response protect victims ofand Minimum Standards in Disaster Response for humanitarianand Minimum Standards in Disaster Response for humanitarian

Fletcher, Laurel; Stover, Eric; Weinstein, Harvey

2005-01-01T23:59:59.000Z

106

V-161: IBM Maximo Asset Management Products Java Multiple Vulnerabilit...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: IBM Maximo Asset Management Products Java Multiple Vulnerabilities V-161: IBM Maximo Asset Management Products Java Multiple Vulnerabilities May 22, 2013 - 12:46am Addthis...

107

V-122: IBM Tivoli Application Dependency Discovery Manager Java...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: IBM Tivoli Application Dependency Discovery Manager Java Multiple Vulnerabilities V-122: IBM Tivoli Application Dependency Discovery Manager Java Multiple Vulnerabilities March...

108

V-145: IBM Tivoli Federated Identity Manager Products Java Multiple...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: IBM Tivoli Federated Identity Manager Products Java Multiple Vulnerabilities V-145: IBM Tivoli Federated Identity Manager Products Java Multiple Vulnerabilities April 30, 2013 -...

109

Vulnerability due to Nocturnal Tornadoes  

Science Conference Proceedings (OSTI)

This study investigates the human vulnerability caused by tornadoes that occurred between sunset and sunrise from 1880 to 2007. Nocturnal tornadoes are theorized to enhance vulnerability because they are difficult to spot and occur when the ...

Walker S. Ashley; Andrew J. Krmenec; Rick Schwantes

2008-10-01T23:59:59.000Z

110

Surviving the Titantic Disaster: Economic, Natural and Social Determinants  

E-Print Network (OSTI)

1986. Human System Responses to Disaster: An Inventory ofand Community Response to Disasters, Book and monograph#8.

Frey, Bruno S; Savage, David A; Torgler, Benno

2009-01-01T23:59:59.000Z

111

Why Conduct Disaster and Failure Studies. Buildings, bridges ...  

Science Conference Proceedings (OSTI)

... in materials, and manmade disasters, including terrorist ... The study of disaster and failure events is ... evacuation and emergency response procedures ...

2012-11-14T23:59:59.000Z

112

New Website Offers Easy Access to NIST Disaster and Failure ...  

Science Conference Proceedings (OSTI)

... failures caused by natural disasters, fires and ... and outcomes of their disaster and failure ... events; associated emergency response and evacuation ...

2011-08-17T23:59:59.000Z

113

Authority in Online Disaster Relief Communities 1 Running Head: AUTHORITY IN ONLINE DISASTER RELIEF COMMUNITIES  

E-Print Network (OSTI)

). The magnitude of the disaster overwhelmed institutions normally responsible for providing relief--forums, bulletin boards, blogs, and personal websites--to coordinate a massive grassroots response to the disasterAuthority in Online Disaster Relief Communities 1 Running Head: AUTHORITY IN ONLINE DISASTER RELIEF

Kiesler, Sara

114

Designing intelligent disaster prediction models and systems for debris-flow disasters in Taiwan  

Science Conference Proceedings (OSTI)

Effective disaster prediction relies on using correct disaster decision model to predict the disaster occurrence accurately. This study proposes three effective debris-flow prediction models and an inference engine to predict and decide the debris-flow ... Keywords: Back-propagation network, Debris-flow prediction models, Decision support system, Disaster prevention, Mobile multimedia communications

Hsu-Yang Kung; Chi-Hua Chen; Hao-Hsiang Ku

2012-04-01T23:59:59.000Z

115

Guide to Critical Infrastructure Protection Cyber Vulnerability...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Critical Infrastructure Protection Cyber Vulnerability Assessment Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment This document describes a customized...

116

U-173: Symantec Web Gateway Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Symantec Web Gateway Multiple Vulnerabilities 3: Symantec Web Gateway Multiple Vulnerabilities U-173: Symantec Web Gateway Multiple Vulnerabilities May 21, 2012 - 7:00am Addthis PROBLEM: Symantec Web Gateway Multiple Vulnerabilities PLATFORM: 5.0.x prior to 5.0.3 ABSTRACT: Several vulnerabilities were reported in Symantec Web Gateway. A remote user can include and execute arbitrary code on the target system. A remote user can conduct cross-site scripting attacks. A remote user can view/delete/upload files on the target system. Reference Links: SecurityTracker Alert ID: 1027078 CVE-2012-0296 CVE-2012-0297 CVE-2012-0298 CVE-2012-0299 IMPACT ASSESSMENT: Medium Discussion: The management interface does not properly authenticate remote users and does not properly validate user-supplied input. A remote user can cause arbitrary scripting code to be executed by the

117

Eventdriven, Rolebased Mobility in Disaster Recovery Networks  

E-Print Network (OSTI)

-1-59593-737-7/07/0009 ...$5.00. disaster response scenarios, understanding communication patterns in such networks is criticalEvent­driven, Role­based Mobility in Disaster Recovery Networks Samuel C. Nelson, Albert F. Harris important tools in understanding the com- plex characteristics of disaster recovery networks is simula- tion

Kravets, Robin

118

Middleware Support for Disaster Response Infrastructure  

E-Print Network (OSTI)

Middleware Support for Disaster Response Infrastructure Jun Suzuki and Tatsuya Suda jsuzuki established in a disaster area to evacuate victims and aid emergency response crews. · Various devises participate in the disaster ad-hoc nets. ­ Victims carry their own devices. ­ Emergency response crews carry

Suzuki, Jun

119

DISASTER POLICY Including Extreme Emergent Situations (EES)  

E-Print Network (OSTI)

on the ACGME website with information relating to the ACGME response to the disaster. 3. The University-specific Program Requirements. Defined Responsibilities Following the Declaration of a Disaster or Extreme EmergentPage 123 DISASTER POLICY Including Extreme Emergent Situations (EES) The University of Connecticut

Oliver, Douglas L.

120

HEPA Filter Vulnerability Assessment  

SciTech Connect

This assessment of High Efficiency Particulate Air (HEPA) filter vulnerability was requested by the USDOE Office of River Protection (ORP) to satisfy a DOE-HQ directive to evaluate the effect of filter degradation on the facility authorization basis assumptions. Within the scope of this assessment are ventilation system HEPA filters that are classified as Safety-Class (SC) or Safety-Significant (SS) components that perform an accident mitigation function. The objective of the assessment is to verify whether HEPA filters that perform a safety function during an accident are likely to perform as intended to limit release of hazardous or radioactive materials, considering factors that could degrade the filters. Filter degradation factors considered include aging, wetting of filters, exposure to high temperature, exposure to corrosive or reactive chemicals, and exposure to radiation. Screening and evaluation criteria were developed by a site-wide group of HVAC engineers and HEPA filter experts from published empirical data. For River Protection Project (RPP) filters, the only degradation factor that exceeded the screening threshold was for filter aging. Subsequent evaluation of the effect of filter aging on the filter strength was conducted, and the results were compared with required performance to meet the conditions assumed in the RPP Authorization Basis (AB). It was found that the reduction in filter strength due to aging does not affect the filter performance requirements as specified in the AB. A portion of the HEPA filter vulnerability assessment is being conducted by the ORP and is not part of the scope of this study. The ORP is conducting an assessment of the existing policies and programs relating to maintenance, testing, and change-out of HEPA filters used for SC/SS service. This document presents the results of a HEPA filter vulnerability assessment conducted for the River protection project as requested by the DOE Office of River Protection.

GUSTAVSON, R.D.

2000-05-11T23:59:59.000Z

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


121

National Vulnerability Database Home  

Science Conference Proceedings (OSTI)

... August 6, 2007: A US Office of Management and Budget memorandum requires specific secure configuration settings for Microsoft operating ...

122

Chemical Safety Vulnerability Working Group report. Volume 1  

Science Conference Proceedings (OSTI)

The Chemical Safety Vulnerability (CSV) Working Group was established to identify adverse conditions involving hazardous chemicals at DOE facilities that might result in fires or explosions, release of hazardous chemicals to the environment, or exposure of workers or the public to chemicals. A CSV Review was conducted in 148 facilities at 29 sites. Eight generic vulnerabilities were documented related to: abandoned chemicals and chemical residuals; past chemical spills and ground releases; characterization of legacy chemicals and wastes; disposition of legacy chemicals; storage facilities and conditions; condition of facilities and support systems; unanalyzed and unaddressed hazards; and inventory control and tracking. Weaknesses in five programmatic areas were also identified related to: management commitment and planning; chemical safety management programs; aging facilities that continue to operate; nonoperating facilities awaiting deactivation; and resource allocations. Volume 1 contains the Executive summary; Introduction; Summary of vulnerabilities; Management systems weaknesses; Commendable practices; Summary of management response plan; Conclusions; and a Glossary of chemical terms.

Not Available

1994-09-01T23:59:59.000Z

123

A Framework for Designing a Global Information Network for Multinational Humanitarian Assistance/Disaster Relief  

Science Conference Proceedings (OSTI)

Large-scale Humanitarian Assistance/Disaster Relief (HA/DR) operations, particularly in developing countries, require the intervention and aid of various agencies from all over the world in a concerted and timely manner. As a result, HA/DR operations ... Keywords: crisis management, decision and negotiation support, information management

Tung Bui; Sungwon Cho; Siva Sankaran; Michael Sovereign

2000-01-01T23:59:59.000Z

124

Dealing with Disaster: The San Francisco Earthquake of 1906  

E-Print Network (OSTI)

in the economic response to the disaster and the rebuildingat cities and their response to disasters more closely intrace of the sort of responses to disaster typical of pre-

Strupp, Christoph

2006-01-01T23:59:59.000Z

125

Disaster Planning and Mitigation Technologies, Interim Technology Inventory Report  

Science Conference Proceedings (OSTI)

Natural and person-caused disasters are increasing in frequency and magnitude, and these disasters are taking an ever increasing economic and personal toll. This report identifies technologies that can help utilities, their customers, and their communities cope with disasters.

1998-12-03T23:59:59.000Z

126

NREL: Technology Deployment - Disaster Resiliency and Recovery  

NLE Websites -- All DOE Office Websites (Extended Search)

government, non-profits, and communities to address the energy-related considerations of disaster prevention and planning, response and recovery, and rebuilding. a woman leads a...

127

Disaster-Resilient Buildings, Infrastructure, and Communities  

Science Conference Proceedings (OSTI)

... the nation's buildings and infrastructure clustered in disaster-prone regions ... to fires through innovative fire protection and response technologies and ...

2011-12-02T23:59:59.000Z

128

Vulnerability Analysis of Energy Delivery Control Systems  

Energy.gov (U.S. Department of Energy (DOE))

The Vulnerability Analysis of Energy Delivery Control Systems report, prepared by Idaho National Laboratory, describes the common vulnerabilities on energy sector control systems, and provides...

129

NSTB Summarizes Vulnerable Areas | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

vulnerabilities ranged from conventional IT security issues to specific weaknesses in control system protocols. NSTB Summarizes Vulnerable Areas More Documents & Publications...

130

Web-based methods in terrorism and disaster research  

E-Print Network (OSTI)

studies of responses to disasters and other traumatic lifeneed for rapid response following disasters has pushed thedisaster or terrorism studies -- including rapid response

Schlenger, W E; Silver, Roxane Cohen

2006-01-01T23:59:59.000Z

131

From Tragedy to Triumph - Rebuilding Green Buildings after Disaster...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Green Buildings after Disaster, EERE (Fact Sheet) From Tragedy to Triumph - Rebuilding Green Buildings after Disaster, EERE (Fact Sheet) Fact sheet offering practical information...

132

Energy Spending and Vulnerable Households  

E-Print Network (OSTI)

 off than before. In particular large households with low  incomes seem to have been adversely affected by the new tariff structures since  they have comparably large energy expenditure (Bennet et al., 2002).    5. Vulnerable Households and Energy Spending  The...  tariffs can play an important part in the public debate  on  eradicating  fuel  poverty  and  helping  the  vulnerable  households.  Smart  metering  can  provide  consumers  with  information  on  the  actual  energy  consumption and might  lead  to...

Jamasb, Tooraj; Meier, Helena

2011-01-26T23:59:59.000Z

133

Putting vulnerability to climate change on the map: a review of approaches, benefits, and risks  

Science Conference Proceedings (OSTI)

There is growing demand among stakeholders across public and private institutions for spatially-explicit information regarding vulnerability to climate change at the local scale. However, the challenges associated with mapping the geography of climate change vulnerability are non-trivial, both conceptually and technically, suggesting the need for more critical evaluation of this practice. Here, we review climate change vulnerability mapping in the context of four key questions that are fundamental to assessment design. First, what are the goals of the assessment? A review of published assessments yields a range of objective statements that emphasize problem orientation or decision-making about adaptation actions. Second, how is the assessment of vulnerability framed? Assessments vary with respect to what values are assessed (vulnerability of what) and the underlying determinants of vulnerability that are considered (vulnerability to what). The selected frame ultimately influences perceptions of the primary driving forces of vulnerability as well as preferences regarding management alternatives. Third, what are the technical methods by which an assessment is conducted? The integration of vulnerability determinants into a common map remains an emergent and subjective practice associated with a number of methodological challenges. Fourth, who participates in the assessment and how will it be used to facilitate change? Assessments are often conducted under the auspices of benefiting stakeholders, yet many lack direct engagement with stakeholders. Each of these questions is reviewed in turn by drawing on an illustrative set of 45 vulnerability mapping studies appearing in the literature. A number of pathways for placing vulnerability

Preston, Benjamin L [ORNL

2011-01-01T23:59:59.000Z

134

Techniques for Disaster Tolerant Information Technology Systems  

E-Print Network (OSTI)

& BACKGROUND A disaster is an event that can cause system-wide malfunction or outage as a result of one or more. A cascading failure resulting from a disaster may be characterized as a series of system outages, such that an initial disturbance causes one or more dependent system outages [1, 2]. A catastrophe, characterized

Thornton, Mitchell

135

Distributed Disaster Disclosure Bernard Mans1  

E-Print Network (OSTI)

Distributed Disaster Disclosure Bernard Mans1 , Stefan Schmid2 , and Roger Wattenhofer3 1 sensed the event, in order to raise--if necessary--a disaster alarm. This paper presents distributed algorithms for this problem. Concretely, our algorithms aim at minimizing both the response time as well

Schmid, Stefan

136

Emergency Response, Business Continuity and Disaster Recovery  

E-Print Network (OSTI)

Emergency Response, Business Continuity and Disaster Recovery at UCAR Presented by Stephen Sadler the "university" system ·Open Campus ·Public Access-Mesa Lab #12;Emergency Response, Disaster Recovery Issues Response ·Install backup power #12;Curtailed Public Access if Necessary (3 times since 2000

137

Arresting the Growth of Earthquake Vulnerability:  

Science Conference Proceedings (OSTI)

... disasters such as blast, wind, flood, and fire. ... metals, high- performance concrete, polymers, and advanced ... tends to preserve the status quo and ...

2008-10-29T23:59:59.000Z

138

Vulnerabilities Analyzing Model for Alert Correlation in Distributed Environment  

Science Conference Proceedings (OSTI)

With the growing deployment of host and network intrusion detection systems, managing alerts from these systems becomes critically important. A promising approach is to develop a cooperation module between several IDS to achieve alerts correlation and ... Keywords: alert correlation, prerequisites and consequences, hyper-alert type, vulnerability tuple

Wen Long; Yang Xin; Yixian Yang

2009-07-01T23:59:59.000Z

139

A Rapid Loss Index for Tropical Cyclone Disasters in China  

Science Conference Proceedings (OSTI)

Disaster emergency response needs rapid estimation on disaster loss. In China it is of great importance to develop a loss index for rapidly assessing tropical cyclone (TC) disaster loss. In this paper, a new composite loss index for TC landing on China ... Keywords: Tropical Cyclone, Disaster, Loss Index, Rapid Loss Assessment

Ying Li; Weihua Fang

2012-06-01T23:59:59.000Z

140

Disaster Preparedness, Response and Recovery Plan Adopted May 2009  

E-Print Network (OSTI)

Disaster Preparedness, Response and Recovery Plan Adopted May 2009 COLLEGE OF BUSINESS DISASTER PREPAREDNESS, RESPONSE AND RECOVERY PLAN The Board of Regents has mandated that the University have a disaster in effect during a campus closure. #12;Disaster Preparedness, Response and Recovery Plan Adopted May 2009

Selmic, Sandra

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


141

ETC Alert Disaster Procedure, 8am 5pm Weekdays  

E-Print Network (OSTI)

work area "The hospital disaster response plan is in effect. Remain at your regular duties and awaitETC Alert Disaster Procedure, 8am ­ 5pm Weekdays ETC ALERT DISASTER ETC Charge Nurse Hospital Operator ETC Tech 3JCP Reception Pager 3735 Phone 6-3350 General Diagnostic Supervisor (Disaster Only) Ass

142

Are Vulnerability Disclosure Deadlines Justified?  

SciTech Connect

Vulnerability research organizations Rapid7, Google Security team, and Zero Day Initiative recently imposed grace periods for public disclosure of vulnerabilities. The grace periods ranged from 45 to 182 days, after which disclosure might occur with or without an effective mitigation from the affected software vendor. At this time there is indirect evidence that the shorter grace periods of 45 and 60 days may not be practical. However, there is strong evidence that the recently announced Zero Day Initiative grace period of 182 days yields benefit in speeding up the patch creation process, and may be practical for many software products. Unfortunately, there is also evidence that the 182 day grace period results in more vulnerability announcements without an available patch.

Miles McQueen; Jason L. Wright; Lawrence Wellman

2011-09-01T23:59:59.000Z

143

Improving service continuity: IT disaster prevention and mitigation for data centers  

Science Conference Proceedings (OSTI)

Data centers provide highly-scalable and reliable computing for enterprise services such as web hosting, email, applications, and file storage. Because they integrate a range of different systems, data center administration is a complex process. Managing ... Keywords: data centers, infrastructure, it disaster recovery, mitigation

Louis Turnbull, Henry Ochieng, Chris Kadlec, Jordan Shropshire

2013-10-01T23:59:59.000Z

144

The role of IT in crisis response: Lessons from the SARS and Asian Tsunami disasters  

Science Conference Proceedings (OSTI)

Research on crisis management recognizes the important role of information although few studies of crisis response deal explicitly with information systems. In this paper, we present a case study of Singapore's response to the SARS and Asian Tsunami ... Keywords: Coordination theory, Crisis response, Crisis response information system, Disaster response, Resource based view, Soft positivism

Dorothy E. Leidner; Gary Pan; Shan L. Pan

2009-06-01T23:59:59.000Z

145

Inter-System Software Adapter for Decision Support by Interfacing Disaster Response Platforms & Simulation Platforms  

Science Conference Proceedings (OSTI)

An inter-system adapter design is described which links the web service based DR NEP and WebSimP simulation platforms. The adapter enables the PSS Sincal electrical simulator to share results with the DR NEP which coordinates the data exchange among ... Keywords: disaster, management, interdependencies, infrastructure, web services

Jose Marti; Pranab Kini; Paul Lusina; Antonio Di Pietro; Vittorio Rosato; Baptiste Charnier; Wang Kui

2012-10-01T23:59:59.000Z

146

The Haiti Earthquake: Disaster Lessons and Response from an Emergency Medicine Perspective  

E-Print Network (OSTI)

Director. As in all disaster responses, two important issuesare local: an effective disaster response depends on localEarthquake: Disaster Lessons and Response from an Emergency

Lee, Sharon; Tenny, Montessa

2010-01-01T23:59:59.000Z

147

Reconstruction through collaboration: Negotiation of the housing process in disaster recovery  

E-Print Network (OSTI)

unexpected: Disaster preparedness and response in the Unitedthe physical labor of disaster response. In comparison, 35%However, the shape of disaster response depends in part upon

Hamid, Bauni

2012-01-01T23:59:59.000Z

148

Calls to Action -- Climate-Related Disasters: Humanitarian Challenges and Reconstruction Opportunities  

E-Print Network (OSTI)

Improvements in Disaster Response and Shelter Disastersis often a necessity in disaster response. The manufacturingfocused on disaster response and risk reduction. •

Suarez, Pablo; Saunders, Graham; Mendler, Sandra; Lemaire, Isabelle; Karol, Jorge; Curtis, Laura

2008-01-01T23:59:59.000Z

149

ORISE: Capabilities in National Security and Emergency Management  

NLE Websites -- All DOE Office Websites (Extended Search)

Capabilities ORISE Emergency Management Capabilities In preparation for a natural or man-made disaster, the Oak Ridge Institute for Science and Education (ORISE) provides national...

150

Coastal Impacts, Adaptation, and Vulnerabilities  

E-Print Network (OSTI)

· Robert R. Twilley, Louisiana State University · Jordan West, U.S. Environmental Protection Agency Chapter and Restoration Authority of Louisiana · Richard Raynie, Coastal Protection and Restoration Authority of Louisiana.3.7 Emergency Response, Recovery, and Vulnerability Reduction 4.3.8 Coastal and Nearshore Oil and Ga0 4.4 Human

Kossin, James P.

151

Understanding cyber threats and vulnerabilities  

Science Conference Proceedings (OSTI)

This chapter reviews current and anticipated cyber-related threats to the Critical Information Infrastructure (CII) and Critical Infrastructures (CI). The potential impact of cyber-terrorism to CII and CI has been coined many times since the term was ... Keywords: actor, critical infrastructure, cyber crime, cyber terrorism, cyber threat, cyber vulnerabilities

Eric Luiijf

2012-01-01T23:59:59.000Z

152

Fax registration of information about disaster victims  

Science Conference Proceedings (OSTI)

We are developing a survival-information registration system called IAA system. The IAA system allows disaster victims to register their survival information (kind of injuries, damage to property, etc.) through the Internet. However, elderly people were ...

Tsuyoshi Ebina; Fumiko Matsumoto; Hiroyuki Ohno

2002-10-01T23:59:59.000Z

153

Returning Home After a Disaster: Supply List  

E-Print Network (OSTI)

When you return home after a disaster, you will want to have sturdy shoes, proper tools, clothes and medications for several days, and a first-aid kit. This publication also includes a list of necessary cleaning supplies.

Norman, Lisa

2005-09-30T23:59:59.000Z

154

V-207: Wireshark Multiple Denial of Service Vulnerabilities ...  

NLE Websites -- All DOE Office Websites (Extended Search)

7: Wireshark Multiple Denial of Service Vulnerabilities V-207: Wireshark Multiple Denial of Service Vulnerabilities July 31, 2013 - 1:59am Addthis PROBLEM: Multiple vulnerabilities...

155

V-019: Google Chrome Multiple Vulnerabilities | Department of...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

19: Google Chrome Multiple Vulnerabilities V-019: Google Chrome Multiple Vulnerabilities November 8, 2012 - 6:00am Addthis PROBLEM: Google Chrome Multiple Vulnerabilities PLATFORM:...

156

The Magnificence of the Disaster: Reconstructing the Sony Bmg Rootkit Incident  

E-Print Network (OSTI)

communications, and disaster response services. The worst-the most recent disaster, any use- ful response must attempt

Mulligan, Deirdre; Perzanowski, Aaron K.

2008-01-01T23:59:59.000Z

157

Vulnerability Assessment Team (VAT) - Nuclear Engineering Division  

NLE Websites -- All DOE Office Websites (Extended Search)

Vulnerability Assessment Team Vulnerability Assessment Team VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms

158

Energy Sector Vulnerable to Climate Change, U.S. Department of Energy  

NLE Websites -- All DOE Office Websites (Extended Search)

Energy Sector Vulnerable to Climate Change, U.S. Department of Energy Report Says Print E-mail Energy Sector Vulnerable to Climate Change, U.S. Department of Energy Report Says Print E-mail President Obama Announces His Climate Action Plan Friday, July 26, 2013 Featured by DOE, a member of the U.S. Global Change Research Program In his speech at Georgetown University last month, President Obama referred to our nation's vulnerabilities to climate change, underscoring how Hurricane Sandy and other climate-related disasters serve as wake-up calls. These extreme weather events as well as changes in temperature and water availability - all related to our changing climate - are disrupting the ways we generate, distribute, and consume energy, according to a new report released by the US Department of Energy. The U.S. Energy Sector Vulnerabilities to Climate Change and Extreme Weather report examines current and potential future impacts of these climate trends on the U.S. energy sector.

159

V-211: IBM iNotes Multiple Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE))

IBM iNotes has two cross-site scripting vulnerabilities and an ActiveX Integer overflow vulnerability

160

Response Robot Evaluation Exercise Disaster City, TX DAY 1 ...  

Science Conference Proceedings (OSTI)

Page 1. Response Robot Evaluation Exercise Disaster City, TX and Meeting of the ASTM International Committee on Homeland ...

2012-12-25T23:59:59.000Z

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


161

Energy Efficient Routing in Ad Hoc Disaster Recovery Networks  

E-Print Network (OSTI)

, during the rescue attempts in the World Trade Center disaster site, the Wireless Emergency Response TeamEnergy Efficient Routing in Ad Hoc Disaster Recovery Networks Gil Zussman and Adrian Segall, energy conserving, power aware, disaster recovery networks, ad hoc networks, smart badges, IEEE 802.15 1

Zussman, Gil

162

Traffic Measurement and Statistical Analysis in a Disaster Area Scenario  

E-Print Network (OSTI)

-of-Hospital] disaster response."([5]) Public safety units need reliable communication independent of any inTraffic Measurement and Statistical Analysis in a Disaster Area Scenario Nils Aschenbruck, Matthias, 53117 Bonn, Germany {aschenbruck, matthew, martini, toelle}@cs.uni-bonn.de Abstract-- Disaster areas

Frank, Matthias

163

Statistical Analysis of Traffic Measurements in a Disaster Area Scenario  

E-Print Network (OSTI)

challenges of information sharing in OOH [Out-of-Hospital] disaster response."([1]) Performance evaluationStatistical Analysis of Traffic Measurements in a Disaster Area Scenario Considering Heavy Load-- Catastrophes cause an area of destruction including destroyed infrastructure. These disaster area scenarios

Frank, Matthias

164

Agent-Based Coalition Formation in Disaster Response Applications  

E-Print Network (OSTI)

Agent-Based Coalition Formation in Disaster Response Applications Ladislau B¨ol¨oni, Senior Member-based coalition formation ap- proach for disaster response applications. We assume that agents are operating 1. INTRODUCTION Efficient disaster response requires participants to form teams and coordinate

Bölöni, Ladislau L

165

Dynamic Resource Allocation in Disaster Response: Tradeoffs in Wildfire Suppression  

E-Print Network (OSTI)

Dynamic Resource Allocation in Disaster Response: Tradeoffs in Wildfire Suppression Nada Petrovic1: Petrovic N, Alderson DL, Carlson JM (2012) Dynamic Resource Allocation in Disaster Response: Tradeoffs with the allocation of limited resources to mitigate the impact of natural disasters inspire fundamentally new

Carlson, Jean

166

Incident and Disaster Tolerance/Response Policy COEIDTR01  

E-Print Network (OSTI)

Incident and Disaster Tolerance/Response Policy COE­IDTR­01 1.0 Purpose To provide College faculty or disaster within a College-operated network closet. 2.0 Scope 2.1 Incident Response: Incident response for developing and implementing Disaster Tolerance/Recovery plans. 3.0 Policy 3.1 Incident Response: Any desktop

Demirel, Melik C.

167

Energy Efficient Routing in Ad Hoc Disaster Recovery Networks  

E-Print Network (OSTI)

disaster site, the Wireless Emergency Response Team (WERT) attempted to locate survivors through signalsEnergy Efficient Routing in Ad Hoc Disaster Recovery Networks Gil Zussman and Adrian Segall. Keywords: Routing, Energy efficient, Energy conserving, Power aware, Disaster recovery networks, Ad hoc

Zussman, Gil

168

Distributed Scheduling Agents for Disaster Response Laura Barbulescu1  

E-Print Network (OSTI)

Distributed Scheduling Agents for Disaster Response Laura Barbulescu1 , Zachary B. Rubinstein1 response coordination problem. The target problem is a field exer- cise mockup of a natural disaster, where In this paper, we describe the application of a multi-agent framework for collaborative scheduling to a disaster

Wilkins, David E.

169

A Rapid Method for Detecting Geographically Disconnected Areas after Disasters  

E-Print Network (OSTI)

of property and the natural environment. Disaster response strategies have received a substantial amount of radiation from the damaged Fukushima nuclear plant). Appropriate disaster response strategies in disaster response operations, we believe that data communication is the key to fulfilling the above

Chen, Ling-Jyh

170

Exploring Humanoid Robots Locomotion Capabilities in Virtual Disaster Response Scenarios  

E-Print Network (OSTI)

Exploring Humanoid Robots Locomotion Capabilities in Virtual Disaster Response Scenarios Karim. INTRODUCTION Disaster response is attracting attention from the robotics research community, and even more by the DARPA's call on disaster operations. Hence, we focus on locomotion tasks that apparently require human

Paris-Sud XI, Université de

171

Towards Process Models for Disaster Response Dirk Fahland1  

E-Print Network (OSTI)

Towards Process Models for Disaster Response Dirk Fahland1 and Heiko Woith2 1 Humboldt capture process execution and adaptation. Based on experiences from actual disaster response set- tings, scenarios, Petri nets, disaster response 1 Introduction The fairly general notion of a process

172

The AROUND project: Adapting robotic disaster response to developing countries  

E-Print Network (OSTI)

The AROUND project: Adapting robotic disaster response to developing countries Alain Boucher1 constraints of developing countries. Keywords: Disaster response, Multi-Robot Systems, Cheap robotics, Spatial, in terms of frequency and devastating power, of natural disasters (par- ticularly in developing countries

Paris-Sud XI, Université de

173

20 I The Johns Hopkins and the International Federation of Red Cross and Red Crescent Societies Introduction  

E-Print Network (OSTI)

In the popular view, managing disasters is about the response to disaster. However, this is but a corner. A disaster plan or a disaster response that does not consider the development needs of a population, even a disaster response with unlimited resources may have only short-term effects. Vulnerabilities

Scharfstein, Daniel

174

NV: Nessus Vulnerability Visualization for the Web  

SciTech Connect

Network vulnerability is a critical component of network se- curity. Yet vulnerability analysis has received relatively lit- tle attention from the security visualization community. In this paper we describe nv, a web-based Nessus vulnerability visualization. Nv utilizes treemaps and linked histograms to allow system administrators to discover, analyze, and man- age vulnerabilities on their networks. In addition to visual- izing single Nessus scans, nv supports the analysis of sequen- tial scans by showing which vulnerabilities have been fixed, remain open, or are newly discovered. Nv was also designed to operate completely in-browser, to avoid sending sensitive data to outside servers. We discuss the design of nv, as well as provide case studies demonstrating vulnerability analysis workflows which include a multiple-node testbed and data from the 2011 VAST Challenge.

Harrison, Lane [University of North Carolina, Charlotte; Spahn, Riley B [ORNL; Iannacone, Michael D [ORNL; Downing, Evan P [ORNL; Goodall, John R [ORNL

2012-01-01T23:59:59.000Z

175

Mining Bug Databases for Unidentified Software Vulnerabilities  

SciTech Connect

Identifying software vulnerabilities is becoming more important as critical and sensitive systems increasingly rely on complex software systems. It has been suggested in previous work that some bugs are only identified as vulnerabilities long after the bug has been made public. These vulnerabilities are known as hidden impact vulnerabilities. This paper discusses the feasibility and necessity to mine common publicly available bug databases for vulnerabilities that are yet to be identified. We present bug database analysis of two well known and frequently used software packages, namely Linux kernel and MySQL. It is shown that for both Linux and MySQL, a significant portion of vulnerabilities that were discovered for the time period from January 2006 to April 2011 were hidden impact vulnerabilities. It is also shown that the percentage of hidden impact vulnerabilities has increased in the last two years, for both software packages. We then propose an improved hidden impact vulnerability identification methodology based on text mining bug databases, and conclude by discussing a few potential problems faced by such a classifier.

Dumidu Wijayasekara; Milos Manic; Jason Wright; Miles McQueen

2012-06-01T23:59:59.000Z

176

Assessing Network Infrastructure Vulnerabilities to Physical ...  

Science Conference Proceedings (OSTI)

... networks, air traffic control systems, and water distribution systems ... is that we consider the vulnerability to this ... States is buried in the ground within a ...

1999-11-05T23:59:59.000Z

177

U-198: IBM Lotus Expeditor Multiple Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE))

The vulnerabilities can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system..

178

Vulnerability analysis of three remote voting methods  

E-Print Network (OSTI)

This article analyses three methods of remote voting in an uncontrolled environment: postal voting, internet voting and hybrid voting. It breaks down the voting process into different stages and compares their vulnerabilities considering criteria that must be respected in any democratic vote: confidentiality, anonymity, transparency, vote unicity and authenticity. Whether for safety or reliability, each vulnerability is quantified by three parameters: size, visibility and difficulty to achieve. The study concludes that the automatisation of treatments combined with the dematerialisation of the objects used during an election tends to substitute visible vulnerabilities of a lesser magnitude by invisible and widespread vulnerabilities.

Enguehard, Chantal

2009-01-01T23:59:59.000Z

179

Assessing Climate Change Impacts, Vulnerability and Adaptation...  

Open Energy Info (EERE)

The Case of Pantabangan-Carranglan Watershed Jump to: navigation, search Name Assessing Climate Change Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan...

180

US Energy Sector Vulnerabilities to Climate Change  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

corn field near Somers, Iowa; wind turbines in Texas. Photo credits: iStockphoto U.S. ENERGY SECTOR VULNERABILITIES TO CLIMATE CHANGE AND EXTREME WEATHER Acknowledgements This...

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


181

Multics Security Evaluation (Volume II): Vulnerability Analysis  

Science Conference Proceedings (OSTI)

Page 1. ESD-TR-74-J93, Vor. II ' MULTICS SECURITY EVALUATION: VULNERABILITY ANALYSIS Pau r A. Karger, 2Lt ...

2013-04-15T23:59:59.000Z

182

Toward a Resiliency and Vulnerability Observatory Network ...  

Science Conference Proceedings (OSTI)

... is already undertaking extensive investment in its ... vulnerability or more generally, equity, should permeate all ... etc.), parcel and/or tax portfolio data ...

2009-02-05T23:59:59.000Z

183

Learning from Disaster? After Sendai Richard Falk  

E-Print Network (OSTI)

Learning from Disaster? After Sendai Richard Falk After atomic bombs were dropped on Hiroshima and indecency of the attacks is beyond controversy. This use of atomic bombs against defenseless densely that Japan had conveyed its readiness to surrender well before the bombs had been dropped, that the U

Becker, Luann

184

Disaster Resiliency and Recovery: Capabilities (Fact Sheet)  

SciTech Connect

The National Renewable Energy Laboratory (NREL) is the nation's leader in energy efficient and renewable energy technologies, practices, and strategies. For the last 15 years, NREL has provided expertise, tools, and innovations to private industry; federal, state, and local governments; non-profit organizations; and communities during the planning, recovery, and rebuilding stages after disaster strikes.

Not Available

2012-11-01T23:59:59.000Z

185

Disaster Resiliency and Recovery: Capabilities (Fact Sheet)  

SciTech Connect

The National Renewable Energy Laboratory (NREL) is the nation's leader in energy efficient and renewable energy technologies, practices, and strategies. For the last 15 years, NREL has provided expertise, tools, and innovations to private industry; federal, state, and local governments; non-profit organizations; and communities during the planning, recovery, and rebuilding stages after disaster strikes.

2012-11-01T23:59:59.000Z

186

International Disaster Medical Sciences Fellowship: Model Curriculum and Key Considerations for Establishment of an Innovative International Educational Program  

E-Print Network (OSTI)

approaches to organizing disaster response at all levels andPreparedness and Response to Emergencies and Disasters. Ben-Preparedness and Response to Emergencies and Disasters), 10

Koenig, Kristi L; Bey, Tareg; Schultz, Carl H

2009-01-01T23:59:59.000Z

187

Disaster: would your community bounce back?  

SciTech Connect

What makes some communities or organizations able to quickly bounce back from a disaster, while others take a long time to recover? This question has become very important for emergency planners in federal, state, and local government - particularly since the 9/11 attacks and Hurricane Katrina, which nearly destroyed New Orleans five years ago. These events have made people aware that we can't always prevent disasters, but might be able to improve the ability of communities and regions to respond to and bounce back from major disruptions. Social scientists have found that most communities are, in fact, quite resilient to most disasters. People tend to work together, overcome divisions, identify problems, and develop improvised solutions. This often leads to a greater sense of community and a sense of personal accomplishment. Long-term recovery can be harder, but rebuilding can create jobs and stimulate economies. Communities may even end up better than they were before. But there are some disturbing exceptions to this trend, including Hurricane Katrina. The hurricane killed many people, the federal and local emergency response was not effective, people who could not evacuate were housed in the Superdome and Convention Center in terrible conditions, crime was prevalent, and local government did not appear to have control over the situation. A significant portion of the population was eventually evacuated to other cities. Even five years later, many people have not returned, and large parts of the city have not been rebuilt. Clearly, New Orleans lacked sufficient resilience to overcome a disaster of the magnitude of Katrina. There are four factors that social scientists are beginning to agree are important for community resilience: (1) A strong, diverse economy - Stable jobs, good incomes, diversity of industries, personal savings; (2) Robust social networks - Community members know each other, help each other, and have connections outside the community; (3) Competent organizations - Government, health care, community service, and religious organizations are competent and trustworthy, and have resources to handle community needs; and (4) High-quality infrastructure - Road, power, and water systems (etc.) are in good condition and are designed to provide service even if some connections are destroyed. To explore how these factors make communities resilient, I will tell two stories of disasters. The first is the Buffalo Creek flood, which wiped out a coal mining community in West Virginia in 1972. This is a classic example of community that was not resilient in the aftermath of a disaster. The second example is the Vietnamese immigrant community in the Versailles neighborhood of New Orleans. In spite of being relatively poor and culturally isolated, this community was one of the first to fully rebound following Hurricane Katrina.

Sims, Benjamin H [Los Alamos National Laboratory

2011-01-12T23:59:59.000Z

188

Rebuilding After Disaster: Going Green from the Ground Up (Revised)  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Rebuilding After Disaster: Going Green from the Ground Up (Revised) Rebuilding After Disaster: Going Green from the Ground Up (Revised) (Brochure), U.S. Department of Energy (DOE), Energy Efficiency & Renewable Energy (EERE) Rebuilding After Disaster: Going Green from the Ground Up (Revised) (Brochure), U.S. Department of Energy (DOE), Energy Efficiency & Renewable Energy (EERE) 20-page "how-to" guide describing ways to turn a disaster into an opportunity to rebuild with greener energy technologies. It covers such topics as the importance of energy, options for communities, instructions for developing an energy plan, and other considerations. This guide is intended for the community leaders who have experienced a disaster. 45136.pdf More Documents & Publications Greensburg Webinars Q&A From Tragedy to Triumph - Rebuilding Green Buildings after Disaster, EERE

189

Rebuilding After Disaster: Going Green from the Ground Up (Revised)  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

After Disaster: Going Green from the Ground Up (Revised) After Disaster: Going Green from the Ground Up (Revised) (Brochure), U.S. Department of Energy (DOE), Energy Efficiency & Renewable Energy (EERE) Rebuilding After Disaster: Going Green from the Ground Up (Revised) (Brochure), U.S. Department of Energy (DOE), Energy Efficiency & Renewable Energy (EERE) 20-page "how-to" guide describing ways to turn a disaster into an opportunity to rebuild with greener energy technologies. It covers such topics as the importance of energy, options for communities, instructions for developing an energy plan, and other considerations. This guide is intended for the community leaders who have experienced a disaster. 45136.pdf More Documents & Publications From Tragedy to Triumph - Rebuilding Green Buildings after Disaster, EERE

190

Counting on Solar Power for Disaster Relief  

NLE Websites -- All DOE Office Websites (Extended Search)

hen disaster strikes, electric power hen disaster strikes, electric power is usually the first critically important service to be lost. And the effects can be devastating. Lights go out. Furnaces, refrigerators, and other electric appliances don't work. Neither do the electric pumps that deliver our drinking water and help treat sewage. Without elec- tricity for homes, hospitals, food stores, and vital municipal services, many of our most important needs go unmet. What's more, emergency response teams need a reliable source of electric power to even begin to deal with the crisis. Without electricity, gasoline can't be pumped at local service stations to transport emergency sup- plies, and banks can't provide emergency funds. Without electric power, conventional communication systems won't work.

191

Policy Network Approach to Coordinated Disaster Response  

E-Print Network (OSTI)

In this paper, we explore the formation of network relationships among disaster relief agencies during the process of responding to an unexpected event. The relationship is investigated through variables derived from the policy network theory, and four cases from three developed countries such as (i) Hurricane Katrina in the US; (ii) Typhoon Maemi in South Korea; (iii) Kobe; and, (iv) Tohoku Earthquake in Japan that failed to cope with extreme events forms the basis for case study presented here. We argue that structural characteristics of multi-jurisdictional coordination may facilitate or impede in responding to a complex nature of recent disaster. We further highlight the promise of policy network approach in facilitating the development of multi-jurisdictional coordination process which may provide new avenue to improve the communication and coordination of hierarchical command control driven organizations with the local community. Our proposed novel approach in investigating the usefulness of network app...

Kim, Kwang Deok

2013-01-01T23:59:59.000Z

192

Needs for Robotic Assessments of Nuclear Disasters  

SciTech Connect

Following the nuclear disaster at the Fukushima nuclear reactor plant in Japan, the need for systems which can assist in dynamic high-radiation environments such as nuclear incidents has become more apparent. The INL participated in delivering robotic technologies to Japan and has identified key components which are needed for success and obstacles to their deployment. In addition, we are proposing new work and methods to improve assessments and reactions to such events in the future. Robotics needs in disaster situations include phases such as: Assessment, Remediation, and Recovery Our particular interest is in the initial assessment activities. In assessment we need collection of environmental parameters, determination of conditions, and physical sample collection. Each phase would require key tools and efforts to develop. This includes study of necessary sensors and their deployment methods, the effects of radiation on sensors and deployment, and the development of training and execution systems.

Victor Walker; Derek Wadsworth

2012-06-01T23:59:59.000Z

193

Southwestern Indiana, Disaster Recovery Business Alliance: An Interim Report  

Science Conference Proceedings (OSTI)

Natural and person-caused disasters are increasing in frequency and magnitude, and these disasters are taking an ever increasing economic and personal toll. This report describes the results to date of applying EPRI's Disaster Recovery Business Alliance (DRBA(SM) process in Southwestern Indiana. In this process, an initial workshop defined overall goals and objectives; and six workshops with specific goals and objectives followed. A seventh workshop is planned for December, 1998.

1998-12-30T23:59:59.000Z

194

V-177: VMware vCenter Chargeback Manager File Upload Handling...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: VMware vCenter Chargeback Manager File Upload Handling Vulnerability V-177: VMware vCenter Chargeback Manager File Upload Handling Vulnerability June 13, 2013 - 6:00am Addthis...

195

Definitions, Seals - Vulnerability Assessment Team - Nuclear Engineering  

NLE Websites -- All DOE Office Websites (Extended Search)

Definitions Definitions VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

196

Safety - Vulnerability Assessment Team - Nuclear Engineering Division  

NLE Websites -- All DOE Office Websites (Extended Search)

Safety Safety VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

197

Useful Resources- Vulnerability Assessment Team - Nuclear Engineering  

NLE Websites -- All DOE Office Websites (Extended Search)

Selected Publications Selected Publications VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

198

Hospital Triage in the First 24 Hours after a Nuclear or Radiological Disaster  

NLE Websites -- All DOE Office Websites (Extended Search)

Hospital Triage in the First 24 Hours after a Nuclear or Radiological Disaster Hospital Triage in the First 24 Hours after a Nuclear or Radiological Disaster Berger, ME; Leonard, RB; Ricks, RC; Wiley, AL; Lowry, PC; Flynn, DF Abstract: This article addresses the problems emergency physicians would face in the event of a nuclear or radiological catastrophe. It presents information about what needs to be done so that useful information will be gathered and reasonable decisions made in the all important triage period. A brief introductory explanation of radiation injury is followed by practical guides for managing the focused history, physical exam, laboratory tests, initial treatment, and disposition of victims of acute radiation syndrome and combined injury. The guides are not intended to serve as a hospital's "emergency

199

Reusing Non-Wearable Textiles in Disaster Areas.  

E-Print Network (OSTI)

??This thesis describes a design project of a shelter solution for disaster relief in cold climates with non-wearable textiles. KICI foundation is searching for applications… (more)

Bolier, L.J.

2013-01-01T23:59:59.000Z

200

T-681:IBM Lotus Symphony Multiple Unspecified Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE))

Multiple unspecified vulnerabilities in IBM Lotus Symphony 3 before FP3 have unknown impact and attack vectors, related to "critical security vulnerability issues."

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


201

U-173: Symantec Web Gateway Multiple Vulnerabilities | Department...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Symantec Web Gateway Multiple Vulnerabilities U-173: Symantec Web Gateway Multiple Vulnerabilities May 21, 2012 - 7:00am Addthis PROBLEM: Symantec Web Gateway Multiple...

202

India-Vulnerability Assessment and Enhancing Adaptive Capacities...  

Open Energy Info (EERE)

Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Change Jump to: navigation, search Name India-Vulnerability Assessment and Enhancing Adaptive Capacities to...

203

Common Cyber Security Vulnerabilities Observed in Control System...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program Common Cyber Security Vulnerabilities Observed in Control System Assessments by...

204

Linking post-disaster mental health to the erosion of social fabric.  

E-Print Network (OSTI)

??This dissertation aimed to dissect the complex nature of post-disaster mental health problems. Current (research) perspectives define disaster mental health as a construct that is… (more)

Wind, T.R.

2013-01-01T23:59:59.000Z

205

Election Security - Vulnerability Assessment Team - Nuclear Engineerin...  

NLE Websites -- All DOE Office Websites (Extended Search)

on LinkedIn The Vulnerability Assessment Team has demonstrated easy to execute, non-cyber attacks on two different kinds of electronic voting machines. We believe that too...

206

New York City's Vulnerability to Coastal Flooding  

Science Conference Proceedings (OSTI)

New York City, New York (NYC), is extremely vulnerable to coastal flooding; thus, verification and improvements in storm surge models are needed in order to protect both life and property. This paper highlights the Stony Brook Storm Surge (SBSS) ...

Brian A. Colle; Frank Buonaiuto; Malcolm J. Bowman; Robert E. Wilson; Roger Flood; Robert Hunter; Alexander Mintz; Douglas Hill

2008-06-01T23:59:59.000Z

207

Finding community through information and communication technology in disaster response  

Science Conference Proceedings (OSTI)

Disasters affect not only the welfare of individuals and family groups, but also the well-being of communities, and can serve as a catalyst for innovative uses of information and communication technology (ICT). In this paper, we present evidence of ICT ... Keywords: community, computer-mediated communication, crisis informatics, disaster, emergency, innovation, wildfire

Irina Shklovski; Leysia Palen; Jeannette Sutton

2008-11-01T23:59:59.000Z

208

Information practices of disaster preparedness professionals in multidisciplinary groups  

Science Conference Proceedings (OSTI)

OBJECTIVE: This article summarizes the results of a descriptive qualitative study addressing the question, what are the information practices of the various professionals involved in disaster preparedness? We present key results, but focus on issues ... Keywords: disaster preparedness, information behavior, information practice, information science theory, library science research

Barbara L. Folb; Ellen G. Detlefsen; Sandra C. Quinn; Gerald Barron; Jeanette M. Trauth

2010-10-01T23:59:59.000Z

209

What Previous Disasters Teach: The (Really) Hard Lessons  

E-Print Network (OSTI)

What Previous Disasters Teach: The (Really) Hard Lessons What Previous Disasters Teach: The (Really) Hard LessonsThe (Really) Hard Lessons of Katrina and Haiti for Humanitarian Logistics The (Really) Hard debacle or How not to do it The Port au Prince Earthquake: More Hard Lessons Implications Suggestions #12

Mitchell, John E.

210

Disaster Planning and Mitigation Technologies: Interim Technology Inventory Report #6  

Science Conference Proceedings (OSTI)

Natural and man-caused disasters are inevitable, recurrent, and increasing in frequency and magnitude. They are taking a larger and larger economic and personal toll. This report identifies technologies and information that can assist utilities, their customers, and their communities in preventing, mitigating, and recovering from disasters.

2001-12-07T23:59:59.000Z

211

From Tragedy to Triumph - Rebuilding Green Homes after Disaster (Revised)  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

From Tragedy to Triumph - Rebuilding Green Homes after Disaster From Tragedy to Triumph - Rebuilding Green Homes after Disaster (Revised) (Fact Sheet) From Tragedy to Triumph - Rebuilding Green Homes after Disaster (Revised) (Fact Sheet) These Greensburg fact sheet sheets help citizens understand what they can do as a part of the focus. Saving energy & water, using renewable energy (particular interest in small wind), driving "green", general sustainability, & living green. 45138.pdf More Documents & Publications From Tragedy to Triumph - Rebuilding Green Buildings after Disaster, EERE (Fact Sheet) Rebuilding Greensburg, Kansas, as a Model Green Community: A Case Study; NREL's Technical Assistance to Greensburg, June 2007-May 2009 From Tragedy to Triumph - Rebuilding with Renewable Energy after Disaster,

212

CDKN-Colombia-Cartagena Vulnerability Assessment | Open Energy Information  

Open Energy Info (EERE)

Cartagena Vulnerability Assessment Cartagena Vulnerability Assessment Jump to: navigation, search Name CDKN-Colombia-Cartagena Vulnerability Assessment Agency/Company /Organization Climate and Development Knowledge Network (CDKN), United Kingdom Department for International Development Sector Climate Topics Background analysis, Low emission development planning, Pathways analysis Website http://resilient-cities.iclei. Country Colombia UN Region South America References CDKN-Colombia-Cartagena Vulnerability Assessment[1] CDKN-Colombia-Cartagena Vulnerability Assessment Screenshot This article is a stub. You can help OpenEI by expanding it. References ↑ "CDKN-Colombia-Cartagena Vulnerability Assessment" Retrieved from "http://en.openei.org/w/index.php?title=CDKN-Colombia-Cartagena_Vulnerability_Assessment&oldid=407543

213

Chemical Safety Vulnerability Working Group report. Volume 2  

SciTech Connect

The Chemical Safety Vulnerability (CSV) Working Group was established to identify adverse conditions involving hazardous chemicals at DOE facilities that might result in fires or explosions, release of hazardous chemicals to the environment, or exposure of workers or the public to chemicals. A CSV Review was conducted in 148 facilities at 29 sites. Eight generic vulnerabilities were documented related to: abandoned chemicals and chemical residuals; past chemical spills and ground releases; characterization of legacy chemicals and wastes; disposition of legacy chemicals; storage facilities and conditions; condition of facilities and support systems; unanalyzed and unaddressed hazards; and inventory control and tracking. Weaknesses in five programmatic areas were also identified related to: management commitment and planning; chemical safety management programs; aging facilities that continue to operate; nonoperating facilities awaiting deactivation; and resource allocations. Volume 2 consists of seven appendices containing the following: Tasking memorandums; Project plan for the CSV Review; Field verification guide for the CSV Review; Field verification report, Lawrence Livermore National Lab.; Field verification report, Oak Ridge Reservation; Field verification report, Savannah River Site; and the Field verification report, Hanford Site.

Not Available

1994-09-01T23:59:59.000Z

214

Chemical Safety Vulnerability Working Group report. Volume 3  

SciTech Connect

The Chemical Safety Vulnerability (CSV) Working Group was established to identify adverse conditions involving hazardous chemicals at DOE facilities that might result in fires or explosions, release of hazardous chemicals to the environment, or exposure of workers or the public to chemicals. A CSV Review was conducted in 148 facilities at 29 sites. Eight generic vulnerabilities were documented related to: abandoned chemicals and chemical residuals; past chemical spills and ground releases; characterization of legacy chemicals and wastes; disposition of legacy chemicals; storage facilities and conditions; condition of facilities and support systems; unanalyzed and unaddressed hazards; and inventory control and tracking. Weaknesses in five programmatic areas were also identified related to: management commitment and planning; chemical safety management programs; aging facilities that continue to operate; nonoperating facilities awaiting deactivation; and resource allocations. Volume 3 consists of eleven appendices containing the following: Field verification reports for Idaho National Engineering Lab., Rocky Flats Plant, Brookhaven National Lab., Los Alamos National Lab., and Sandia National Laboratories (NM); Mini-visits to small DOE sites; Working Group meeting, June 7--8, 1994; Commendable practices; Related chemical safety initiatives at DOE; Regulatory framework and industry initiatives related to chemical safety; and Chemical inventory data from field self-evaluation reports.

Not Available

1994-09-01T23:59:59.000Z

215

T-565: Vulnerability in Microsoft Malware Protection Engine Could Allow  

NLE Websites -- All DOE Office Websites (Extended Search)

65: Vulnerability in Microsoft Malware Protection Engine Could 65: Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of PrivilegeVulnerability T-565: Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of PrivilegeVulnerability February 25, 2011 - 7:40am Addthis PROBLEM: Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of PrivilegeVulnerability. PLATFORM: Microsoft Malware Protection Engine Last version of the Microsoft Malware Protection Engine affected by this vulnerability: Version 1.1.6502.0 This version is the last version of the Microsoft Malware Protection Engine that is affected by the vulnerability. First version of the Microsoft Malware Protection Engine with this vulnerability addressed:Version 1.1.6603.0 If the version of the Microsoft Malware Protection Engine is equal to or

216

Security Issues in Cloud Computing: A Survey of Risks, Threats and Vulnerabilities  

Science Conference Proceedings (OSTI)

Cloud Computing CC is revolutionizing the methodology by which IT services are being utilized. It is being introduced and marketed with many attractive promises that are enticing to many companies and managers, such as reduced capital costs and relief ... Keywords: Cloud Computing, Risks, Security, Threats, Vulnerabilities

Kamal Dahbur; Bassil Mohammad; Ahmad Bisher Tarakji

2011-07-01T23:59:59.000Z

217

Prehospital and Disaster Medicine http://pdm.medicine.wisc.edu Vol. 23, No. 1 ORIGINAL RESEARCH  

E-Print Network (OSTI)

525 East 68th Street New York, NY 10021 E-mail: apant@jhsph.edu Keywords: disaster; disaster response-term shelters for housing. Responsibility for sheltering those affected by disasters in the United States in this capacity in this paper. Faith-based organizations comprise a significant disaster response asset

Scharfstein, Daniel

218

o I would like to make a donation to the Center for Refugee and Disaster Response  

E-Print Network (OSTI)

o I would like to make a donation to the Center for Refugee and Disaster Response in the amount.jhsph.edu/refugee/make_a_gift o I would like to receive e-mail updates The Center for Refugee and Disaster Response works with its on Refugee and Disaster Response. Options include online courses as well as field experience in disaster

Scharfstein, Daniel

219

A framework for modeling rail transport vulnerability  

Science Conference Proceedings (OSTI)

Railroads represent one of the most efficient methods of long-haul transport for bulk commodities, from coal to agricultural products. Over the past fifty years, the rail network has contracted while tonnage has increased. Service, geographically, has been abandoned along short haul routes and increased along major long haul routes, resulting in a network that is more streamlined. The current rail network may be very vulnerable to disruptions, like the failure of a trestle. This paper proposes a framework to model rail network vulnerability and gives an application of this modeling framework in analyzing rail network vulnerability for the State of Washington. It concludes with a number of policy related issues that need to be addressed in order to identify, plan, and mitigate the risks associated with the sudden loss of a bridge or trestle.

Peterson, Steven K [ORNL; Church, Richard L. [University of California, Santa Barbara

2008-01-01T23:59:59.000Z

220

V-131: Adobe Shockwave Player Multiple Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Adobe Shockwave Player Multiple Vulnerabilities 1: Adobe Shockwave Player Multiple Vulnerabilities V-131: Adobe Shockwave Player Multiple Vulnerabilities April 11, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Adobe Shockwave Player PLATFORM: The vulnerabilities are reported in versions 12.0.0.112 and prior ABSTRACT: This update addresses vulnerabilities that could allow an attacker to run malicious code on the affected system REFERENCE LINKS: Secunia Advisory: SA52981 Adobe Security Bulletin CVE-2013-1383 CVE-2013-1384 CVE-2013-1385 CVE-2013-1386 IMPACT ASSESSMENT: High DISCUSSION: This update resolves : 1) A buffer overflow vulnerability that could lead to code execution 2) Memory corruption vulnerabilities that could lead to code execution 3) Memory leakage vulnerability that could be exploited to reduce the

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


221

Critical infrastructure protection: The vulnerability conundrum  

Science Conference Proceedings (OSTI)

Critical infrastructure and key resources (CIKR) refer to a broad array of assets which are essential to the everyday functionality of social, economic, political and cultural systems in the United States. The interruption of CIKR poses significant threats ... Keywords: Critical infrastructure, Fortification, Interdiction, Policy, Protection, Strategies, Vulnerability

Alan T. Murray; Tony H. Grubesic

2012-02-01T23:59:59.000Z

222

Chemical Safety Vulnerability Working Group Report  

SciTech Connect

This report marks the culmination of a 4-month review conducted to identify chemical safety vulnerabilities existing at DOE facilities. This review is an integral part of DOE's efforts to raise its commitment to chemical safety to the same level as that for nuclear safety.

1994-09-01T23:59:59.000Z

223

Counting on Solar Power for Disaster Relief  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

hen disaster strikes, electric power is usually the first critically important service to be lost. And the effects can be devastating. Lights go out. Furnaces, refrigerators, and other electric appliances don't work. Neither do the electric pumps that deliver our drinking water and help treat sewage. Without elec- tricity for homes, hospitals, food stores, and vital municipal services, many of our most important needs go unmet. What's more, emergency response teams need a reliable source of electric power to even begin to deal with the crisis. Without electricity, gasoline can't be pumped at local service stations to transport emergency sup- plies, and banks can't provide emergency funds. Without electric power, conventional communication systems won't work.

224

Waste Management Programmes in Response to Large Disasters  

E-Print Network (OSTI)

a “...the re-use of materials salvaged from damaged buildings should be promoted where feasible, either as primary construction materials (bricks or stone masonry, roof timber, roof tiles, etc.) or as secondary material (rubble for foundations or levelling roads, etc.).” SPHERE Handbook, Shelter and Settlement, Standard 5: Construction, Guidance note 1, 2004 “...the production and supply of construction material and the building process minimises the long-term depletion of natural resources.”

Joseph Ashmore; Maoya Bassiouni; Martin Bjerregard; Tom Corsellis; Igor Fedotov; Heiner Gloor

2004-01-01T23:59:59.000Z

225

WMO's Role in the International Decade for Natural Disaster Reduction  

Science Conference Proceedings (OSTI)

Editor's note: This article is based on a presentation to the Symposium on theInternational Decade for Natural Disaster Reduction, 24 January 1994 in Nashville,Tennessee. The symposium was held in conjunction with the AMS Annual Meeting.

G. O. P. Obasi

1994-09-01T23:59:59.000Z

226

Have Disaster Losses Increased Due to Anthropogenic Climate Change?  

Science Conference Proceedings (OSTI)

The increasing impact of natural disasters over recent decades has been well documented, especially the direct economic losses and losses that were insured. Claims are made by some that climate change has caused more losses, but others assert ...

Laurens M. Bouwer

2011-01-01T23:59:59.000Z

227

Culture aprčs le déluge: heritage ecology after disaster  

E-Print Network (OSTI)

and international dependency on fossil fuels, and the commitment to the degradation of the natural environment that this dependency entails, finally be rethought? Will it be this disaster that finally moves the national dialogue forward, as we once thought about...

Morris, Benjamin Alan

2010-10-12T23:59:59.000Z

228

Leading a lean transformation in the wake of a disaster  

E-Print Network (OSTI)

Through a disaster, a company is presented with an opportunity to leverage the momentum from recovery efforts to drastically change the way business is conducted. In the case of Raytheon's Solid State Microwave division, ...

Caballero, Christian G. (Christian Gabriel)

2005-01-01T23:59:59.000Z

229

... the Chancellor has appointed a work group to explore a campus response to the recent disaster in the Indian Ocean. That disaster is another  

E-Print Network (OSTI)

... the Chancellor has appointed a work group to explore a campus response to the recent disaster in the Indian Ocean. That disaster is another highlight of the scary times we live in. Not only do natural disasters take away lives and cause unimaginable suffering, chronic conditions of poverty cause death

California at Davis, University of

230

V-038: Google Chrome Two Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Google Chrome Two Vulnerabilities 8: Google Chrome Two Vulnerabilities V-038: Google Chrome Two Vulnerabilities December 3, 2012 - 1:00am Addthis PROBLEM: Google Chrome Two Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 23.0.1271.95. ABSTRACT: Two vulnerabilities have been reported in Google Chrome REFERENCE LINKS: Stable Channel Update Secunia Advisory SA51447 CVE-2012-5137 CVE-2012-5138 IMPACT ASSESSMENT: High DISCUSSION: Two vulnerabilities have been reported in Google Chrome, where one has an unknown impact and the other can be exploited by malicious people to compromise a user's system. 1) An error exists when handling file paths. 2) A use-after-free error exists when handling media sources. The vulnerabilities are reported in versions prior to 23.0.1271.95. IMPACT:

231

T-566: Citrix Secure Gateway Unspecified Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Citrix Secure Gateway Unspecified Vulnerability 6: Citrix Secure Gateway Unspecified Vulnerability T-566: Citrix Secure Gateway Unspecified Vulnerability February 28, 2011 - 11:22pm Addthis PROBLEM: Citrix Secure Gateway Unspecified Vulnerability. PLATFORM: Citrix Secure Gateway version 3.1.4 ABSTRACT: A vulnerability has been reported in Citrix Secure Gateway, which can be exploited by malicious people to compromise a vulnerable system. reference LINKS: Citrix ID:CTX128168 Secunia Advisory SA43497 Citrix Support IMPACT ASSESSMENT: High Discussion: This vulnerability only affects Secure Gateway version 3.1.4. Secure Gateway version 3.2.0 is not affected by this vulnerability, but Citrix recommends that customers currently using this version upgrade their deployments to version 3.2.1 in line with the guidance provided in

232

Empirical Estimates and Observations of 0Day Vulnerabilities  

Science Conference Proceedings (OSTI)

We define a 0Day vulnerability to be any vulnerability, in deployed software, that has been discovered by at least one person but has not yet been publicly announced or patched. These 0Day vulnerabilities are of particular interest when assessing the risk to a system from exploit of vulnerabilities which are not generally known to the public or, most importantly, to the owners of the system. Using the 0Day definition given above, we analyzed the 0Day lifespans of 491 vulnerabilities and conservatively estimated that in the worst year there were on average 2500 0Day vulnerabilities in existence on any given day. Then using a small but intriguing set of 15 0Day vulnerability lifespans representing the time from actual discovery to public disclosure, we made a more aggressive estimate. In this case, we estimated that in the worst year there were, on average, 4500 0Day vulnerabilities in existence on any given day.

Miles A. McQueen; Trevor A. McQueen; Wayne F. Boyer; May R. Chaffin

2009-01-01T23:59:59.000Z

233

PNNL-SA-33642 VULNERABILITY TO CLIMATE CHANGE  

E-Print Network (OSTI)

PNNL-SA-33642 VULNERABILITY TO CLIMATE CHANGE A Quantitative Approach R. H. Moss A. L. Brenkert E@ntis.fedworld.gov Online ordering: http://www.ntis.gov/ordering.htm #12;iii EXECUTIVE SUMMARY The PNNL Vulnerability

Hultman, Nathan E.

234

V-145: IBM Tivoli Federated Identity Manager Products Java Multiple  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: IBM Tivoli Federated Identity Manager Products Java Multiple 5: IBM Tivoli Federated Identity Manager Products Java Multiple Vulnerabilities V-145: IBM Tivoli Federated Identity Manager Products Java Multiple Vulnerabilities April 30, 2013 - 12:09am Addthis PROBLEM: IBM Tivoli Federated Identity Manager Products Java Multiple Vulnerabilities PLATFORM: IBM Tivoli Federated Identity Manager versions 6.1, 6.2.0, 6.2.1, and 6.2.2. IBM Tivoli Federated Identity Manager Business Gateway versions 6.1.1, 6.2.0, 6.2.1 and 6.2.2. ABSTRACT: IBM has acknowledged a weakness and two vulnerabilities in IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway REFERENCE LINKS: IBM Reference #:1634544 Secunia Advisory SA53233 CVE-2013-0169 CVE-2013-0440 CVE-2013-0443 IMPACT ASSESSMENT: Medium DISCUSSION: CVE-2013-0440 - Unspecified vulnerability in IBM Java

235

T-560: Cisco Security Advisory: Management Center for Cisco Security...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Security Advisory: Cisco Content Services Gateway Vulnerabilities V-014: Cisco Prime Data Center Network Manager JBoss RMI Services Let Remote Users Execute Arbitrary Commands...

236

V-073: IBM Tivoli Federated Identity Manager Signature Verification...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Web Server HTTP TRACETRACK Support Lets Remote Users Obtain Potentially Sensitive Information V-145: IBM Tivoli Federated Identity Manager Products Java Multiple Vulnerabilities...

237

V-073: IBM Tivoli Federated Identity Manager Signature Verification...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

IBM Tivoli Netcool Reporter CGI Bug Lets Remote Users Inject Commands on the Target System V-145: IBM Tivoli Federated Identity Manager Products Java Multiple Vulnerabilities...

238

When the well runs dry : groundwater management in Texas.  

E-Print Network (OSTI)

??Managing and protecting our water resources is one of the most pressing long-term issues facing Texas. In addition to population growth, Texas' vulnerability to drought… (more)

Reel, Jennifer Lynne

2010-01-01T23:59:59.000Z

239

T-560: Cisco Security Advisory: Management Center for Cisco Security Agent  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Cisco Security Advisory: Management Center for Cisco 0: Cisco Security Advisory: Management Center for Cisco Security Agent Remote Code Execution Vulnerability T-560: Cisco Security Advisory: Management Center for Cisco Security Agent Remote Code Execution Vulnerability February 18, 2011 - 7:00am Addthis PROBLEM: Cisco Security Advisory: Management Center for Cisco Security Agent Remote Code Execution Vulnerability. PLATFORM: Cisco Security Agent software releases 5.1, 5.2, and 6.0 are affected by this vulnerability. Note: Only the Management Center for Cisco Security Agent is affected by this vulnerability. Cisco Security Agent installations on end-point workstations or servers are not affected by this vulnerability. ABSTRACT: The Management Center for Cisco Security Agent is affected by a vulnerability that may allow an unauthenticated attacker to perform remote

240

Emergency Management Plan 2010 March 1 EMERGENCY MANAGEMENT PLAN  

E-Print Network (OSTI)

or Disaster 3.1 Initiation of Level 2 and 3 Emergency Response 4. Activation of Emergency Management Plan.......................................................................................................... 5 1. Emergency Response Levels 2. Planning and Implementation Principles 3. Incident Command System and Authority of Director of Emergency Operations Response Procedures

Argerami, Martin

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


241

Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Guide to Critical Infrastructure Protection Cyber Vulnerability Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment This document describes a customized process for cyber vulnerability assessment in compliance with the Critical Infrastructure Protection standards adopted by the North American Electric Reliability Corporation in 2006. This guide covers the planning, execution, and reporting process. Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment More Documents & Publications Wireless System Considerations When Implementing NERC Critical Infrastructure Protection Standards New No-Cost ANTFARM Tool Maps Control System Networks to Help Implement Cyber Security Standards "Cybersecurity for State Regulators" - NARUC Primer (June 2012)

242

Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Guide to Critical Infrastructure Protection Cyber Vulnerability Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment This document describes a customized process for cyber vulnerability assessment in compliance with the Critical Infrastructure Protection standards adopted by the North American Electric Reliability Corporation in 2006. This guide covers the planning, execution, and reporting process. Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment More Documents & Publications Wireless System Considerations When Implementing NERC Critical Infrastructure Protection Standards New No-Cost ANTFARM Tool Maps Control System Networks to Help Implement Cyber Security Standards "Cybersecurity for State Regulators" - NARUC Primer (June

243

A framework for business continuity management  

Science Conference Proceedings (OSTI)

An enterprise is exposed to risks-such as acts of terrorism, natural disasters and utility failure-which may disrupt operations, disaffect customers and compromise business credibility and revenue streams. Risk can also be introduced to an enterprise ... Keywords: Business continuity management, Information strategy, Risk management

Forbes Gibb; Steven Buchanan

2006-04-01T23:59:59.000Z

244

Development of dam safety management system  

Science Conference Proceedings (OSTI)

Recently, we can see an increasing amount of dam damage or failure due to aging, earthquakes occurrence and unusual changes in weather. For this reason, dam safety is gaining more importance than ever before in terms of disaster management at a national ... Keywords: Dam safety, Dam safety issue, Dam safety management system, Field inspection, Instrumentation, Monitoring, Safety evaluation

Jesung Jeon; Jongwook Lee; Donghoon Shin; Hangyu Park

2009-08-01T23:59:59.000Z

245

V-050: IBM InfoSphere Information Server Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: IBM InfoSphere Information Server Multiple Vulnerabilities 0: IBM InfoSphere Information Server Multiple Vulnerabilities V-050: IBM InfoSphere Information Server Multiple Vulnerabilities December 19, 2012 - 1:00am Addthis PROBLEM: IBM InfoSphere Information Server Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 9.1. ABSTRACT: Multiple vulnerabilities have been reported in IBM InfoSphere Information Server REFERENCE LINKS: Secunia Advisory SA51605 IBM Support home IBM InfoSphere Information Server, Version 9.1 fix list IMPACT ASSESSMENT: Medium DISCUSSION: Multiple vulnerabilities have been reported in IBM InfoSphere Information Server, where some have an unknown impact and others can be exploited by malicious users to bypass certain security restrictions. 1) An unspecified error exists in the InfoCenter component.

246

U-013: HP Data Protector Multiple Unspecified Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: HP Data Protector Multiple Unspecified Vulnerabilities 3: HP Data Protector Multiple Unspecified Vulnerabilities U-013: HP Data Protector Multiple Unspecified Vulnerabilities October 18, 2011 - 9:00am Addthis PROBLEM: HP Data Protector Multiple Unspecified Vulnerabilities. PLATFORM: HP Data Protector Notebook Extension 6.20; HP Data Protector for Personal Computers 7.0 ABSTRACT: Multiple vulnerabilities were reported in HP Data Protector. A remote user can execute arbitrary code on the target system. reference LINKS: HP Security Document ID: c03054543 SecurityTracker Alert ID: 1026195 Secunia Advisory: SA46468 CVE-2011-3156 CVE-2011-3157 CVE-2011-3158 CVE-2011-3159 CVE-2011-3160 CVE-2011-3161 CVE-2011-3162 IMPACT ASSESSMENT: High Discussion: Potential security vulnerabilities has been identified with HP Data Protector Notebook Extension. These vulnerabilities could be remotely

247

U-162: Drupal Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

62: Drupal Multiple Vulnerabilities 62: Drupal Multiple Vulnerabilities U-162: Drupal Multiple Vulnerabilities May 4, 2012 - 7:00am Addthis PROBLEM: Drupal Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in 7.x versions prior to 7.13. ABSTRACT: Several vulnerabilities were reported in Drupal: Denial of Service, Access bypass, and Unvalidated form redirect reference LINKS: Security Advisory: DRUPAL-SA-CORE-2012-002 Bugtraq ID: 53359 Secunia Advisory SA49012 CVE-2012-1588 CVE-2012-1589 CVE-2012-1590 CVE-2012-1591 CVE-2012-2153 MPACT ASSESSMENT: High Discussion: A weakness, a security issue, and multiple vulnerabilities have been reported in Drupal, which can be exploited by malicious users to disclose sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service).

248

T-576: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities 6: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities T-576: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities March 14, 2011 - 3:05pm Addthis PROBLEM: Oracle has acknowledged multiple vulnerabilities in Adobe Flash Player included in Solaris, which can be exploited by malicious people to compromise a user's system. PLATFORM: Sun Solaris 10 ABSTRACT: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities. reference LINKS: Secunia Advisory: SA43747 Oracle Sun Advisory: CVE Multiple Vulnerabilities in Adobe Flash Player Secure List: SA43747 Oracle Sun Support Adobe Flash Player for Linux and Solaris IMPACT ASSESSMENT: High Discussion: Oracle has acknowledged multiple vulnerabilities in Solaris, which can be exploited by malicious people to disclose sensitive information, bypass

249

V-050: IBM InfoSphere Information Server Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: IBM InfoSphere Information Server Multiple Vulnerabilities 0: IBM InfoSphere Information Server Multiple Vulnerabilities V-050: IBM InfoSphere Information Server Multiple Vulnerabilities December 19, 2012 - 1:00am Addthis PROBLEM: IBM InfoSphere Information Server Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 9.1. ABSTRACT: Multiple vulnerabilities have been reported in IBM InfoSphere Information Server REFERENCE LINKS: Secunia Advisory SA51605 IBM Support home IBM InfoSphere Information Server, Version 9.1 fix list IMPACT ASSESSMENT: Medium DISCUSSION: Multiple vulnerabilities have been reported in IBM InfoSphere Information Server, where some have an unknown impact and others can be exploited by malicious users to bypass certain security restrictions. 1) An unspecified error exists in the InfoCenter component.

250

U-162: Drupal Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

162: Drupal Multiple Vulnerabilities 162: Drupal Multiple Vulnerabilities U-162: Drupal Multiple Vulnerabilities May 4, 2012 - 7:00am Addthis PROBLEM: Drupal Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in 7.x versions prior to 7.13. ABSTRACT: Several vulnerabilities were reported in Drupal: Denial of Service, Access bypass, and Unvalidated form redirect reference LINKS: Security Advisory: DRUPAL-SA-CORE-2012-002 Bugtraq ID: 53359 Secunia Advisory SA49012 CVE-2012-1588 CVE-2012-1589 CVE-2012-1590 CVE-2012-1591 CVE-2012-2153 MPACT ASSESSMENT: High Discussion: A weakness, a security issue, and multiple vulnerabilities have been reported in Drupal, which can be exploited by malicious users to disclose sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service).

251

T-616: PHP Stream Component Remote Denial of Service Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: PHP Stream Component Remote Denial of Service Vulnerability 6: PHP Stream Component Remote Denial of Service Vulnerability T-616: PHP Stream Component Remote Denial of Service Vulnerability May 5, 2011 - 12:59am Addthis PROBLEM: PHP Stream Component Remote Denial of Service Vulnerability PLATFORM: Ubuntu Linux PHP MandrakeSoft Corporate Server MandrakeSoft Enterprise Server MandrakeSoft Linux Mandrake ABSTRACT: PHP is prone to a remote denial-of-service vulnerability because the proxy server fails to handle certain FTP requests. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Versions prior to PHP 5.3.6 are vulnerable. reference LINKS: SecurityFocus IMPACT ASSESSMENT: Medium Discussion: PHP is prone to a remote denial-of-service vulnerability because the proxy server fails to handle certain FTP requests. An attacker can exploit this

252

T-540: Sybase EAServer Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

40: Sybase EAServer Multiple Vulnerabilities 40: Sybase EAServer Multiple Vulnerabilities T-540: Sybase EAServer Multiple Vulnerabilities January 24, 2011 - 6:16am Addthis PROBLEM: Sybase EAServer Multiple Vulnerabilities PLATFORM: Sybase EAServer versions 6.3 and prior ABSTRACT: Sybase EAServer is prone to a security-bypass vulnerability and a directory-traversal vulnerability. Attackers may exploit these issues to execute arbitrary code within the context of the application or to disclose sensitive information. Sybase EAServer versions 6.3 and prior are affected. reference LINKS: Bugtraq ID: 45809 SyBase Advisory IMPACT ASSESSMENT: Medium Discussion: Remote exploitation of a design vulnerability in Sybase EAServer could allow an attacker to install arbitrary web services, this condition can result in arbitrary code execution allowing attacker to gain control over

253

Colombia-Cartagena Vulnerability Assessment | Open Energy Information  

Open Energy Info (EERE)

Colombia-Cartagena Vulnerability Assessment Colombia-Cartagena Vulnerability Assessment Jump to: navigation, search Name Colombia-CDKN-Cartagena Vulnerability Assessment Agency/Company /Organization Climate and Development Knowledge Network (CDKN), United Kingdom Department for International Development Sector Climate Topics Background analysis, Low emission development planning, Pathways analysis Website http://resilient-cities.iclei. Country Colombia UN Region South America References CDKN-Colombia-Cartagena Vulnerability Assessment[1] Colombia-CDKN-Cartagena Vulnerability Assessment Screenshot This article is a stub. You can help OpenEI by expanding it. References ↑ "CDKN-Colombia-Cartagena Vulnerability Assessment" Retrieved from "http://en.openei.org/w/index.php?title=Colombia-Cartagena_Vulnerability_Assessment&oldid=699760"

254

Modeling Dynamics of Post Disaster Recovery  

E-Print Network (OSTI)

Natural disasters result in loss of lives, damage to built facilities, and interruption of businesses. The losses are not instantaneous rather they continue to occur until the community is restored to a functional socio-economic entity. Hence, it is essential that policy makers recognize this dynamic aspect of the incurring losses and make realistic plans to enhance the recovery. However, this cannot take place without understanding how homeowners react to recovery signals. These signals can come in different ways: from policy makers showing their strong commitment to restore the community by providing financial support and/or restoration of lifeline infrastructure; or from the neighbors showing their willingness to reconstruct. The goal of this research is to develop a model that can account for homeowners’ dynamic interactions in both organizational and spatial domains. Spatial domain of interactions focuses on how homeowners process signals from the environment such as neighbors reconstructing and local agencies restoring infrastructure, while organizational domain of interactions focuses on how agents process signals from other stakeholders that do not directly affect the environment like insurers. The hypothesis of this study is that these interactions significantly influence decisions to reconstruct and stay, or sell and leave. A multi-agent framework is used to capture emergent behavior such as spatial patterns and formation of clusters. The developed framework is illustrated and validated using experimental data sets.

Nejat, Ali

2011-08-01T23:59:59.000Z

255

Blowout in the Gulf: The BP Oil Spill Disaster and the Future of Energy in America  

E-Print Network (OSTI)

Blowout in the Gulf: The BP Oil Spill Disaster and theBlowout in the Gulf. The BP Oil Spill Disaster and theApril 20 th 2010, eleven oil workers died as the Deepwater

Ferrara, Enzo

2011-01-01T23:59:59.000Z

256

The application of Intelligent Transportation Systems (ITS) and Information Technology systems to disaster response  

E-Print Network (OSTI)

Disaster response operations during recent terrorist attacks and natural disasters have been a cause for concern. Lack of planning is one source of difficulties with these operations, but even if a perfect plan is agreed ...

Pinelis, Lev

2006-01-01T23:59:59.000Z

257

Rights-based evaluation of government responses to a given 'natural' disaster : Katrina as case study  

E-Print Network (OSTI)

Disaster impacts human mobility and a rights-based approach to disaster response is needed to protect the human rights of those who seek migration as an adaptation strategy. This paper deals with returning to a place after ...

Haeffner, Melissa (Melissa Ann)

2010-01-01T23:59:59.000Z

258

EDITORIAL COMMENTS Use of Structured Observational Methods in Disaster Research:“Recurrent Medical Response Problems in Five Recent Disasters in the Netherlands”  

E-Print Network (OSTI)

Doctors Juffermans and Bierens are to be commended for their paper published in this issue of Prehospital and Disaster Medicine entitled “Recurrent Medical Response Problems in Five Recent Disasters in the Netherlands. ” In the study, it is noted that health disaster response problems are repeated disaster after disaster. This finding seems to be consistent with the recurrent problems of communications, logistics, and access that have occurred in major events such as the Indian Ocean Tsunami, Hurricane Katrina in New Orleans, and Haiti Earthquake. Interestingly, the authors found no improved performance in medical disaster response related to disaster plans and protocols. While disaster experts will find the findings reported important for discussion and further evaluation, this editorial is written to discuss the research methodology demonstrated by the study. In their paper, Doctors Juffermans and Bierens have used research methods that are important for performing valid observational “meta-analysis ” of archived disaster reports. 1 The authors have provided a template for structured disaster medical research of archived

Samuel J. Stratton

2010-01-01T23:59:59.000Z

259

A joint network for disaster recovery and search and rescue operations  

Science Conference Proceedings (OSTI)

Disasters are exceptional events that are either man made, such as terrorist attacks, or natural, such as earthquakes, wildfires and floods. Disasters create emergency situations and cause physical and social disorder. In these emergency situations, ... Keywords: Disaster recovery networks, Reward-based random walks, Search and rescue networks, Two-dimensional random walk

Ram G. Lakshmi Narayanan; Oliver C. Ibe

2012-09-01T23:59:59.000Z

260

Critical Incident and Disaster Response Policy Commencement Date: 9 December, 1992  

E-Print Network (OSTI)

Critical Incident and Disaster Response Policy Commencement Date: 9 December, 1992 Category STATEMENT 5.1 The University shall establish a comprehensive and integrated Disaster Response Plan and appropriate measures are in place to prevent predictable or potential disasters and possible critical

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


261

Lessons Learned in Using Social Media for Disaster Relief ASU Crisis Response Game  

E-Print Network (OSTI)

Lessons Learned in Using Social Media for Disaster Relief ASU Crisis Response Game Mohammad in a simulated disaster. · Crowdsourcing using social media · Data collection · Task allocation and · Response to include public warning to avoid confusion in a disaster game · Coordination among different systems

Liu, Huan

262

In disaster response, timely collection and exploitation of remotely sensed imagery is of increasing importance. Image  

E-Print Network (OSTI)

Abstract In disaster response, timely collection and exploitation of remotely sensed imagery. Introduction The collection and utilization of airborne/satellite imagery for disaster response has become expected and necessary. The response phase of the disaster cycle is the time period between impact (e

Hodgson, Michael E.

263

Call for Papers International Workshop on Natural Disaster and the City  

E-Print Network (OSTI)

faced by urban populations. Cities as sites of risk, response and rehabilitation. Cultures of disaster1 Call for Papers International Workshop on Natural Disaster and the City Historical Perspectives to the study of natural disasters. It aims to historically contextualise the causes and consequences

Takada, Shoji

264

A Middleware for Service-oriented Communication in Mobile Disaster Response Environments  

E-Print Network (OSTI)

A Middleware for Service-oriented Communication in Mobile Disaster Response Environments Lukasz@infosys.tuwien.ac.at ABSTRACT Today, the work of disaster response teams is being increas- ingly supported and coordinated present RESCUE, an open-source middleware for service-oriented communica- tion in mobile disaster response

Dustdar, Schahram

265

Lessons Learned in Using Social Media for Disaster Relief -ASU Crisis Response Game  

E-Print Network (OSTI)

Lessons Learned in Using Social Media for Disaster Relief - ASU Crisis Response Game Mohammad disasters. In the light of these facts, the results from the ASU Crisis Response Game show that people do.Liu)@asu.edu,Augustoa@icmc.usp.br Abstract. In disasters such as the earthquake in Haiti and the tsunami in Japan, people used social media

Liu, Huan

266

A Disruption-Tolerant Architecture for Secure and Efficient Disaster Response Communications  

E-Print Network (OSTI)

A Disruption-Tolerant Architecture for Secure and Efficient Disaster Response Communications Kevin situational awareness when citizens in a disaster are willing to contribute their own devices, such as laptops. A situational awareness service processes all received data and creates annotated maps to visualize a disaster

Fall, Kevin R.

267

Multi-Agent Simulation of Disaster Response Daniel Massaguer, Vidhya Balasubramanian, Sharad Mehrotra, and Nalini Venkatasubramanian  

E-Print Network (OSTI)

Multi-Agent Simulation of Disaster Response Daniel Massaguer, Vidhya Balasubramanian, Sharad on the context of disaster response. The ar- chitecture of DrillSim is based on a multi-agent simulation. The simulation of the disaster response activity is achieved by modeling each person involved as an agent

Venkatasubramanian, Nalini

268

Situational Awareness Technologies for Disaster Naveen Ashish, Dmitri Kalashnikov, Sharad Mehrotra, Nalini  

E-Print Network (OSTI)

Situational Awareness Technologies for Disaster Response Naveen Ashish, Dmitri Kalashnikov, Sharad in the speed and accuracy at which information about the crisis flows through the disaster response networks of the disaster, crisis response may be a large-scale, multi-organizational operation involv- ing many layers

Kalashnikov, Dmitri V.

269

A security risk analysis model for information systems: Causal relationships of risk factors and vulnerability propagation analysis  

Science Conference Proceedings (OSTI)

With the increasing organizational dependence on information systems, information systems security has become a very critical issue in enterprise risk management. In information systems, security risks are caused by various interrelated internal and ... Keywords: Ant colony optimization, Bayesian networks, Information systems, Security risk, Vulnerability propagation

Nan Feng, Harry Jiannan Wang, Minqiang Li

2014-01-01T23:59:59.000Z

270

V-132: IBM Tivoli System Automation Application Manager Multiple  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: IBM Tivoli System Automation Application Manager Multiple 2: IBM Tivoli System Automation Application Manager Multiple Vulnerabilities V-132: IBM Tivoli System Automation Application Manager Multiple Vulnerabilities April 12, 2013 - 6:00am Addthis PROBLEM: IBM has acknowledged multiple vulnerabilities in IBM Tivoli System Automation Application Manager PLATFORM: The vulnerabilities are reported in IBM Tivoli System Automation Application Manager versions 3.1, 3.2, 3.2.1, and 3.2.2 ABSTRACT: Multiple security vulnerabilities exist in the IBM Java Runtime Environment component of IBM Tivoli System Automation Application Manager which may affect the product REFERENCE LINKS: Secunia Advisory: SA53006 IBM Security Bulletin 21633991 IBM Security Bulletin 21633992 CVE-2011-3563 CVE-2012-0497 CVE-2012-0498 CVE-2012-0499 CVE-2012-0501

271

V-132: IBM Tivoli System Automation Application Manager Multiple  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: IBM Tivoli System Automation Application Manager Multiple 2: IBM Tivoli System Automation Application Manager Multiple Vulnerabilities V-132: IBM Tivoli System Automation Application Manager Multiple Vulnerabilities April 12, 2013 - 6:00am Addthis PROBLEM: IBM has acknowledged multiple vulnerabilities in IBM Tivoli System Automation Application Manager PLATFORM: The vulnerabilities are reported in IBM Tivoli System Automation Application Manager versions 3.1, 3.2, 3.2.1, and 3.2.2 ABSTRACT: Multiple security vulnerabilities exist in the IBM Java Runtime Environment component of IBM Tivoli System Automation Application Manager which may affect the product REFERENCE LINKS: Secunia Advisory: SA53006 IBM Security Bulletin 21633991 IBM Security Bulletin 21633992 CVE-2011-3563 CVE-2012-0497 CVE-2012-0498 CVE-2012-0499 CVE-2012-0501

272

From Tragedy to Triumph - Rebuilding Green Buildings after Disaster, EERE  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

From Tragedy to Triumph - Rebuilding Green Buildings after From Tragedy to Triumph - Rebuilding Green Buildings after Disaster, EERE (Fact Sheet) From Tragedy to Triumph - Rebuilding Green Buildings after Disaster, EERE (Fact Sheet) Fact sheet offering practical information about building energy efficient buildings and using renewable energy. Includes a checklist and resources. Highlights successful projects in Greensburg, Kansas. 45139.pdf More Documents & Publications Rebuilding It Better: Greensburg, Kansas. USD 422 Greensburg K-12 School (Revised) (Brochure), Energy Efficiency & Renewable Energy (EERE) Rebuilding It Better: Greensburg, Kansas. USD 422 Greensburg K-12 School (Revised) (Brochure), Energy Efficiency & Renewable Energy (EERE) Greensburg, Kansas: A Better, Greener Place to Live (Revised) (Brochure)

273

V-087: Adobe Flash Player Two Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Adobe Flash Player Two Vulnerabilities 7: Adobe Flash Player Two Vulnerabilities V-087: Adobe Flash Player Two Vulnerabilities February 8, 2013 - 6:00am Addthis PROBLEM: Two vulnerabilities have been reported in Adobe Flash Player PLATFORM: Vulnerabilities are reported in the following versions: Adobe Flash Player versions 11.5.502.146 and earlier for Windows and Macintosh Adobe Flash Player versions 11.2.202.261 and earlier for Linux Adobe Flash Player versions 11.1.115.36 and earlier for Android 4.x Adobe Flash Player versions 11.1.111.31 and earlier for Android 3.x Adobe Flash Player versions 11.5.31.137 and earlier for Chrome users Adobe Flash Player versions 11.3.378.5 and earlier for Internet Explorer 10 users on Windows 8 ABSTRACT: Two vulnerabilities are reported as 0-day which can be exploited by

274

V-121: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Google Chrome Multiple Vulnerabilities 1: Google Chrome Multiple Vulnerabilities V-121: Google Chrome Multiple Vulnerabilities March 28, 2013 - 12:29am Addthis PROBLEM: Google Chrome Multiple Vulnerabilities PLATFORM: versions prior to 26.0.1410.43. ABSTRACT: Multiple vulnerabilities have been reported in Google Chrome REFERENCE LINKS: Secunia Advisory SA52761 CVE-2013-0916 CVE-2013-0917 CVE-2013-0918 CVE-2013-0919 CVE-2013-0920 CVE-2013-0921 CVE-2013-0922 CVE-2013-0923 CVE-2013-0924 CVE-2013-0925 CVE-2013-0926 IMPACT ASSESSMENT: High DISCUSSION: Multiple vulnerabilities have been reported in Google Chrome, where one has an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. IMPACT: 1) A use-after-free error exists in Web Audio.

275

V-105: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Google Chrome Multiple Vulnerabilities 5: Google Chrome Multiple Vulnerabilities V-105: Google Chrome Multiple Vulnerabilities March 6, 2013 - 12:09am Addthis PROBLEM: Google Chrome Multiple Vulnerabilities PLATFORM: Google Chrome prior to 25.0.1364.152. ABSTRACT: Multiple vulnerabilities have been reported in Google Chrome REFERENCE LINKS: Stable Channel Update Secunia Advisory SA52454 CVE-2013-0902 CVE-2013-0903 CVE-2013-0904 CVE-2013-0905 CVE-2013-0906 CVE-2013-0907 CVE-2013-0908 CVE-2013-0909 CVE-2013-0910 CVE-2013-0911 IMPACT ASSESSMENT: High DISCUSSION: Multiple vulnerabilities in Google Chrome may have an unknown impact and others can be exploited by malicious people to compromise a user's system. 1) A use-after-free error exists in frame loader. 2) A use-after-free error exists in browser navigation handling.

276

V-081: Wireshark Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Wireshark Multiple Vulnerabilities 1: Wireshark Multiple Vulnerabilities V-081: Wireshark Multiple Vulnerabilities January 31, 2013 - 12:21am Addthis PROBLEM: Wireshark Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 1.8.5 and 1.6.13. ABSTRACT: Multiple vulnerabilities have been reported in Wireshark REFERENCE LINKS: Wireshark 1.8.5 Release Notes Secunia Advisory SA51968 IMPACT ASSESSMENT: High DISCUSSION: 1) Errors in the Bluetooth HCI, CSN.1, DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols, MPLS, R3, RTPS, SDP, and SIP dissectors can be exploited to trigger infinite loops and consume CPU resources via specially crafted packets. 2) An error in the CLNP dissector when processing certain packets can be exploited to cause a crash via a specially crafted packet.

277

V-152: Cisco Unified Customer Voice Portal (CVP) Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Cisco Unified Customer Voice Portal (CVP) Multiple 2: Cisco Unified Customer Voice Portal (CVP) Multiple Vulnerabilities V-152: Cisco Unified Customer Voice Portal (CVP) Multiple Vulnerabilities May 9, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Cisco Unified Customer Voice Portal (CVP) PLATFORM: The vulnerabilities are reported in versions prior to 9.0.1 ES 11 ABSTRACT: Various components of Cisco Unified CVP are affected. These vulnerabilities can be exploited independently; however, more than one vulnerability could be exploited on the same device. REFERENCE LINKS: Secunia Advisory SA53306 Cisco Advisory ID cisco-sa-20130508-cvp Cisco Applied Mitigation Bulletin CVE-2013-1220 CVE-2013-1221 CVE-2013-1222 CVE-2013-1223 CVE-2013-1224 CVE-2013-1225 IMPACT ASSESSMENT: Medium DISCUSSION:

278

V-097: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Google Chrome Multiple Vulnerabilities 7: Google Chrome Multiple Vulnerabilities V-097: Google Chrome Multiple Vulnerabilities February 22, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Google Chrome PLATFORM: The vulnerabilities are reported in versions prior to Google Chrome 24.x ABSTRACT: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52320 Chrome Stable Channel Update CVE-2013-0879 CVE-2013-0880 CVE-2013-0881 CVE-2013-0882 CVE-2013-0883 CVE-2013-0884 CVE-2013-0885 CVE-2013-0886 CVE-2013-0887 CVE-2013-0888 CVE-2013-0889 CVE-2013-0890 CVE-2013-0891 CVE-2013-0892 CVE-2013-0893

279

V-081: Wireshark Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Wireshark Multiple Vulnerabilities 1: Wireshark Multiple Vulnerabilities V-081: Wireshark Multiple Vulnerabilities January 31, 2013 - 12:21am Addthis PROBLEM: Wireshark Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 1.8.5 and 1.6.13. ABSTRACT: Multiple vulnerabilities have been reported in Wireshark REFERENCE LINKS: Wireshark 1.8.5 Release Notes Secunia Advisory SA51968 IMPACT ASSESSMENT: High DISCUSSION: 1) Errors in the Bluetooth HCI, CSN.1, DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols, MPLS, R3, RTPS, SDP, and SIP dissectors can be exploited to trigger infinite loops and consume CPU resources via specially crafted packets. 2) An error in the CLNP dissector when processing certain packets can be exploited to cause a crash via a specially crafted packet.

280

U-179: IBM Java 7 Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: IBM Java 7 Multiple Vulnerabilities 9: IBM Java 7 Multiple Vulnerabilities U-179: IBM Java 7 Multiple Vulnerabilities May 30, 2012 - 7:00am Addthis PROBLEM: IBM has acknowledged multiple vulnerabilities in IBM Java PLATFORM: IBM Java 7.x ABSTRACT: Vulnerabilities can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. Reference Links: Secunia Advisory 49333 CVE-2011-3389 Vendor Advisory IMPACT ASSESSMENT: High Discussion: IBM released a patch to address vulerabilities in IBM Java 7. IBM 7 SR1 is available for download. Impact: Hijacking Manipulation of data Exposure of sensitive information

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


281

V-178: IBM Data Studio Web Console Java Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: IBM Data Studio Web Console Java Multiple Vulnerabilities 8: IBM Data Studio Web Console Java Multiple Vulnerabilities V-178: IBM Data Studio Web Console Java Multiple Vulnerabilities June 14, 2013 - 6:00am Addthis PROBLEM: IBM has acknowledged a weakness and two vulnerabilities in IBM Data Studio PLATFORM: IBM Data Studio 3.x ABSTRACT: IBM Data Studio Web Console uses the IBM Java Runtime Environment (JRE) and might be affected by vulnerabilities in the IBM JRE REFERENCE LINKS: Secunia Advisory SA53778 IBM Flash Alert 1640533 CVE-2013-0169 CVE-2013-0440 CVE-2013-0443 IMPACT ASSESSMENT: High DISCUSSION: An unspecified vulnerability within the JSSE component could allow: 1) A remote attacker to cause a denial of service 2) To statistically observe the time necessary to generate/receive error messages and deduce the plaintext after a relatively small number of

282

V-074: IBM Informix Genero libpng Integer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: IBM Informix Genero libpng Integer Overflow Vulnerability 4: IBM Informix Genero libpng Integer Overflow Vulnerability V-074: IBM Informix Genero libpng Integer Overflow Vulnerability January 22, 2013 - 12:11am Addthis PROBLEM: IBM Informix Genero libpng Integer Overflow Vulnerability PLATFORM: IBM Informix Genero releases prior to 2.41 - all platforms ABSTRACT: A vulnerability has been reported in libpng. REFERENCE LINKS: IBM Security Bulletin: 1620982 Secunia Advisory SA51905 Secunia Advisory SA48026 CVE-2011-3026 IMPACT ASSESSMENT: Medium DISCUSSION: The libpng library used by IBM Informix Genero contains an integer overflow vulnerability. If you use IBM Informix Genero to handle PNG (Portable Network Graphics) image files and an attacker causes your IBM Informix Genero program to open or display a malicious PNG file, your IBM Informix

283

V-092: Pidgin Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Pidgin Multiple Vulnerabilities 2: Pidgin Multiple Vulnerabilities V-092: Pidgin Multiple Vulnerabilities February 15, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Pidgin PLATFORM: Vulnerabilities are reported in version 2.10.6. Prior versions may also be affected. ABSTRACT: Multiple vulnerabilities have been reported in Pidgin, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52178 Pidgin CVE-2013-0271 CVE-2013-0272 CVE-2013-0273 CVE-2013-0274 IMPACT ASSESSMENT: High DISCUSSION: 1) An error within the MXit protocol plugin when saving images can be exploited to overwrite certain files. 2) A boundary error within the "mxit_cb_http_read()" function

284

V-001: Mozilla Security vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Mozilla Security vulnerabilities 1: Mozilla Security vulnerabilities V-001: Mozilla Security vulnerabilities October 12, 2012 - 6:00am Addthis PROBLEM: Mozilla Security vulnerabilities PLATFORM: Vulnerabilities are reported in Firefox and Thunderbird versions prior to 16.0.1 and SeaMonkey versions prior to 2.13.1. ABSTRACT: Mozilla Firefox / Thunderbird / SeaMonkey Multiple Vulnerabilities REFERENCE LINKS: Secunia Advisory SA50932 Mozilla Security Blog Mozilla Foundation Security Advisory 2012-88 Mozilla Foundation Security Advisory 2012-89 SecurityTracker Alert ID: 1027653 SecurityTracker Alert ID: 1027652 SecurityTracker Alert ID: 1027651 CVE-2012-4190 CVE-2012-4191 CVE-2012-4192 CVE-2012-4193 IMPACT ASSESSMENT: High DISCUSSION: 1) The protected "location" object is accessible by other domain objects,

285

V-116: Google Picasa BMP and TIFF Images Processing Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Google Picasa BMP and TIFF Images Processing Vulnerabilities 6: Google Picasa BMP and TIFF Images Processing Vulnerabilities V-116: Google Picasa BMP and TIFF Images Processing Vulnerabilities March 21, 2013 - 6:00am Addthis PROBLEM: Two vulnerabilities have been discovered in Google Picasa PLATFORM: Google Picasa Version 3.9.0 build 136.09 for Windows/3.9.14.34 for Mac ABSTRACT: Two vulnerabilities have been discovered in Google Picasa, which can be exploited by malicious people to compromise a user's system. REFERENCE LINKS: Secunia Advisory SA51652 Picasa Release Notes IMPACT ASSESSMENT: High DISCUSSION: 1) A sign extension error when processing the color table of a BMP image can be exploited to cause a heap-based buffer overflow via a BMP image with a specially crafted "biBitCount" field. 2) The application bundles a vulnerable version of LibTIFF.

286

T-550: Apache Denial of Service Vulnerability | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

550: Apache Denial of Service Vulnerability 550: Apache Denial of Service Vulnerability T-550: Apache Denial of Service Vulnerability February 4, 2011 - 3:03am Addthis PROBLEM: Apache 'APR-util' is prone to a vulnerability that may allow attackers to cause a denial-of-service condition. PLATFORM: Versions prior to 'APR-util' 1.3.10 are vulnerable. ABSTRACT: Apache 'APR-util' is prone to a vulnerability that may allow attackers to cause a denial-of-service condition. Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, may allow remote users to cause a Denial of Service (DoS - memory consumption). reference LINKS: Securityfocus

287

V-090: Adobe Flash Player / AIR Multiple Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Adobe Flash Player / AIR Multiple Vulnerabilities 0: Adobe Flash Player / AIR Multiple Vulnerabilities V-090: Adobe Flash Player / AIR Multiple Vulnerabilities February 13, 2013 - 12:14am Addthis PROBLEM: Adobe Flash Player / AIR Multiple Vulnerabilities PLATFORM: Adobe Flash Player versions 11.5.502.149 and prior for Windows and Macintosh Adobe Flash Player versions 11.2.202.262 and prior for Linux Adobe Flash Player versions 11.1.115.37 and prior for Android 4.x Adobe Flash Player versions 11.1.111.32 and prior for Android 3.x and 2.x Adobe AIR versions 3.5.0.1060 and prior Adobe AIR versions 3.5.0.1060 SDK and prior ABSTRACT: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR. REFERENCE LINKS: Vulnerability identifier: APSB13-05 Secunia Advisory SA52166 CVE-2013-0637 CVE-2013-0638 CVE-2013-0639

288

V-059: MoinMoin Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: MoinMoin Multiple Vulnerabilities 9: MoinMoin Multiple Vulnerabilities V-059: MoinMoin Multiple Vulnerabilities January 1, 2013 - 5:57am Addthis PROBLEM: MoinMoin Multiple Vulnerabilities PLATFORM: Version(s): MoinMoin 1.x ABSTRACT: Multiple vulnerabilities have been reported in MoinMoin, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system and by malicious people to manipulate certain data. REFERENCE LINKS: Secunia Advisory SA51663 CVE-2012-6080 CVE-2012-6081 CVE-2012-6082 IMPACT ASSESSMENT: High DISCUSSION: 1) Certain input when handling the AttachFile action is not properly verified before being used to write files. This can be exploited to overwrite arbitrary files via directory traversal sequences. 2) The application allows the upload of files with arbitrary extensions to

289

U-122 Google Chrome Two Code Execution Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2 Google Chrome Two Code Execution Vulnerabilities 2 Google Chrome Two Code Execution Vulnerabilities U-122 Google Chrome Two Code Execution Vulnerabilities March 12, 2012 - 7:00am Addthis PROBLEM: Google Chrome Two Code Execution Vulnerabilities PLATFORM: Google Chrome 17.x ABSTRACT: Two vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system. reference LINKS: Secunia Advisory SA48321 SecurityTracker Alert ID: 1026776 CVE-2011-3046 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create specially crafted HTML that, when loaded by the target user, will trigger an unspecified flaw and execute arbitrary code (outside of the

290

V-087: Adobe Flash Player Two Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Adobe Flash Player Two Vulnerabilities 7: Adobe Flash Player Two Vulnerabilities V-087: Adobe Flash Player Two Vulnerabilities February 8, 2013 - 6:00am Addthis PROBLEM: Two vulnerabilities have been reported in Adobe Flash Player PLATFORM: Vulnerabilities are reported in the following versions: Adobe Flash Player versions 11.5.502.146 and earlier for Windows and Macintosh Adobe Flash Player versions 11.2.202.261 and earlier for Linux Adobe Flash Player versions 11.1.115.36 and earlier for Android 4.x Adobe Flash Player versions 11.1.111.31 and earlier for Android 3.x Adobe Flash Player versions 11.5.31.137 and earlier for Chrome users Adobe Flash Player versions 11.3.378.5 and earlier for Internet Explorer 10 users on Windows 8 ABSTRACT: Two vulnerabilities are reported as 0-day which can be exploited by

291

V-096: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities 6: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities V-096: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities February 21, 2013 - 6:00am Addthis PROBLEM: A weakness and multiple vulnerabilities have been reported in Mozilla Thunderbird and SeaMonkey PLATFORM: The vulnerabilities are reported in Thunderbird versions prior to 17.0.3 and SeaMonkey versions prior to 2.16. ABSTRACT: A weakness and multiple vulnerabilities have been reported in Mozilla Thunderbird and SeaMonkey, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing attacks, bypass certain security restrictions, and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52280 Mozilla Security Advisory 2013-21 CVE-2013-0765 CVE-2013-0772

292

U-251: Bugzilla LDAP Injection and Information Disclosure Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Bugzilla LDAP Injection and Information Disclosure 1: Bugzilla LDAP Injection and Information Disclosure Vulnerabilities U-251: Bugzilla LDAP Injection and Information Disclosure Vulnerabilities September 5, 2012 - 6:00am Addthis PROBLEM: Bugzilla LDAP Injection and Information Disclosure Vulnerabilities PLATFORM: Bugzilla 2.x Bugzilla 3.x Bugzilla 4.x ABSTRACT: Bugzilla is prone to an LDAP-injection vulnerability and an information-disclosure vulnerability reference LINKS: Bugzilla Homepage Bugzilla Security Advisory Bugtraq ID: 55349 Secunia Advisory SA50433 CVE-2012-3981 CVE-2012-4747 IMPACT ASSESSMENT: Medium Discussion: A vulnerability and a security issue have been reported, which can be exploited by malicious people to disclose potentially sensitive information and manipulate certain data. 1) Input passed via the username is not properly escaped before being used

293

V-062: Asterisk Two Denial of Service Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Asterisk Two Denial of Service Vulnerabilities 2: Asterisk Two Denial of Service Vulnerabilities V-062: Asterisk Two Denial of Service Vulnerabilities January 4, 2013 - 6:00am Addthis PROBLEM: Asterisk Two Denial of Service Vulnerabilities PLATFORM: The vulnerabilities are reported in versions 1.8.x, 10.x, and 11.x. ABSTRACT: Two vulnerabilities have been reported in Asterisk, which can be exploited by malicious users and malicious people to cause a DoS (Denial of Service). REFERENCE LINKS: Secunia Advisory SA51689 Asterisk Project Security Advisories CVE-2012-5976 CVE-2012-5977 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can send specially crafted data to consume excessive resources on the target system. Systems configured to allow anonymous calls are affected. A remote authenticated user can also exploit this via

294

T-578: Vulnerability in MHTML Could Allow Information Disclosure |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Vulnerability in MHTML Could Allow Information Disclosure 8: Vulnerability in MHTML Could Allow Information Disclosure T-578: Vulnerability in MHTML Could Allow Information Disclosure March 15, 2011 - 3:05pm Addthis PROBLEM: Microsoft Windows is prone to a vulnerability that may allow attackers to inject arbitrary script code into the current browser session. PLATFORM: Windows 2003 SP2, Vista SP2, 2008 SP2, XP SP3, 7; and prior service packs ABSTRACT: A vulnerability was reported in Microsoft MHTML. A remote user can conduct cross-site scripting attacks. reference LINKS: Microsoft Security Advisory (2501696) CVE-2011-0096 SecurityTracker Alert ID: 1025003 Bugtraq ID: 46055 IMPACT ASSESSMENT: Moderate Discussion: The vulnerability exists due to the way MHTML interprets MIME-formatted requests for content blocks within a document. It is possible under certain

295

U-066: Mozilla Firefox / Thunderbird Multiple Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Mozilla Firefox / Thunderbird Multiple Vulnerabilities 6: Mozilla Firefox / Thunderbird Multiple Vulnerabilities U-066: Mozilla Firefox / Thunderbird Multiple Vulnerabilities December 22, 2011 - 6:30am Addthis PROBLEM: Mozilla Firefox / Thunderbird Multiple Vulnerabilities . PLATFORM: Mozilla Firefox 8.x and Mozilla Thunderbird 8.x ABSTRACT: Multiple vulnerabilities have been reported in Mozilla Firefox and Thunderbird. reference LINKS: Advisory 2011-53 Advisory 2011-54 Advisory 2011-55 Advisory 2011-56 Advisory 2011-57 Advisory 2011-58 Secunia Advisory: SA47302 IMPACT ASSESSMENT: High Discussion: Vulnerabilities have been reported in Mozilla Firefox and Thunderbird, where one has an unknown impact and others can be exploited by malicious people to disclose sensitive information and compromise a user's system. 1) Some unspecified errors can be exploited to corrupt memory. No further

296

V-126: Mozilla Firefox Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Mozilla Firefox Multiple Vulnerabilities 6: Mozilla Firefox Multiple Vulnerabilities V-126: Mozilla Firefox Multiple Vulnerabilities April 4, 2013 - 6:00am Addthis PROBLEM: Mozilla Firefox Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 20.0 ABSTRACT: Multiple vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct spoofing and cross-site scripting attacks and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52770 Secunia Advisory SA52293 Mozilla Security Announcement mfsa2013-30 Mozilla Security Announcement mfsa2013-31 Mozilla Security Announcement mfsa2013-32 Mozilla Security Announcement mfsa2013-34 Mozilla Security Announcement mfsa2013-35

297

U-104: Adobe Flash Player Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Adobe Flash Player Multiple Vulnerabilities 4: Adobe Flash Player Multiple Vulnerabilities U-104: Adobe Flash Player Multiple Vulnerabilities February 16, 2012 - 6:30am Addthis PROBLEM: Adobe Flash Player Multiple Vulnerabilities PLATFORM: Adobe Flash Player versions 11.1.102.55 and prior for Windows, Macintosh, Linux, and Solaris Adobe Flash Player versions 11.1.112.61 and prior for Android 4.x Adobe Flash Player versions 11.1.111.5 and prior for Android 3.x and prior ABSTRACT: Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system. reference LINKS: Adobe Security Bulletin Secunia Advisory 48033 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in Adobe Flash Player, which

298

U-246: Tigase XMPP Dialback Protection Bypass Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Tigase XMPP Dialback Protection Bypass Vulnerability 6: Tigase XMPP Dialback Protection Bypass Vulnerability U-246: Tigase XMPP Dialback Protection Bypass Vulnerability August 28, 2012 - 7:00am Addthis PROBLEM: Tigase XMPP Dialback Protection Bypass Vulnerability PLATFORM: Tigase 5.x ABSTRACT: A vulnerability has been reported in Tigase, which can be exploited by malicious people to bypass certain security restrictions. reference LINKS: XMPP Standards Foundation Secunia Advisory SA50362 tigase.org CVE-2012-4670 IMPACT ASSESSMENT: Medium Discussion: The vulnerability is caused due to an error within the XMPP protocol implementation, which does not properly verify the "Verify Response" and "Authorization Response" messages. This can be exploited to spoof a domain and bypass the Dialback protection.

299

V-224: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Google Chrome Multiple Vulnerabilities 4: Google Chrome Multiple Vulnerabilities V-224: Google Chrome Multiple Vulnerabilities August 22, 2013 - 1:05am Addthis PROBLEM: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to compromise a user's system. PLATFORM: Google Chrome 28.x ABSTRACT: The vulnerabilities are reported in versions prior to 29.0.1547.57 REFERENCE LINKS: Secunia Advisory ID: 1028921 CVE-2013-2887 CVE-2013-2900 CVE-2013-2901 CVE-2013-2902 CVE-2013-2903 CVE-2013-2904 CVE-2013-2905 IMPACT ASSESSMENT: High DISCUSSION: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious, local users to disclose

300

V-096: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities 6: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities V-096: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities February 21, 2013 - 6:00am Addthis PROBLEM: A weakness and multiple vulnerabilities have been reported in Mozilla Thunderbird and SeaMonkey PLATFORM: The vulnerabilities are reported in Thunderbird versions prior to 17.0.3 and SeaMonkey versions prior to 2.16. ABSTRACT: A weakness and multiple vulnerabilities have been reported in Mozilla Thunderbird and SeaMonkey, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing attacks, bypass certain security restrictions, and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52280 Mozilla Security Advisory 2013-21 CVE-2013-0765 CVE-2013-0772

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


301

T-730: Vulnerability in Citrix Provisioning Services could result in  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

730: Vulnerability in Citrix Provisioning Services could result 730: Vulnerability in Citrix Provisioning Services could result in Arbitrary Code Execution T-730: Vulnerability in Citrix Provisioning Services could result in Arbitrary Code Execution September 29, 2011 - 8:30am Addthis PROBLEM: Vulnerability in Citrix Provisioning Services could result in Arbitrary Code Execution. PLATFORM: This vulnerability is present in all supported versions of Citrix Provisioning Services up to and including version 5.6 Service Pack 1. ABSTRACT: Citrix Provisioning Services is prone to a remote code-execution vulnerability. Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the application. reference LINKS: Citrix Document ID: CTX130846 Security Focus: Bugtraq ID 49803 IMPACT ASSESSMENT:

302

V-208: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Google Chrome Multiple Vulnerabilities 8: Google Chrome Multiple Vulnerabilities V-208: Google Chrome Multiple Vulnerabilities August 1, 2013 - 2:32am Addthis PROBLEM: Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.95 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. PLATFORM: Google Chrome 28.x ABSTRACT: Some vulnerabilities have been reported in Google Chrome which allows attackers to access and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA54325 CVE-2013-2881 CVE-2013-2882 CVE-2013-2883 CVE-2013-2884 CVE-2013-2885 CVE-2013-2886 IMPACT ASSESSMENT: High DISCUSSION: Several vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to

303

T-542: SAP Crystal Reports Server Multiple Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: SAP Crystal Reports Server Multiple Vulnerabilities 2: SAP Crystal Reports Server Multiple Vulnerabilities T-542: SAP Crystal Reports Server Multiple Vulnerabilities January 25, 2011 - 2:30pm Addthis PROBLEM: SAP Crystal Reports Server Multiple Vulnerabilities. PLATFORM: Crystal Reports Server 2008 ABSTRACT: Multiple vulnerabilities in SAP Crystal Reports Server 2008, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks, manipulate certain data, and compromise a user's system. reference LINKS: Secunia Advisory SA43060 Vulnerability Report: Crystal Reports Server 2008 IMPACT ASSESSMENT: High Discussion: 1) Input passed to the "actId" parameter in InfoViewApp/jsp/common/actionNav.jsp, "backUrl" parameter in

304

U-249: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

49: Google Chrome Multiple Vulnerabilities 49: Google Chrome Multiple Vulnerabilities U-249: Google Chrome Multiple Vulnerabilities August 31, 2012 - 6:00am Addthis PROBLEM: Google Chrome Multiple Vulnerabilities PLATFORM: Google Chrome 21.x ABSTRACT: Multiple vulnerabilities have been reported in Google Chrome. reference LINKS: Secunia Advisory SA50447 Stable Channel Update CVE-2012-2865 CVE-2012-2866 CVE-2012-2867 CVE-2012-2868 CVE-2012-2869 CVE-2012-2870 CVE-2012-2871 CVE-2012-2872 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system. 1) An out-of-bounds read error exists when handling line breaks. 2) A bad cast error exists within run-ins.

305

V-092: Pidgin Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Pidgin Multiple Vulnerabilities 2: Pidgin Multiple Vulnerabilities V-092: Pidgin Multiple Vulnerabilities February 15, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Pidgin PLATFORM: Vulnerabilities are reported in version 2.10.6. Prior versions may also be affected. ABSTRACT: Multiple vulnerabilities have been reported in Pidgin, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52178 Pidgin CVE-2013-0271 CVE-2013-0272 CVE-2013-0273 CVE-2013-0274 IMPACT ASSESSMENT: High DISCUSSION: 1) An error within the MXit protocol plugin when saving images can be exploited to overwrite certain files. 2) A boundary error within the "mxit_cb_http_read()" function

306

V-106: Citrix Access Gateway Unspecified Security Bypass Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Citrix Access Gateway Unspecified Security Bypass 6: Citrix Access Gateway Unspecified Security Bypass Vulnerability V-106: Citrix Access Gateway Unspecified Security Bypass Vulnerability March 7, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in Citrix Access Gateway PLATFORM: Standard Edition 5.0.x prior to 5.0.4.223524. Versions 4.5.x and 4.6.x are not affected by this vulnerability ABSTRACT: A vulnerability has been reported in Citrix Access Gateway, which can be exploited by malicious people to bypass certain security restrictions. REFERENCE LINKS: Secunia Advisory SA52479 Security Tracker Alert ID 1028255 com/id/1028255 CVE-2013-2263 Citrix Knowledge Center IMPACT ASSESSMENT: High DISCUSSION: The vulnerability could allow an unauthenticated user to gain access to network resources. IMPACT:

307

V-214: Mozilla Firefox Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Mozilla Firefox Multiple Vulnerabilities 4: Mozilla Firefox Multiple Vulnerabilities V-214: Mozilla Firefox Multiple Vulnerabilities August 8, 2013 - 2:16am Addthis PROBLEM: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. PLATFORM: Mozilla Firefox 22.x ABSTRACT: The vulnerabilities are reported in versions prior to 23.0. REFERENCE LINKS: Secunia Advisory SA54418 CVE-2013-1701 CVE-2013-1702 CVE-2013-1704 CVE-2013-1705 CVE-2013-1706 CVE-2013-1707 CVE-2013-1709 CVE-2013-1710 CVE-2013-1711 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717 IMPACT ASSESSMENT: High DISCUSSION: Multiple vulnerabilities have been reported in Mozilla Firefox, which can

308

T-542: SAP Crystal Reports Server Multiple Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: SAP Crystal Reports Server Multiple Vulnerabilities 2: SAP Crystal Reports Server Multiple Vulnerabilities T-542: SAP Crystal Reports Server Multiple Vulnerabilities January 25, 2011 - 2:30pm Addthis PROBLEM: SAP Crystal Reports Server Multiple Vulnerabilities. PLATFORM: Crystal Reports Server 2008 ABSTRACT: Multiple vulnerabilities in SAP Crystal Reports Server 2008, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks, manipulate certain data, and compromise a user's system. reference LINKS: Secunia Advisory SA43060 Vulnerability Report: Crystal Reports Server 2008 IMPACT ASSESSMENT: High Discussion: 1) Input passed to the "actId" parameter in InfoViewApp/jsp/common/actionNav.jsp, "backUrl" parameter in

309

U-179: IBM Java 7 Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: IBM Java 7 Multiple Vulnerabilities 9: IBM Java 7 Multiple Vulnerabilities U-179: IBM Java 7 Multiple Vulnerabilities May 30, 2012 - 7:00am Addthis PROBLEM: IBM has acknowledged multiple vulnerabilities in IBM Java PLATFORM: IBM Java 7.x ABSTRACT: Vulnerabilities can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. Reference Links: Secunia Advisory 49333 CVE-2011-3389 Vendor Advisory IMPACT ASSESSMENT: High Discussion: IBM released a patch to address vulerabilities in IBM Java 7. IBM 7 SR1 is available for download. Impact: Hijacking Manipulation of data Exposure of sensitive information

310

V-059: MoinMoin Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: MoinMoin Multiple Vulnerabilities 9: MoinMoin Multiple Vulnerabilities V-059: MoinMoin Multiple Vulnerabilities January 1, 2013 - 5:57am Addthis PROBLEM: MoinMoin Multiple Vulnerabilities PLATFORM: Version(s): MoinMoin 1.x ABSTRACT: Multiple vulnerabilities have been reported in MoinMoin, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system and by malicious people to manipulate certain data. REFERENCE LINKS: Secunia Advisory SA51663 CVE-2012-6080 CVE-2012-6081 CVE-2012-6082 IMPACT ASSESSMENT: High DISCUSSION: 1) Certain input when handling the AttachFile action is not properly verified before being used to write files. This can be exploited to overwrite arbitrary files via directory traversal sequences. 2) The application allows the upload of files with arbitrary extensions to

311

V-123: VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability 3: VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability V-123: VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability April 1, 2013 - 1:26am Addthis PROBLEM: VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability PLATFORM: VMware ESX Server 4.x VMware ESXi 4.x VMware ESXi 5.x ABSTRACT: A vulnerability has been reported in VMware ESX and ESXi REFERENCE LINKS: VMware ESXi security update Secunia Advisory SA52844 CVE-2012-5134 IMPACT ASSESSMENT: High DISCUSSION: The ESXi userworld libxml2 library has been updated to resolve a security issue IMPACT: VMware ESX and ESXi can be exploited by malicious people to compromise a vulnerable system SOLUTION: The vendor has issued a fix, VMware ESXi 5.0, Patch Release ESXi500-201303001 (2044373) Addthis Related Articles U-128: VMware ESX/ESXi Buffer Overflow and Null Pointer Dereference Lets

312

Assessing Vulnerabilities, Risks, and Consequences of Damage to Critical Infrastructure  

SciTech Connect

Since the publication of 'Critical Foundations: Protecting America's Infrastructure,' there has been a keen understanding of the complexity, interdependencies, and shared responsibility required to protect the nation's most critical assets that are essential to our way of life. The original 5 sectors defined in 1997 have grown to 18 Critical Infrastructures and Key Resources (CIKR), which are discussed in the 2009 National Infrastructure Protection Plan (NIPP) and its supporting sector-specific plans. The NIPP provides the structure for a national program dedicated to enhanced protection and resiliency of the nation's infrastructure. Lawrence Livermore National Laboratory (LLNL) provides in-depth, multi-disciplinary assessments of threat, vulnerability, and consequence across all 18 sectors at scales ranging from specific facilities to infrastructures spanning multi-state regions, such as the Oil and Natural Gas (ONG) sector. Like many of the CIKR sectors, the ONG sector is comprised of production, processing, distribution, and storage of highly valuable and potentially dangerous commodities. Furthermore, there are significant interdependencies with other sectors, including transportation, communication, finance, and government. Understanding the potentially devastating consequences and collateral damage resulting from a terrorist attack or natural event is an important element of LLNL's infrastructure security programs. Our work began in the energy sector in the late 1990s and quickly expanded other critical infrastructure sectors. We have performed over 600 physical assessments with a particular emphasis on those sectors that utilize, store, or ship potentially hazardous materials and for whom cyber security is important. The success of our approach is based on building awareness of vulnerabilities and risks and working directly with industry partners to collectively advance infrastructure protection. This approach consists of three phases: The Pre-Assessment Phase brings together infrastructure owners and operators to identify critical assets and help the team create a structured information request. During this phase, we gain information about the critical assets from those who are most familiar with operations and interdependencies, making the time we spend on the ground conducting the assessment much more productive and enabling the team to make actionable recommendations. The Assessment Phase analyzes 10 areas: Threat environment, cyber architecture, cyber penetration, physical security, physical penetration, operations security, policies and procedures, interdependencies, consequence analysis, and risk characterization. Each of these individual tasks uses direct and indirect data collection, site inspections, and structured and facilitated workshops to gather data. Because of the importance of understanding the cyber threat, LLNL has built both fixed and mobile cyber penetration, wireless penetration and supporting tools that can be tailored to fit customer needs. The Post-Assessment Phase brings vulnerability and risk assessments to the customer in a format that facilitates implementation of mitigation options. Often the assessment findings and recommendations are briefed and discussed with several levels of management and, if appropriate, across jurisdictional boundaries. The end result is enhanced awareness and informed protective measures. Over the last 15 years, we have continued to refine our methodology and capture lessons learned and best practices. The resulting risk and decision framework thus takes into consideration real-world constraints, including regulatory, operational, and economic realities. In addition to 'on the ground' assessments focused on mitigating vulnerabilities, we have integrated our computational and atmospheric dispersion capability with easy-to-use geo-referenced visualization tools to support emergency planning and response operations. LLNL is home to the National Atmospheric Release Advisory Center (NARAC) and the Interagency Modeling and Atmospheric Assessment Center (IMAAC). NA

Suski, N; Wuest, C

2011-02-04T23:59:59.000Z

313

Mapping Climate Change Vulnerability and Impact Scenarios - A...  

Open Energy Info (EERE)

Mapping Climate Change Vulnerability and Impact Scenarios - A Guidebook for Sub-national Planners Jump to: navigation, search Tool Summary Name: Mapping Climate Change...

314

Locating Climate Insecurity: Where Are the Most Vulnerable Places...  

Open Energy Info (EERE)

Twitter icon Locating Climate Insecurity: Where Are the Most Vulnerable Places in Africa? Jump to: navigation, search Name Locating Climate Insecurity: Where Are the Most...

315

The (In)Security of Drug Testing - Vulnerability Assessment Team...  

NLE Websites -- All DOE Office Websites (Extended Search)

Selected Papers > The (In)Security of Drug Testing VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security...

316

Vulnerability Analysis of Energy Delivery Control Systems  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0-18381 0-18381 Vulnerability Analysis of Energy Delivery Control Systems September 2011 Idaho National Laboratory Idaho Falls, Idaho 83415 http://www.inl.gov Prepared for the U.S. Department of Energy Office of Electricity Delivery and Energy Reliability Under DOE Idaho Operations Office Contract DE-AC07-05ID14517 The INL is a U.S. Department of Energy National Laboratory operated by Battelle Energy Alliance DISCLAIMER This information was prepared as an account of work sponsored by an agency of the U.S. Government. Neither the U.S. Government nor any agency thereof, nor any of their employees, makes any warranty, expressed or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness, of any information, apparatus, product, or

317

Student, Faculty, & StaFF Support active directory: Centralized directory service used to manage  

E-Print Network (OSTI)

Management System (uMcontent): Web content management system, which supports the design and maintenance): Relational database management system that offers data compression and disaster recovery functions data and accounts management eresearch: Electronic research database systems with web-based forms and tools

Amin, S. Massoud

318

An intelligent simulation system for earthquake disaster assessment  

Science Conference Proceedings (OSTI)

This paper presents an intelligent simulation system for an earthquake disaster assessment system based on a development platform of a Geographic Information System (GIS) and Artificial Intelligence (AI). This system is designed to identify the weakness ... Keywords: Artificial Intelligence, Earthquake risk analysis, Geographic Information System, Seismic emergency response, Seismic hazard

Aiping Tang; Aihua Wen

2009-05-01T23:59:59.000Z

319

Water is Vital--Especially after a Disaster  

E-Print Network (OSTI)

Dehydration can be a serious threat after a disaster, when supplies of clean drinking water may be limited. Learn how you can find and use hidden sources of water in your home and purify water to make it safe for drinking.

Crocker, Andrew

2005-10-10T23:59:59.000Z

320

Current Projects: Rapid Sampling Tools - Vulnerability Assessment...  

NLE Websites -- All DOE Office Websites (Extended Search)

Applications include counter-terrorism, emergency response teams, drug and environmental raids, and waste management. For more information visit Rapid Sampling from Sealed...

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


321

V-122: IBM Tivoli Application Dependency Discovery Manager Java Multiple  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: IBM Tivoli Application Dependency Discovery Manager Java 2: IBM Tivoli Application Dependency Discovery Manager Java Multiple Vulnerabilities V-122: IBM Tivoli Application Dependency Discovery Manager Java Multiple Vulnerabilities March 29, 2013 - 6:00am Addthis PROBLEM: IBM has acknowledged multiple vulnerabilities in IBM Tivoli Application Dependency Discovery Manager PLATFORM: The vulnerabilities are reported in version 7.2.0.0 through 7.2.1.3 ABSTRACT: Multiple security vulnerabilities exist in the Java Runtime Environments (JREs) that can affect the security of IBM Tivoli Application Dependency Discovery Manager. REFERENCE LINKS: Secunia Advisory SA52829 IBM Security Bulletin 1631786 CVE-2012-1531 CVE-2012-3143 CVE-2012-3216 CVE-2012-4820 CVE-2012-4822 CVE-2012-5069 CVE-2012-5071 CVE-2012-5073 CVE-2012-5075 CVE-2012-5079

322

V-122: IBM Tivoli Application Dependency Discovery Manager Java Multiple  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: IBM Tivoli Application Dependency Discovery Manager Java 2: IBM Tivoli Application Dependency Discovery Manager Java Multiple Vulnerabilities V-122: IBM Tivoli Application Dependency Discovery Manager Java Multiple Vulnerabilities March 29, 2013 - 6:00am Addthis PROBLEM: IBM has acknowledged multiple vulnerabilities in IBM Tivoli Application Dependency Discovery Manager PLATFORM: The vulnerabilities are reported in version 7.2.0.0 through 7.2.1.3 ABSTRACT: Multiple security vulnerabilities exist in the Java Runtime Environments (JREs) that can affect the security of IBM Tivoli Application Dependency Discovery Manager. REFERENCE LINKS: Secunia Advisory SA52829 IBM Security Bulletin 1631786 CVE-2012-1531 CVE-2012-3143 CVE-2012-3216 CVE-2012-4820 CVE-2012-4822 CVE-2012-5069 CVE-2012-5071 CVE-2012-5073 CVE-2012-5075 CVE-2012-5079

323

Management  

E-Print Network (OSTI)

Research has indicated that, depending upon driver and passenger characteristics, passengers can have either a positive or negative influence upon driver behaviour. In conclusion to a recent study investigating the roles that passengers can play to influence, positively and negatively, driver behaviour, Regan and Mitsopoulos (2001) recommended, among other things, that the principles of Crew Resource Management (CRM) training may increase passengers ’ ability to positively influence driver behaviour and also drivers ’ ability to accept constructive feedback. The present study investigated the potential application of CRM training within young driver training in the Australian Capital Territory (ACT). This involved a literature review, an analysis of the differences between the driving and aviation domains, an analysis of the team-based activities and the knowledge, skills and attitudes required during driving to perform those activities, consultation with CRM experts from the aviation and medicine domains and the conduct of six focus groups involving young learner drivers, provisional licence drivers and course teachers. The findings indicate that CRM training as part of young driver training in the ACT is a viable concept to pursue. The application of CRM training within young driver training has potential to significantly enhance the positive and reduce the negative effects of passengers on young driver behaviour, and thus the safety of young drivers and passengers alike. The outcomes of this study formed the basis for a set of recommendations for the development of a young driver CRM training program in the ACT.

Young Drivers; Eve Mitsopoulos; Michael Regan; Janet Anderson; Paul Salmon; Jessica Edquist; Ii Report Documentation Page

2005-01-01T23:59:59.000Z

324

Dark tourism: understanding visitor motivation at sites of death and disaster  

E-Print Network (OSTI)

People are fascinated with death and disaster. One simply has to watch traffic slow to a crawl when passing a car accident to understand this. However, this fascination goes beyond the side of a highway and enters the realm of tourism. Today, numerous sites of death and disaster attract millions of visitors from all around the world: Auschwitz-Birkenau, Anne Frank's House, Graceland, Oklahoma City, Gettysburg, Vimy Ridge, the Somme, Arlington National Cemetery. The list grows each year as exhibited by the recent creation of an apartheid museum in Johannesburg, South Africa. Due to the increasing popularity of this tourism product, a small number of academics have begun studying the phenomenon. Leading the field are Lennon and Foley who labeled it Dark Tourism, Seaton who coined the term Thanatourism, and Rojek who developed the concept of Black Spots. However, despite ongoing study, there has been a paucity in understanding what actually motivates individuals to sites of dark tourism. Yet understanding motivation is imperative, particularly given the subject and sensitivity of these sites. Some are slowly decaying, and visitors play a large role in their preservation. Subsequently, without proper management, visitor influxes can further deteriorate sites or induce friction with the locals. Knowledge then, also provides administrators the necessary tools to properly manage the varying stakeholders. Although many feel an interest in death and disaster simply stems from morbidity, the range of factors involved extend from an interest in history and heritage to education to remembrance. To begin this study, a list of possible motivations was compiled. Then, to get a better comprehension of these motivations, visitors to the Holocaust Museum Houston were surveyed as a case study. As a commodified, synthetic site of death and atrocity, the museum fits the definitions of a dark tourism site as established by lead academics. Therefore, by asking visitors to the museum what motivated them to the site, the results will hopefully give some acumen into the wants and needs of certain stakeholders. Finally, this research sought to discover if motivation at the museum could shed light on motivation to other sites of dark tourism.

Yuill, Stephanie Marie

2003-12-01T23:59:59.000Z

325

Adaptive management: a paradigm for remediation of public facilities  

SciTech Connect

Public facility restoration planning traditionally focused on response to natural disasters and hazardous materials accidental releases. These plans now need to integrate response to terrorist actions. Therefore, plans must address a wide range of potential vulnerabilities. Similar types of broad remediation planning are needed for restoration of waste and hazardous material handling areas and facilities. There are strong similarities in damage results and remediation activities between unintentional and terrorist actions; however, the uncertainties associated with terrorist actions result in a re-evaluation of approaches to planning. Restoration of public facilities following a release of a hazardous material is inherently far more complex than in confined industrial settings and has many unique technical, economic, social, and political challenges. Therefore, they arguably involve a superset of drivers, concerns and public agencies compared to other restoration efforts. This superset of conditions increases complexity of interactions, reduces our knowledge of the initial conditions, and even condenses the timeline for restoration response. Therefore, evaluations of alternative restoration management approaches developed for responding to terrorist actions provide useful knowledge for large, complex waste management projects. Whereas present planning documents have substantial linearity in their organization, the 'adaptive management' paradigm provides a constructive parallel operations paradigm for restoration of facilities that anticipates and plans for uncertainty, multiple/simUltaneous public agency actions, and stakeholder participation. Adaptive management grew out of the need to manage and restore natural resources in highly complex and changing environments with limited knowledge about causal relationships and responses to restoration actions. Similarities between natural resource management and restoration of a facility and surrounding area(s) after a disruptive event suggest numerous advantages over preset linearly-structured plans by incorporating the flexibility and overlap of processes inherent in effective facility restoration. We discuss three restoration case studies (e.g., the Hart Senate Office Building anthrax restoration, Rocky Flats actinide remediation, and hurricane destruction restoration), that implement aspects of adaptive management but not a formal approach. We propose that more formal adoption of adaptive management principles could be a basis for more flexible standards to improve site-specific remediation plans under conditions of high uncertainty.

Janecky, David R [Los Alamos National Laboratory; Whicker, Jeffrey J [Los Alamos National Laboratory; Doerr, Ted B [NON LANL

2009-01-01T23:59:59.000Z

326

Using hardware vulnerability factors to enhance AVF analysis  

Science Conference Proceedings (OSTI)

Fault tolerance is now a primary design constraint for all major microprocessors. One step in determining a processor's compliance to its failure rate target is measuring the Architectural Vulnerability Factor (AVF) of each on-chip structure. The AVF ... Keywords: architectural vulnerability factor, fault tolerance, reliability

Vilas Sridharan; David R. Kaeli

2010-06-01T23:59:59.000Z

327

U-174: Serendipity Unspecified SQL Injection Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Serendipity Unspecified SQL Injection Vulnerability 4: Serendipity Unspecified SQL Injection Vulnerability U-174: Serendipity Unspecified SQL Injection Vulnerability May 22, 2012 - 7:00am Addthis PROBLEM: Serendipity Unspecified SQL Injection Vulnerability PLATFORM: 1.6.1 and prior versions ABSTRACT: A vulnerability was reported in Serendipity. A remote user can inject SQL commands. Reference Links: SecurityTracker Alert ID: 1027079 Secunia Advisory SA49234 CVE-2012-2762 IMPACT ASSESSMENT: Medium Discussion: The 'include/functions_trackbacks.inc.php' script does not properly validate user-supplied input. A remote user can supply a specially crafted parameter value to execute SQL commands on the underlying database. Impact: A remote user can execute SQL commands on the underlying database. Solution: The vendor has issued a fix (1.6.2).

328

V-118: IBM Lotus Domino Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: IBM Lotus Domino Multiple Vulnerabilities 8: IBM Lotus Domino Multiple Vulnerabilities V-118: IBM Lotus Domino Multiple Vulnerabilities March 25, 2013 - 12:40am Addthis PROBLEM: IBM Lotus Domino Multiple Vulnerabilities PLATFORM: IBM Domino 8.x ABSTRACT: Multiple vulnerabilities have been reported in IBM Lotus Domino REFERENCE LINKS: IBM Reference #:1627597 Secunia Advisory SA52753 CVE-2012-6277 CVE-2013-0486 CVE-2013-0487 IMPACT ASSESSMENT: High DISCUSSION: 1) An unspecified error can be exploited to disclose time-limited authentication credentials via the Domino Java Console and subsequently gain otherwise restricted access. Successful exploitation may require certain knowledge of Domino server configuration. 2) An unspecified error in the HTTP server component can be exploited to cause a memory leak and subsequently crash the server.

329

T-625: Opera Frameset Handling Memory Corruption Vulnerability | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Opera Frameset Handling Memory Corruption Vulnerability 5: Opera Frameset Handling Memory Corruption Vulnerability T-625: Opera Frameset Handling Memory Corruption Vulnerability May 18, 2011 - 3:05pm Addthis PROBLEM: A vulnerability has been reported in Opera, which can be exploited by malicious people to compromise a user's system. PLATFORM: Opera versions prior to 11.11 ABSTRACT: The vulnerability is caused due to an error when handling certain frameset constructs during page unloading and can be exploited to corrupt memory via a specially crafted web page. reference LINKS: Secunia Advisory: SA44611 Opera Knowledge Base Opera 11.11 for Windows Opera Download Opera Mobile IMPACT ASSESSMENT: High Discussion: Framesets allow web pages to hold other pages inside them. Certain frameset constructs are not handled correctly when the page is unloaded, causing a

330

India-Vulnerability Assessment and Enhancing Adaptive Capacities to Climate  

Open Energy Info (EERE)

Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Change Jump to: navigation, search Name India-Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Change Agency/Company /Organization Swiss Agency for Development and Cooperation Sector Energy, Land, Water Focus Area Agriculture Topics Co-benefits assessment, Background analysis Resource Type Lessons learned/best practices Website http://www.intercooperation.or Country India Southern Asia References India-Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Change[1] India-Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Change Screenshot Contents 1 Introduction [1] 2 Community-based Institutions [2] 3 Pasture Land Development [3]

331

Mitigations for Security Vulnerabilities Found in Control System Networks |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Mitigations for Security Vulnerabilities Found in Control System Mitigations for Security Vulnerabilities Found in Control System Networks Mitigations for Security Vulnerabilities Found in Control System Networks Industry is aware of the need for Control System (CS) security, but in on-site assessments, Idaho National Laboratory (INL) has observed that security procedures and devices are not consistently and effectively implemented. The Department of Homeland Security (DHS), National Cyber Security Division (NCSD), established the Control Systems Security Center (CSSC) at INL to help industry and government improve the security of the CSs used in the nation's critical infrastructures. One of the main CSSC objectives is to identify control system vulnerabilities and develop effective mitigations for them. This paper discusses common problems and vulnerabilities seen in

332

V-173: Plesk 0-Day Vulnerability | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Plesk 0-Day Vulnerability 3: Plesk 0-Day Vulnerability V-173: Plesk 0-Day Vulnerability June 7, 2013 - 6:00am Addthis PROBLEM: There is a command injection vulnerability in Plesk which is currently being exploited in the wild PLATFORM: Plesk versions 8.6, 9.0, 9.2, 9.3, and 9.5.4 ABSTRACT: The vulnerability is caused due to PHP misconfiguration in the affected application REFERENCE LINKS: Seclist.org TrendMicro SIB isc.sans.edu Paritynews.com slashdot.org IMPACT ASSESSMENT: High DISCUSSION: The exploit makes use of specially crafted HTTP queries that inject PHP commands. The exploit uses POST request to launch a PHP interpreter and the attacker can set any configuration parameters through the POST request. The exploit code published calls the PHP interpreter directly with allow_url_include=on, safe_mode=off and suhosin.simulation=on arguments.

333

U-100: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Google Chrome Multiple Vulnerabilities 0: Google Chrome Multiple Vulnerabilities U-100: Google Chrome Multiple Vulnerabilities February 10, 2012 - 7:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions, manipulate certain data, and compromise a user's system. PLATFORM: Google Chrome 16.x ABSTRACT: A remote user can create a specially crafted content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. Reference LINKS: Google Announcements and Release Channel Secunia Advisory SA47938 Security Tracker ID 1026654 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in Google Chrome, where some

334

Mapping Climate Change Vulnerability and Impact Scenarios - A Guidebook for  

Open Energy Info (EERE)

Mapping Climate Change Vulnerability and Impact Scenarios - A Guidebook for Mapping Climate Change Vulnerability and Impact Scenarios - A Guidebook for Sub-national Planners Jump to: navigation, search Tool Summary Name: Mapping Climate Change Vulnerability and Impact Scenarios - A Guidebook for Sub-national Planners Agency/Company /Organization: United Nations Development Programme (UNDP) Resource Type: Guide/manual Website: www.beta.undp.org/content/dam/aplaws/publication/en/publications/envir Language: English Mapping Climate Change Vulnerability and Impact Scenarios - A Guidebook for Sub-national Planners Screenshot This guidebook assists planners working at the sub-national levels to identify and map the nature of current and future vulnerability to long-term climate change so that appropriate policies and intervention can

335

V-173: Plesk 0-Day Vulnerability | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Plesk 0-Day Vulnerability 3: Plesk 0-Day Vulnerability V-173: Plesk 0-Day Vulnerability June 7, 2013 - 6:00am Addthis PROBLEM: There is a command injection vulnerability in Plesk which is currently being exploited in the wild PLATFORM: Plesk versions 8.6, 9.0, 9.2, 9.3, and 9.5.4 ABSTRACT: The vulnerability is caused due to PHP misconfiguration in the affected application REFERENCE LINKS: Seclist.org TrendMicro SIB isc.sans.edu Paritynews.com slashdot.org IMPACT ASSESSMENT: High DISCUSSION: The exploit makes use of specially crafted HTTP queries that inject PHP commands. The exploit uses POST request to launch a PHP interpreter and the attacker can set any configuration parameters through the POST request. The exploit code published calls the PHP interpreter directly with allow_url_include=on, safe_mode=off and suhosin.simulation=on arguments.

336

T-674: Drupal Secure Password Hashes Module Security Bypass Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

74: Drupal Secure Password Hashes Module Security Bypass 74: Drupal Secure Password Hashes Module Security Bypass Vulnerability T-674: Drupal Secure Password Hashes Module Security Bypass Vulnerability July 22, 2011 - 3:00pm Addthis PROBLEM: Drupal Secure Password Hashes Module Security Bypass Vulnerability PLATFORM: Drupal Secure Password Hashes 6.X-1.0 Drupal Secure Password Hashes 5.X-1.4 ABSTRACT: The Secure Password Hashes module for Drupal is prone to a security-bypass vulnerability. reference LINKS: Drupal Homepage SA-CONTRIB-2011-026 - Secure Password Hashes (phpass) - Multiple Vulnerabilities IMPACT ASSESSMENT: Medium Discussion: This module uses the PHPass hashing library to try to store users hashed passwords securely. The module sets a fixed string for the 'pass' column in the {users} database column but does not replace the pass attribute of the account

337

V-187: Mozilla Firefox Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Mozilla Firefox Multiple Vulnerabilities 7: Mozilla Firefox Multiple Vulnerabilities V-187: Mozilla Firefox Multiple Vulnerabilities June 27, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Mozilla Firefox PLATFORM: Mozilla Firefox 21.x ABSTRACT: These vulnerabilities can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA53970 Secunia Advisory SA53953 Mozilla Advisory mfsa2013-49 Mozilla Advisory mfsa2013-50 Mozilla Advisory mfsa2013-51 Mozilla Advisory mfsa2013-53 Mozilla Advisory mfsa2013-55 Mozilla Advisory mfsa2013-56 Mozilla Advisory mfsa2013-59 CVE-2013-1682 CVE-2013-1683 CVE-2013-1684 CVE-2013-1685

338

Assessing Climate Change Impacts, Vulnerability and Adaptation: The Case of  

Open Energy Info (EERE)

Impacts, Vulnerability and Adaptation: The Case of Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan Watershed Jump to: navigation, search Name Assessing Climate Change Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan Watershed Agency/Company /Organization World Agroforestry Centre Sector Land Focus Area Forestry Topics Adaptation, Background analysis, Co-benefits assessment Resource Type Publications Website http://www.worldagroforestry.o Country Philippines UN Region South-Eastern Asia References Assessing Climate Change Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan Watershed[1] Assessing Climate Change Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan Watershed Screenshot This article is a stub. You can help OpenEI by expanding it.

339

V-119: IBM Security AppScan Enterprise Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: IBM Security AppScan Enterprise Multiple Vulnerabilities 9: IBM Security AppScan Enterprise Multiple Vulnerabilities V-119: IBM Security AppScan Enterprise Multiple Vulnerabilities March 26, 2013 - 12:56am Addthis PROBLEM: IBM Security AppScan Enterprise Multiple Vulnerabilities PLATFORM: IBM Rational AppScan 5.x IBM Rational AppScan 8.x ABSTRACT: IBM has acknowledged multiple vulnerabilities REFERENCE LINKS: IBM Reference #:1626264 Secunia Advisory SA52764 CVE-2008-4033 CVE-2012-4431 CVE-2012-5081 CVE-2013-0473 CVE-2013-0474 CVE-2013-0510 CVE-2013-0511 CVE-2013-0512 CVE-2013-0513 CVE-2013-0532 IMPACT ASSESSMENT: Medium DISCUSSION: 1) The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. cause a DoS when a logged-in user visits a

340

V-111: Multiple vulnerabilities have been reported in Puppet | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Multiple vulnerabilities have been reported in Puppet 1: Multiple vulnerabilities have been reported in Puppet V-111: Multiple vulnerabilities have been reported in Puppet March 14, 2013 - 12:12am Addthis PROBLEM: Multiple vulnerabilities have been reported in Puppet PLATFORM: Puppet 2.x Puppet 3.x Puppet Enterprise 1.x Puppet Enterprise 2.x ABSTRACT: Puppet Multiple Vulnerabilities REFERENCE LINKS: Puppet Blog Secunia Advisory SA52596 CVE-2013-1640 CVE-2013-1652 CVE-2013-1653 CVE-2013-1654 CVE-2013-1655 CVE-2013-2274 CVE-2013-2275 IMPACT ASSESSMENT: High DISCUSSION: 1) An unspecified error exists when invoking the "template" or "inline_template" functions while responding to a catalog request and can be exploited to execute arbitrary code via a specially crafted catalog request. 2) An input validation error exists in the application and can be exploited

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


341

Analyses Of Two End-User Software Vulnerability Exposure Metrics  

SciTech Connect

The risk due to software vulnerabilities will not be completely resolved in the near future. Instead, putting reliable vulnerability measures into the hands of end-users so that informed decisions can be made regarding the relative security exposure incurred by choosing one software package over another is of importance. To that end, we propose two new security metrics, average active vulnerabilities (AAV) and vulnerability free days (VFD). These metrics capture both the speed with which new vulnerabilities are reported to vendors and the rate at which software vendors fix them. We then examine how the metrics are computed using currently available datasets and demonstrate their estimation in a simulation experiment using four different browsers as a case study. Finally, we discuss how the metrics may be used by the various stakeholders of software and to software usage decisions.

Jason L. Wright; Miles McQueen; Lawrence Wellman

2012-08-01T23:59:59.000Z

342

Records Management: a manual  

SciTech Connect

Records Management provides a Records Depository service that enables an office to get rid of semi-active and inactive records. Cleaning out files makes it possible to manage active records more efficiently and find the files when they are needed. Records Depository will also store essential records on Blue Label tapes that must be preserved in case of disaster to Sandia National Laboratories at Albuquerque or Livermore. Step-by-step instructions make the procedure of storing, retrieving, and destroying records a simple matter.

Blair, T.L.

1985-03-01T23:59:59.000Z

343

T-581: Novell Access Manager Java Double Literal Denial of Service  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

81: Novell Access Manager Java Double Literal Denial of Service 81: Novell Access Manager Java Double Literal Denial of Service Vulnerability T-581: Novell Access Manager Java Double Literal Denial of Service Vulnerability March 17, 2011 - 3:05pm Addthis PROBLEM: Novell has acknowledged a vulnerability in Novell Access Manager, which can be exploited by malicious people to cause a DoS (Denial of Service). PLATFORM: Novell Access Manager 3.1 Linux Access Gateway Novell Access Manager 3.1 Access Administration Novell Access Manager 3.1 SSLVPN Server Novell Access Manager 3.1 Windows Novell Identity Server Novell Access Manager 3.1 Linux Novell Identity Server Novell Access Manager 3.1 Java Agents ABSTRACT: Novell Access Manager Java Double Literal Denial of Service Vulnerability. reference LINKS: Secunia Advisory: SA43769 CVE-2010-4476

344

T-694: IBM Tivoli Federated Identity Manager Products Multiple  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: IBM Tivoli Federated Identity Manager Products Multiple 4: IBM Tivoli Federated Identity Manager Products Multiple Vulnerabilities T-694: IBM Tivoli Federated Identity Manager Products Multiple Vulnerabilities August 16, 2011 - 3:30pm Addthis PROBLEM: Multiple vulnerabilities have been reported in IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway, where some have an unknown impact while one can be exploited by malicious people to cause a DoS (Denial of Service). PLATFORM: IBM Tivoli Federated Identity Manager 6.x, IBM Tivoli Federated Identity Manager Business Gateway 6.x ABSTRACT: This Security Alert addresses a serious security issue CVE-2010-4476 (Java Runtime Environment hangs when converting "2.2250738585072012e-308" to a binary floating-point number). This vulnerability might cause the Java

345

T-694: IBM Tivoli Federated Identity Manager Products Multiple  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

94: IBM Tivoli Federated Identity Manager Products Multiple 94: IBM Tivoli Federated Identity Manager Products Multiple Vulnerabilities T-694: IBM Tivoli Federated Identity Manager Products Multiple Vulnerabilities August 16, 2011 - 3:30pm Addthis PROBLEM: Multiple vulnerabilities have been reported in IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway, where some have an unknown impact while one can be exploited by malicious people to cause a DoS (Denial of Service). PLATFORM: IBM Tivoli Federated Identity Manager 6.x, IBM Tivoli Federated Identity Manager Business Gateway 6.x ABSTRACT: This Security Alert addresses a serious security issue CVE-2010-4476 (Java Runtime Environment hangs when converting "2.2250738585072012e-308" to a binary floating-point number). This vulnerability might cause the Java

346

US Energy Sector Vulnerabilities to Climate Change  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

On the cover: Trans-Alaska oil pipeline; aerial view of New Jersey refinery; coal barges on Mississippi River in St. Paul, Minnesota; power plant in Prince On the cover: Trans-Alaska oil pipeline; aerial view of New Jersey refinery; coal barges on Mississippi River in St. Paul, Minnesota; power plant in Prince George's County, Maryland; Grand Coulee Dam in Washington State; corn field near Somers, Iowa; wind turbines in Texas. Photo credits: iStockphoto U.S. ENERGY SECTOR VULNERABILITIES TO CLIMATE CHANGE AND EXTREME WEATHER Acknowledgements This report was drafted by the U.S. Department of Energy's Office of Policy and International Affairs (DOE-PI) and the National Renewable Energy Laboratory (NREL). The coordinating lead author and a principal author was Craig Zamuda of DOE-PI; other principal authors included Bryan Mignone of DOE-PI, and Dan Bilello, KC Hallett, Courtney Lee, Jordan Macknick, Robin Newmark, and Daniel Steinberg of NREL. Vince Tidwell of Sandia National Laboratories, Tom Wilbanks of

347

Reducing US vulnerability to oil supply shocks  

Science Conference Proceedings (OSTI)

The 1990 crisis in the Middle East has raised concern about the United States`s vulnerability to oil supply disruptions. In addition, a number of trends point to increased US dependence on imported oil. Oil imports have increased and production has declined in the United States for the last eight years. Imports now comprise 42 percent of total oil consumption and US dependence on oil imports is projected to increase over the next 20 years. The Energy Modeling Forum forecasts imports to be more than twice domestic production by the year 2010. There are many studies examining the effects of various policies to protect US energy security. Not many consider the Strategic Petroleum Reserve (SPR), which can be a powerful tool in combating energy supply shocks. The SPR can dramatically increase the domestic short run supply elasticity, which has been found to be a key element in the welfare cost of protectionist policies. Upon examining 5 policies the author finds that the SPR together with a protectionist policy works best against a supply disruption. 27 refs., 3 tabs.

Yuecel, M.K. [Federal Reserve Bank of Dallas, TX (United States)

1994-10-01T23:59:59.000Z

348

V-051: Oracle Solaris Java Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Oracle Solaris Java Multiple Vulnerabilities 1: Oracle Solaris Java Multiple Vulnerabilities V-051: Oracle Solaris Java Multiple Vulnerabilities December 20, 2012 - 12:15am Addthis PROBLEM: Oracle Solaris Java Multiple Vulnerabilities PLATFORM: Oracle Solaris 11.x ABSTRACT: Oracle has acknowledged multiple vulnerabilities in Java included in Solaris REFERENCE LINKS: Secunia Advisory: SA51618 Secunia Advisory: SA50949 Third Party Vulnerability Resolution Blog in Java 7U9 Third Party Vulnerability Resolution Blog in Java 6U37 CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4416 CVE-2012-5067 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084

349

ORAU: National Security and Emergency Management Fact Sheet  

NLE Websites -- All DOE Office Websites (Extended Search)

National Security and Emergency National Security and Emergency Management Services ORAU works with federal, state and local agencies to enhance emergency management planning and integrate their efforts to respond effectively to terrorism, natural disasters and other hazards. Our experienced team helps organizations identify and correct readiness gaps to strengthen their response plans.

350

Strategic stockpiling of power system supplies for disaster recovery  

SciTech Connect

This paper studies the Power System Stochastic Storage Problem (PSSSP), a novel application in power restoration which consists of deciding how to store power system components throughout a populated area to maximize the amount of power served after disaster restoration. The paper proposes an exact mixed-integer formulation for the linearized DC power flow model and a general column-generation approach. Both formulations were evaluated experimentally on benchmarks using the electrical power infrastructure of the United States and disaster scenarios generated by state-of-the-art hurricane simulation tools similar to those used by the National Hurricane Center. The results show that the column-generation algorithm produces near-optimal solutions quickly and produces orders of magnitude speedups over the exact formulation for large benchmarks. Moreover, both the exact and the column-generation formulations produce significant improvements over greedy approach and hence should yield significant benefits in practice.

Bent, Russell W [Los Alamos National Laboratory; Coffrein, Carleton [Los Alamos National Laboratory; Van Hentenryck, Pascal [BROWN UNIV

2010-11-23T23:59:59.000Z

351

Rapid Sampling from Sealed Containers - Vulnerability Assessment Team -  

NLE Websites -- All DOE Office Websites (Extended Search)

Nonproliferation and Nonproliferation and National Security > VAT > Current Projects > Rapid Sampling Tools > ... from Sealed Containers VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Tamper & Intrusion Detection Rapid Sampling from Sealed Containers Demo video Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned

352

Common Myths about Tamper Indicating Seals - Vulnerability Assessment Team  

NLE Websites -- All DOE Office Websites (Extended Search)

Common Myths about Tamper Common Myths about Tamper Indicating Seals VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms

353

New Seals - Vulnerability Assessment Team - Nuclear Engineering Division  

NLE Websites -- All DOE Office Websites (Extended Search)

More Information More Information VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

354

Insanely Fast Microprocessor Shop - Vulnerability Assessment Team - Nuclear  

NLE Websites -- All DOE Office Websites (Extended Search)

Insanely Fast Microprocessor Shop Insanely Fast Microprocessor Shop VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms

355

About Seals - Vulnerability Assessment Team - Nuclear Engineering Division  

NLE Websites -- All DOE Office Websites (Extended Search)

Seals Seals VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

356

Findings and Lessons, Seals - Vulnerability Assessment Team - Nuclear  

NLE Websites -- All DOE Office Websites (Extended Search)

Findings and Lessons Learned Findings and Lessons Learned VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms

357

Current Projects: Product Authenticity Tags - Vulnerability Assessment Team  

NLE Websites -- All DOE Office Websites (Extended Search)

Product Authenticity Tags Product Authenticity Tags VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

358

Automated Vulnerability Detection for Compiled Smart Grid Software  

Science Conference Proceedings (OSTI)

While testing performed with proper experimental controls can provide scientifically quantifiable evidence that software does not contain unintentional vulnerabilities (bugs), it is insufficient to show that intentional vulnerabilities exist, and impractical to certify devices for the expected long lifetimes of use. For both of these needs, rigorous analysis of the software itself is essential. Automated software behavior computation applies rigorous static software analysis methods based on function extraction (FX) to compiled software to detect vulnerabilities, intentional or unintentional, and to verify critical functionality. This analysis is based on the compiled firmware, takes into account machine precision, and does not rely on heuristics or approximations early in the analysis.

Prowell, Stacy J [ORNL; Pleszkoch, Mark G [ORNL; Sayre, Kirk D [ORNL; Linger, Richard C [ORNL

2012-01-01T23:59:59.000Z

359

NIST SP 800-24, PBX Vulnerability Analysis : Finding Holes In ...  

Science Conference Proceedings (OSTI)

... 35 Silent Monitoring 35 Conferencing 36 ... Dial-back modem vulnerabilities. Unattended remote access to a switch clearly represents a vulnerability. ...

2012-05-09T23:59:59.000Z

360

Alternatives for reducing the environmental risks associated with natural disasters and their effects on pipelines  

E-Print Network (OSTI)

Past pipeline failure reports have typically focused on corrosion and third party related events. However, natural disasters pose a substantial risk to pipeline integrity as well. Therefore, it was the objective of this thesis to analyze the risks and consequences of pipelines being seriously affected by natural disasters and propose potential measures to prevent leaks or spills and to mitigate the consequences of leaks and spills resulting from natural disasters. A risk assessment method has been developed for ranking the risks associated with pipelines in natural disaster areas and prevention and mitigation concepts have been recommended and discussed for reducing the risks.

Wellborn, Michael Wayne

1996-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


361

Whose Job Is It? An Examination of Archival Roles and Responsibilities in Documenting Disasters.  

E-Print Network (OSTI)

?? The Exxon Valdez Oil Spill has been labeled America's most devastating human-error environmental disaster. To gain full understanding of the event, researchers must consult… (more)

Dexter, Robyn

2013-01-01T23:59:59.000Z

362

T-613: Microsoft Excel Axis Properties Remote Code Execution Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

613: Microsoft Excel Axis Properties Remote Code Execution 613: Microsoft Excel Axis Properties Remote Code Execution Vulnerability T-613: Microsoft Excel Axis Properties Remote Code Execution Vulnerability May 2, 2011 - 7:42am Addthis PROBLEM: Microsoft Excel is prone to a remote code-execution vulnerability because the applications fail to sufficiently validate user-supplied input. PLATFORM: Microsoft Excel (2002-2010) ABSTRACT: Microsoft Excel is prone to a remote code-execution vulnerability because the applications fails to sufficiently validate user-supplied input. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will result in a denial-of-service

363

U-187: Adobe Flash Player Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Adobe Flash Player Multiple Vulnerabilities 7: Adobe Flash Player Multiple Vulnerabilities U-187: Adobe Flash Player Multiple Vulnerabilities June 11, 2012 - 7:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Adobe Flash Player PLATFORM: Adobe Flash Player 11.2.202.235 and earlier for Windows, Macintosh and Linux Adobe Flash Player 11.1.115.8 and earlier for Android 4.x Adobe Flash Player 11.1.111.9 and earlier for Android 3.x and 2.x Adobe AIR 3.2.0.2070 and earlier for Windows, Macintosh and Android ABSTRACT: Adobe released security updates for Adobe Flash Player 11.2.202.235 and earlier versions for Windows, Macintosh and Linux, Adobe Flash Player 11.1.115.8 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.9 and earlier versions for Android 3.x and 2.x. These updates

364

U-002:Adobe Photoshop Elements Multiple Memory Corruption Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

02:Adobe Photoshop Elements Multiple Memory Corruption 02:Adobe Photoshop Elements Multiple Memory Corruption Vulnerabilities U-002:Adobe Photoshop Elements Multiple Memory Corruption Vulnerabilities October 4, 2011 - 11:00am Addthis PROBLEM: Adobe Photoshop Elements Multiple Memory Corruption Vulnerabilities. PLATFORM: Adobe Photoshop Elements 8.0 and earlier versions for Windows. ABSTRACT: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system. reference LINKS: Adobe Advisory: APSA11-03 SecurityTracker Alert ID: 1026132 SecurityFocus: CVE-2011-2443 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Adobe Photoshop Elements. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create a specially crafted '.grd' or '.abr' file that,

365

T-680:Samba SWAT 'user' Field Cross Site Scripting Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

80:Samba SWAT 'user' Field Cross Site Scripting Vulnerability 80:Samba SWAT 'user' Field Cross Site Scripting Vulnerability T-680:Samba SWAT 'user' Field Cross Site Scripting Vulnerability August 1, 2011 - 2:10pm Addthis PROBLEM: Samba SWAT 'user' Field Cross Site Scripting Vulnerability PLATFORM: All Linux ABSTRACT: It was found that the 'Change Password' page / screen of the Samba Web Administration Tool did not properly sanitize content of the user-provided "user" field, prior printing it back to the page content. A remote attacker could provide a specially-crafted URL, which once visited by an authenticated Samba SWAT user could allow the attacker to conduct cross-site scripting attacks (execute arbitrary HTML or script code). reference LINKS: SecurityFocus - Bugtraq ID: 48901 Secunia CVE Reference: CVE-2011-2694

366

U.S. Energy Sector Vulnerability Report | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U.S. Energy Sector Vulnerability Report U.S. Energy Sector Vulnerability Report U.S. Energy Sector Vulnerability Report As part of the Administration's efforts to support national climate change adaptation planning through the Interagency Climate Change Adaptation Task Force and Strategic Sustainability Planning process -- and to advance the Energy Department's goal of promoting energy security -- the Department released the U.S. Energy Sector Vulnerability to Climate Change and Extreme Weather report. The report examines current and potential future impacts of climate change trends on the U.S. energy sector, including: Coastal energy infrastructure is at risk from sea level rise, increasing storm intensity and higher storm surge and flooding. Oil and gas production -- including refining, hydraulic fracturing

367

U-197: Cisco Adaptive Security Appliances Denial of Service Vulnerability |  

NLE Websites -- All DOE Office Websites (Extended Search)

97: Cisco Adaptive Security Appliances Denial of Service 97: Cisco Adaptive Security Appliances Denial of Service Vulnerability U-197: Cisco Adaptive Security Appliances Denial of Service Vulnerability June 22, 2012 - 7:00am Addthis PROBLEM: A vulnerability has been reported in Cisco Adaptive Security Appliances (ASA), which can be exploited by malicious people to cause a DoS (Denial of Service). PLATFORM: Cisco Adaptive Security Appliance (ASA) 8.x Cisco ASA 5500 Series Adaptive Security Appliances ABSTRACT: The vulnerability is caused due to an unspecified error when handling IPv6 transit traffic and can be exploited to cause a reload of the affected device. reference LINKS: Vendor Advisory Secunia ID 49647 CVE-2012-3058 IMPACT ASSESSMENT: High Discussion: Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) and Cisco

368

T-622: Adobe Acrobat and Reader Unspecified Memory Corruption Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

22: Adobe Acrobat and Reader Unspecified Memory Corruption 22: Adobe Acrobat and Reader Unspecified Memory Corruption Vulnerability T-622: Adobe Acrobat and Reader Unspecified Memory Corruption Vulnerability May 13, 2011 - 3:25am Addthis PROBLEM: Adobe Acrobat and Reader contain a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. PLATFORM: Adobe Reader versions 9.4.1 and prior, versions 8.2.5 and prior, and version 10.0 Acrobat Standard and Professional versions 9.4.1 and prior and version 10.0 Acrobat Standard and Professional versions 8.2.5 and prior Acrobat Professional Extended versions 9.4.1 and prior Acrobat 3D versions 8.2.5 and prior Adobe Flash Player versions 10.2.159.1 and prior for Windows, Macintosh, Linux, and Solaris ABSTRACT: The vulnerability is due to an unspecified error in the affected software

369

T-547: Microsoft Windows Human Interface Device (HID) Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

547: Microsoft Windows Human Interface Device (HID) Vulnerability 547: Microsoft Windows Human Interface Device (HID) Vulnerability T-547: Microsoft Windows Human Interface Device (HID) Vulnerability February 1, 2011 - 3:20am Addthis PROBLEM Microsoft Windows Human Interface Device (HID) Vulnerability. PLATFORM: Microsoft 2003 SP2, Vista SP2, 2008 SP2, XP SP3, 7; and prior service packs ABSTRACT: Microsoft Windows does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a Smartphone that the user connected to the computer. reference LINKS: Security Lab: Reference CVE-2011-0638 CVE Details: Reference CVE-2011-0638 Mitre Reference: CVE-2011-0638

370

U-191: Oracle Java Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

91: Oracle Java Multiple Vulnerabilities 91: Oracle Java Multiple Vulnerabilities U-191: Oracle Java Multiple Vulnerabilities June 14, 2012 - 7:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Oracle Java, which can be exploited by malicious local users PLATFORM: Oracle Java JDK 1.7.x / 7.x Oracle Java JRE 1.7.x / 7.x Sun Java JDK 1.5.x Sun Java JDK 1.6.x / 6.x Sun Java JRE 1.4.x Sun Java JRE 1.5.x / 5.x Sun Java JRE 1.6.x / 6.x Sun Java SDK 1.4.x ABSTRACT: The Critical Patch Update for Java SE also includes non-security fixes. Critical Patch Updates are cumulative and each advisory describes only the security fixes added since the previous Critical Patch Update. Thus, prior Critical Patch Update Advisories should be reviewed for information regarding earlier accumulated security fixes.

371

OLADE-Central America Climate Change Vulnerability Program | Open Energy  

Open Energy Info (EERE)

OLADE-Central America Climate Change Vulnerability Program OLADE-Central America Climate Change Vulnerability Program Jump to: navigation, search Name OLADE-Central America Climate Change Vulnerability Program Agency/Company /Organization Latin America Energy Organization Partner Ministries of Energy and Energy Enterprises Sector Energy, Land Topics Background analysis Website http://www.olade.org/proyecto_ Program Start 2010 Program End 2011 Country Belize, Costa Rica, El Salvador, Guatemala, Honduras, Nicaragua, Panama Central America, Central America, Central America, Central America, Central America, Central America, Central America References OLADE Energy and Climate Change Projects[1] OLADE is a Latin American organization working with Central American countries on climate change vulnerability for hydroelectric systems and

372

T-680:Samba SWAT 'user' Field Cross Site Scripting Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0:Samba SWAT 'user' Field Cross Site Scripting Vulnerability 0:Samba SWAT 'user' Field Cross Site Scripting Vulnerability T-680:Samba SWAT 'user' Field Cross Site Scripting Vulnerability August 1, 2011 - 2:10pm Addthis PROBLEM: Samba SWAT 'user' Field Cross Site Scripting Vulnerability PLATFORM: All Linux ABSTRACT: It was found that the 'Change Password' page / screen of the Samba Web Administration Tool did not properly sanitize content of the user-provided "user" field, prior printing it back to the page content. A remote attacker could provide a specially-crafted URL, which once visited by an authenticated Samba SWAT user could allow the attacker to conduct cross-site scripting attacks (execute arbitrary HTML or script code). reference LINKS: SecurityFocus - Bugtraq ID: 48901 Secunia CVE Reference: CVE-2011-2694

373

U-035: Adobe Flash Player Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

35: Adobe Flash Player Multiple Vulnerabilities 35: Adobe Flash Player Multiple Vulnerabilities U-035: Adobe Flash Player Multiple Vulnerabilities November 14, 2011 - 10:15am Addthis PROBLEM: Adobe Flash Player Multiple Vulnerabilities. PLATFORM: Adobe Flash Player 11.0.1.152 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems Adobe Flash Player 11.0.1.153 and earlier versions for Android Adobe AIR 3.0 and earlier versions for Windows, Macintosh, and Android ABSTRACT: Adobe recommends users of Adobe Flash Player 11.0.1.152 and earlier versions for Windows, Macintosh, Linux and Solaris update to Adobe Flash Player 11.1.102.55. Users of Adobe Flash Player 11.0.1.153 and earlier versions for Android should update to Adobe Flash Player 11.1.102.59 for Android. Users of Adobe AIR 3.0 for Windows, Macintosh, and Android should

374

V-237: TYPO3 Security Bypass Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

V-237: TYPO3 Security Bypass Vulnerabilities V-237: TYPO3 Security Bypass Vulnerabilities V-237: TYPO3 Security Bypass Vulnerabilities September 9, 2013 - 6:00am Addthis PROBLEM: Some vulnerabilities have been reported in TYPO3 PLATFORM: TYPO3 6.x ABSTRACT: TYPO3 comes with the possibility to restrict editors to certain file actions (copy, delete, move etc.) and to restrict these actions to be performed in certain locations REFERENCE LINKS: Secunia Advisory SA54717 Security Focus ID 62257 IMPACT ASSESSMENT: Medium DISCUSSION: 1) Some errors when handling file actions can be exploited to bypass file action permission restrictions and e.g. create or read arbitrary files within or outside the webroot. 2) An error when validating file names within the file renaming functionality can be exploited to bypass the denied file extensions check

375

U-146: Adobe Reader/Acrobat Multiple Vulnerabilities | Department...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

SMB share and repairing the installation. 4) An unspecified error within the JavaScript API can be exploited to corrupt memory. NOTE: This vulnerability affects the Macintosh and...

376

Systematic Techniques for Finding and Preventing Script Injection Vulnerabilities  

E-Print Network (OSTI)

2010). http://code. google.com/p/browsersec/wiki/Part1. [101] SecuriTeam. “Google.com UTF-7 XSS Vulnerabilities”.sensitive data of the google.com domain. In the past, Barth

Saxena, Prateek

2012-01-01T23:59:59.000Z

377

Vulnerability beyond Stereotypes: Context and Agency in Hurricane Risk Communication  

Science Conference Proceedings (OSTI)

Risk communication may accentuate or alleviate the vulnerability of people who have particular difficulties responding to the threat of hazards such as hurricanes. The process of risk communication involves how hazard information is received, ...

Heather Lazrus; Betty H. Morrow; Rebecca E. Morss; Jeffrey K. Lazo

2012-04-01T23:59:59.000Z

378

V-061: IBM SPSS Modeler XML Document Parsing Vulnerability |...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

and cause a DoS (Denial of Service). The vulnerability is caused due to an error when handling certain XML documents and can be exploited via a specially crafted document....

379

U-183: ISC BIND DNS Resource Records Handling Vulnerability ...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U-098: ISC BIND Deleted Domain Name Resolving Vulnerability U-038: BIND 9 Resolver crashes after logging an error in query.c T-617: BIND RPZ Processing Flaw Lets Remote Users...

380

System Assurance: Beyond Detecting Vulnerabilities, 1st edition  

Science Conference Proceedings (OSTI)

In this day of frequent acquisitions and perpetual application integrations, systems are often an amalgamation of multiple programming languages and runtime platforms using new and legacy content. Systems of such mixed origins are increasingly vulnerable ...

Nikolai Mansourov; Djenana Campara

2010-12-01T23:59:59.000Z

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


381

V-125: Cisco Connected Grid Network Management System Multiple  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Cisco Connected Grid Network Management System Multiple 5: Cisco Connected Grid Network Management System Multiple Vulnerabilities V-125: Cisco Connected Grid Network Management System Multiple Vulnerabilities April 3, 2013 - 1:44am Addthis PROBLEM: Cisco Connected Grid Network Management System Multiple Vulnerabilities PLATFORM: Cisco Connected Grid Network Management System 2.x ABSTRACT: Some vulnerabilities have been reported in Cisco Connected Grid Network Management System. REFERENCE LINKS: Cisco Security Notice CVE-2013-1163 Cisco Security Notice CVE-2013-1171 Secunia Advisory SA52834 SecurityTracker Alert ID: 1028374 SecurityTracker Alert ID: 1028373 CVE-2013-1163 CVE-2013-1171 IMPACT ASSESSMENT: Medium DISCUSSION: 1) Certain input related to the element list component is not properly sanitised before being returned to the user. This can be exploited to

382

V-125: Cisco Connected Grid Network Management System Multiple  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Cisco Connected Grid Network Management System Multiple 5: Cisco Connected Grid Network Management System Multiple Vulnerabilities V-125: Cisco Connected Grid Network Management System Multiple Vulnerabilities April 3, 2013 - 1:44am Addthis PROBLEM: Cisco Connected Grid Network Management System Multiple Vulnerabilities PLATFORM: Cisco Connected Grid Network Management System 2.x ABSTRACT: Some vulnerabilities have been reported in Cisco Connected Grid Network Management System. REFERENCE LINKS: Cisco Security Notice CVE-2013-1163 Cisco Security Notice CVE-2013-1171 Secunia Advisory SA52834 SecurityTracker Alert ID: 1028374 SecurityTracker Alert ID: 1028373 CVE-2013-1163 CVE-2013-1171 IMPACT ASSESSMENT: Medium DISCUSSION: 1) Certain input related to the element list component is not properly sanitised before being returned to the user. This can be exploited to

383

V-036: EMC Smarts Network Configuration Manager Database Authentication  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: EMC Smarts Network Configuration Manager Database 6: EMC Smarts Network Configuration Manager Database Authentication Bypass Vulnerability V-036: EMC Smarts Network Configuration Manager Database Authentication Bypass Vulnerability November 29, 2012 - 3:30am Addthis PROBLEM: EMC Smarts Network Configuration Manager Database Authentication Bypass Vulnerability PLATFORM: EMC Smarts Network Configuration Manager (NCM) all versions prior 9.1 ABSTRACT: Two vulnerabilities were reported in EMC Smarts Network Configuration Manager. REFERENCE LINKS: EMC Identifier: ESA-2012-057 Secunia Advisory SA51408 SecurityTracker Alert ID: 1027812 CVE-2012-4614 CVE-2012-4615 IMPACT ASSESSMENT: Medium DISCUSSION: The systems uses a hard-coded key to encrypt authentication credentials on the target system [CVE-2012-4615]. A local user with knowledge of the key

384

U-116: IBM Tivoli Provisioning Manager Express for Software Distribution  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: IBM Tivoli Provisioning Manager Express for Software 6: IBM Tivoli Provisioning Manager Express for Software Distribution Multiple Vulnerabilities U-116: IBM Tivoli Provisioning Manager Express for Software Distribution Multiple Vulnerabilities March 5, 2012 - 7:00am Addthis PROBLEM: IBM Tivoli Provisioning Manager Express for Software Distribution Multiple Vulnerabilities PLATFORM: IBM Tivoli Provisioning Manager Express for Software Distribution 4.x ABSTRACT: Multiple vulnerabilities have been reported in IBM Tivoli Provisioning Manager Express for Software Distribution, which can be exploited by malicious people to conduct SQL injection attacks and compromise a user's system. reference LINKS: Secunia Advisory SA48216 CVE-2012-0198 CVE-2012-0199 IMPACT ASSESSMENT: High Discussion: Certain input passed via "Printer.getPrinterAgentKey" to the SoapServlet

385

Updates on the Federal Enterprise Architecture Program  

Science Conference Proceedings (OSTI)

... Environmental Management Disaster Management Business Area's (4) ... Environmental Management Disaster Management Business Area's (4) ...

2007-09-26T23:59:59.000Z

386

Choice of governance mechanisms to promote information sharing via boundary objects in the disaster recovery process  

Science Conference Proceedings (OSTI)

Given the difficulties and criticality of information sharing in a multi-agency setting, this paper looks at the IT governance mechanisms used to promote information sharing via shared boundary objects in the disaster response and recovery process. A ... Keywords: Disaster response and recovery, IT governance, Information sharing, Multi-agency governance, Shared boundary objects

Barry A. Cumbie; Chetan S. Sankar

2012-12-01T23:59:59.000Z

387

Rebuilding After Disaster: Going Green from the Ground Up (Revised) (Brochure)  

SciTech Connect

20-page "how-to" guide describing ways to turn a disaster into an opportunity to rebuild with greener energy technologies. It covers such topics as the importance of energy, options for communities, instructions for developing an energy plan, and other considerations. This guide is intended for the community leaders who have experienced a disaster.

Not Available

2009-10-01T23:59:59.000Z

388

AMA: eCore Disaster Life Support (AWR-197-W) Awareness and Response to  

E-Print Network (OSTI)

AMA: eCore Disaster Life Support (AWR-197-W) Awareness and Response to Biological Events (AWR-118-W) CiEzenReady: Pandemic Influenza (AWR-203-W) Disaster Mental Health Public Safety and Security Response Animal Disease Emergency Support Environmental

Harms, Kyle E.

389

RAPID RESPONSE: DISASTER RELIEF AND Ill Winds: Hurricanes Camille and Agnes  

E-Print Network (OSTI)

CHAPTER 4 RAPID RESPONSE: DISASTER RELIEF AND RECOVERY Ill Winds: Hurricanes Camille and Agnes. Enactment in 1950 of a federal disaster relief program brought the Corps heavy responsibilities but also work south of the city and also assisted the Mobile District that was responsible for most of the work

US Army Corps of Engineers

390

End-Triassic calcification crisis and blooms of organic-walled `disaster species'  

E-Print Network (OSTI)

End-Triassic calcification crisis and blooms of organic-walled `disaster species' B. van de the response of marine photosynthetic phytoplankton to the proposed perturbation in the carbon cycle. Our high) contemporaneous blooms of organic-walled, green algal `disaster' species which comprise in one case N70

391

Damage tracker: a cloud and mobile system for collecting damage information after natural disasters  

Science Conference Proceedings (OSTI)

Tornadoes and other natural disasters frequently cause large amounts of damage to buildings and infrastructure. An important part of learning from these events is assessing key damage-indicators within the affected area. Researchers can analyze these ... Keywords: cloud, geo-tagging, natural disaster, tornado

Chris Hodapp, Matt Robbins, Jeff Gray, Andrew Graettinger

2013-04-01T23:59:59.000Z

392

What Previous Disasters Teach: The (Really) Hard Lessons of Katrina and Haiti  

E-Print Network (OSTI)

What Previous Disasters Teach: The (Really) Hard Lessons of Katrina and Haiti What Previous Disasters Teach: The (Really) Hard Lessons of Katrina and Haiti 1 (Really) Hard Lessons of Katrina and Haiti for Humanitarian Logistics (Really) Hard Lessons of Katrina and Haiti for Humanitarian Logistics José Holguín

Mitchell, John E.

393

Workshop on the Application of Remote Sensing Technologies to Disaster Response Rapid Damage Mapping for Post-Earthquake  

E-Print Network (OSTI)

Workshop on the Application of Remote Sensing Technologies to Disaster Response Rapid Damage Technologies to Disaster Response September 12 2003 #12;Workshop on the Application of Remote Sensing Technologies to Disaster Response 12 September 2003 Rapid Damage Mapping for post-Earthquake Building Damage

Shinozuka, Masanobu

394

Agent-based coalition formation in disaster response applications Ladislau Boloni, Majid Ali Khan and Damla Turgut  

E-Print Network (OSTI)

Agent-based coalition formation in disaster response applications Ladislau B¨ol¨oni, Majid Ali Khan present an agent-based coalition formation approach for disaster response applications. We assume. 1 Introduction Efficient disaster response requires participants to form teams and coordinate

Bölöni, Ladislau L

395

Re: response to oil disaster; spoil islands and Army Corps Haze, Pam K, Gould, Rowan , Ashe, Dan,  

E-Print Network (OSTI)

History: Re: response to oil disaster; spoil islands and Army Corps t Haze, Pam K, Gould, Rowan:59:082010 Subject: FW: response to oil disaster; spoil islands and Army Corps at sure who to ask abou this are dredged, may be a disaster to the very same resources we want to protect from the oil. Can you please find

Fleskes, Joe

396

These Lives Will Not Be Lost in Vain: Organizational Learning from Disaster in U.S. Coal Mining  

Science Conference Proceedings (OSTI)

The stated purpose of the investigations that invariably follow industrial, transportation, and mining disasters is to learn from those tragedies to prevent future tragedies. But does prior experience with disaster make organizations more capable of ... Keywords: disaster, high-reliability organizations, organizational learning

Peter M. Madsen

2009-09-01T23:59:59.000Z

397

Field damage assessments as a design tool for information and communications technology systems that are resilient to natural disasters  

Science Conference Proceedings (OSTI)

This paper discusses how to perform field damage assessments after natural disasters as a systematic design tool to achieve information and communications technology (ICT) systems that are more resilient to natural disasters. Hence, damage assessments ... Keywords: damage assessment, information and communication technology systems, natural disasters

Alexis Kwasinski

2011-10-01T23:59:59.000Z

398

The Deepwater Horizon Disaster: What Happened and Why  

Science Conference Proceedings (OSTI)

The Deepwater Horizon disaster was the largest oil spill in US history, and the second largest spill in the world. 11 men lost their lives in the explosion and fire. Although the impacts of the spill were evident to large numbers of people, its causes were harder to see. This lecture will focus on the technical aspects of the events that led to the spill itself: what happened on the rig before, during and after the event, up to the time the rig sank. As with many engineering disasters, the accident was due to a sequence of failures, including both technical systems and procedural issues. Although the causes were complex and interacting, the lecture will focus on four main problems: (1) the failure of the cement and casing seal, (2) the failure to recognize and respond to hydrocarbon flow into the riser, (3) the ignition of hydrocarbons on the rig, and (4) the failure of the blow-out preventer (BOP) to seal the well. The lecture will conclude with some suggestions as to how events such as the Deepwater Horizon disaster can be avoided in the future. (Roland N. Horne is the Thomas Davies Barrow Professor of Earth Sciences at Stanford University, and was the Chairman of Petroleum Engineering from 1995 to 2006. He holds BE, PhD and DSc degrees from the University of Auckland, New Zealand, all in Engineering Science. Horne is a member of the U.S. National Academy of Engineering and is also an Honorary Member of the Society of Petroleum Engineers.)

Horne, Roland N. (Stanford University)

2011-01-05T23:59:59.000Z

399

V-083: Oracle Java Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Oracle Java Multiple Vulnerabilities 3: Oracle Java Multiple Vulnerabilities V-083: Oracle Java Multiple Vulnerabilities February 4, 2013 - 12:42am Addthis PROBLEM: Oracle Java Multiple Vulnerabilities PLATFORM: Oracle Java JDK 1.5.x / 5.x Oracle Java JDK 1.7.x / 7.x Oracle Java JRE 1.7.x / 7.x Oracle Java SDK 1.4.x / 4.x Sun Java JDK 1.4.x Sun Java JDK 1.6.x / 6.x Sun Java JRE 1.4.x / 4.x Sun Java JRE 1.5.x / 5.x Sun Java JRE 1.6.x / 6.x ABSTRACT: A Critical Patch Update is a collection of patches for multiple security vulnerabilities. The Critical Patch Update for Java SE also includes non-security fixes. Critical Patch Updates are cumulative and each advisory describes only the security fixes added since the previous Critical Patch Update and Security Alert. REFERENCE LINKS: Oracle Security Advisory February 2013

400

V-083: Oracle Java Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Oracle Java Multiple Vulnerabilities 3: Oracle Java Multiple Vulnerabilities V-083: Oracle Java Multiple Vulnerabilities February 4, 2013 - 12:42am Addthis PROBLEM: Oracle Java Multiple Vulnerabilities PLATFORM: Oracle Java JDK 1.5.x / 5.x Oracle Java JDK 1.7.x / 7.x Oracle Java JRE 1.7.x / 7.x Oracle Java SDK 1.4.x / 4.x Sun Java JDK 1.4.x Sun Java JDK 1.6.x / 6.x Sun Java JRE 1.4.x / 4.x Sun Java JRE 1.5.x / 5.x Sun Java JRE 1.6.x / 6.x ABSTRACT: A Critical Patch Update is a collection of patches for multiple security vulnerabilities. The Critical Patch Update for Java SE also includes non-security fixes. Critical Patch Updates are cumulative and each advisory describes only the security fixes added since the previous Critical Patch Update and Security Alert. REFERENCE LINKS: Oracle Security Advisory February 2013

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


401

V-107: Wireshark Multiple Denial of Service Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Wireshark Multiple Denial of Service Vulnerabilities 7: Wireshark Multiple Denial of Service Vulnerabilities V-107: Wireshark Multiple Denial of Service Vulnerabilities March 8, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Wireshark PLATFORM: Wireshark 1.6.x and 1.8.x ABSTRACT: Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). REFERENCE LINKS: Secunia Advisory SA52471 Wireshark Release Notes 1.8.6 Wireshark Release Notes 1.6.1.4 CVE-2013-2475 CVE-2013-2476 CVE-2013-2477 CVE-2013-2478 CVE-2013-2479 CVE-2013-2480 CVE-2013-2481 CVE-2013-2482 CVE-2013-2483 CVE-2013-2484 CVE-2013-2485 CVE-2013-2486 CVE-2013-2487 CVE-2013-2488 IMPACT ASSESSMENT: Medium DISCUSSION: 1) An error in the TCP dissector when processing certain packets can be

402

V-107: Wireshark Multiple Denial of Service Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Wireshark Multiple Denial of Service Vulnerabilities 7: Wireshark Multiple Denial of Service Vulnerabilities V-107: Wireshark Multiple Denial of Service Vulnerabilities March 8, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Wireshark PLATFORM: Wireshark 1.6.x and 1.8.x ABSTRACT: Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). REFERENCE LINKS: Secunia Advisory SA52471 Wireshark Release Notes 1.8.6 Wireshark Release Notes 1.6.1.4 CVE-2013-2475 CVE-2013-2476 CVE-2013-2477 CVE-2013-2478 CVE-2013-2479 CVE-2013-2480 CVE-2013-2481 CVE-2013-2482 CVE-2013-2483 CVE-2013-2484 CVE-2013-2485 CVE-2013-2486 CVE-2013-2487 CVE-2013-2488 IMPACT ASSESSMENT: Medium DISCUSSION: 1) An error in the TCP dissector when processing certain packets can be

403

Soft Error Vulnerability of Iterative Linear Algebra Methods  

Science Conference Proceedings (OSTI)

Devices become increasingly vulnerable to soft errors as their feature sizes shrink. Previously, soft errors primarily caused problems for space and high-atmospheric computing applications. Modern architectures now use features so small at sufficiently low voltages that soft errors are becoming significant even at terrestrial altitudes. The soft error vulnerability of iterative linear algebra methods, which many scientific applications use, is a critical aspect of the overall application vulnerability. These methods are often considered invulnerable to many soft errors because they converge from an imprecise solution to a precise one. However, we show that iterative methods can be vulnerable to soft errors, with a high rate of silent data corruptions. We quantify this vulnerability, with algorithms generating up to 8.5% erroneous results when subjected to a single bit-flip. Further, we show that detecting soft errors in an iterative method depends on its detailed convergence properties and requires more complex mechanisms than simply checking the residual. Finally, we explore inexpensive techniques to tolerate soft errors in these methods.

Bronevetsky, G; de Supinski, B

2007-12-15T23:59:59.000Z

404

Vulnerability Analysis of Energy Delivery Control Systems - 2011 |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Vulnerability Analysis of Energy Delivery Control Systems - 2011 Vulnerability Analysis of Energy Delivery Control Systems - 2011 Vulnerability Analysis of Energy Delivery Control Systems - 2011 Cybersecurity for energy delivery systems has emerged as one of the Nation's most serious grid modernization and infrastructure protection issues. Cyber adversaries are becoming increasingly targeted, sophisticated, and better financed. The energy sector must research, develop and deploy new cybersecurity capabilities faster than the adversary can launch new attack tools and techniques. The goal of the U.S. Department of Energy Office of Electricity Delivery and Energy Reliability (DOE/OE) National Supervisory Control and Data Acquisition (SCADA) Test Bed (NSTB) program is to enhance the reliability and resiliency of the Nation's energy infrastructure by reducing the risk

405

AFTER A Framework for electrical power sysTems vulnerability  

Open Energy Info (EERE)

vulnerability vulnerability identification, dEfense and Restoration (Smart Grid Project) (United Kingdom) Jump to: navigation, search Project Name AFTER A Framework for electrical power sysTems vulnerability identification, dEfense and Restoration Country United Kingdom Coordinates 55.378052°, -3.435973° Loading map... {"minzoom":false,"mappingservice":"googlemaps3","type":"ROADMAP","zoom":14,"types":["ROADMAP","SATELLITE","HYBRID","TERRAIN"],"geoservice":"google","maxzoom":false,"width":"600px","height":"350px","centre":false,"title":"","label":"","icon":"","visitedicon":"","lines":[],"polygons":[],"circles":[],"rectangles":[],"copycoords":false,"static":false,"wmsoverlay":"","layers":[],"controls":["pan","zoom","type","scale","streetview"],"zoomstyle":"DEFAULT","typestyle":"DEFAULT","autoinfowindows":false,"kml":[],"gkml":[],"fusiontables":[],"resizable":false,"tilt":0,"kmlrezoom":false,"poi":true,"imageoverlays":[],"markercluster":false,"searchmarkers":"","locations":[{"text":"","title":"","link":null,"lat":55.378052,"lon":-3.435973,"alt":0,"address":"","icon":"","group":"","inlineLabel":"","visitedicon":""}]}

406

Locating Climate Insecurity: Where Are the Most Vulnerable Places in  

Open Energy Info (EERE)

Locating Climate Insecurity: Where Are the Most Vulnerable Places in Locating Climate Insecurity: Where Are the Most Vulnerable Places in Africa? Jump to: navigation, search Tool Summary LAUNCH TOOL Name: Locating Climate Insecurity: Where Are the Most Vulnerable Places in Africa? Agency/Company /Organization: The Robert Strauss Center Topics: Co-benefits assessment, Background analysis Resource Type: Publications Website: ccaps.strausscenter.org/system/research_items/pdfs/19/original.pdf?128 UN Region: "Sub-Saharan Africa" is not in the list of possible values (Eastern Africa, Middle Africa, Northern Africa, Southern Africa, Western Africa, Caribbean, Central America, South America, Northern America, Central Asia, Eastern Asia, Southern Asia, South-Eastern Asia, Western Asia, Eastern Europe, Northern Europe, Southern Europe, Western Europe, Australia and New Zealand, Melanesia, Micronesia, Polynesia, Latin America and the Caribbean) for this property.

407

The Journal of Physical Security - Vulnerability Assessment Team - Argonne  

NLE Websites -- All DOE Office Websites (Extended Search)

Current Projects > The Journal of Physical Current Projects > The Journal of Physical Security VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms

408

T-657: Drupal Prepopulate - Multiple vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Drupal Prepopulate - Multiple vulnerabilities 7: Drupal Prepopulate - Multiple vulnerabilities T-657: Drupal Prepopulate - Multiple vulnerabilities June 29, 2011 - 3:34pm Addthis PROBLEM: Prepopulate module enables pre-populating forms in Drupal using the $_REQUEST vairable. PLATFORM: Prepopulate module for Drupal 6.x versions prior to 6.x-2.2 ABSTRACT: The module does not adequately validate user input leading to an cross-site scripting (XSS) possibility in certain circumstances. reference LINKS: Advisory ID: DRUPAL-SA-CONTRIB-2011-023 Prepopulate module Prepopulate 6.x-2.2 Update IMPACT ASSESSMENT: High Discussion: The Prepopulate module enables pre-populating forms in Drupal using the $_REQUEST vairable. The module does not adequately validate user input leading to an cross-site scripting (XSS) possibility in certain circumstances. Users privileged to

409

U-042: Mac RealPlayer Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Mac RealPlayer Multiple Vulnerabilities 2: Mac RealPlayer Multiple Vulnerabilities U-042: Mac RealPlayer Multiple Vulnerabilities November 21, 2011 - 9:15am Addthis PROBLEM: Mac RealPlayer Multiple Vulnerabilities. PLATFORM: Versions 12.0.0.1701 and prior. ABSTRACT: Multiple vulnerabilities have been reported in Mac RealPlayer, which can be exploited by malicious people to compromise a user's system. reference LINKS: Secunia Advisory: SA46963 Secunia Vulnerability Report: Mac RealPlayer 12.x Secunia Advisory: SA46954 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a user's system. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in the versions 14.0.7 and prior.

410

U-042: Mac RealPlayer Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

42: Mac RealPlayer Multiple Vulnerabilities 42: Mac RealPlayer Multiple Vulnerabilities U-042: Mac RealPlayer Multiple Vulnerabilities November 21, 2011 - 9:15am Addthis PROBLEM: Mac RealPlayer Multiple Vulnerabilities. PLATFORM: Versions 12.0.0.1701 and prior. ABSTRACT: Multiple vulnerabilities have been reported in Mac RealPlayer, which can be exploited by malicious people to compromise a user's system. reference LINKS: Secunia Advisory: SA46963 Secunia Vulnerability Report: Mac RealPlayer 12.x Secunia Advisory: SA46954 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a user's system. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in the versions 14.0.7 and prior.

411

V-132: IBM Tivoli System Automation Application Manager Multiple...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3.1, 3.2, 3.2.1, and 3.2.2 ABSTRACT: Multiple security vulnerabilities exist in the IBM Java Runtime Environment component of IBM Tivoli System Automation Application Manager which...

412

VULNERABILITY OF BLUETOOTH TO IMPULSIVE NOISE IN ELECTRICITY TRANSMISSION SUBSTATIONS  

E-Print Network (OSTI)

VULNERABILITY OF BLUETOOTH TO IMPULSIVE NOISE IN ELECTRICITY TRANSMISSION SUBSTATIONS S A Bhattil environment of an Electricity transmission substation environment is modelled as a Symmetric Alpha Stable of an electricity transmission substation. I. INTRODUCTION In industrial environments, Supervisor Control and Data

Atkinson, Robert C

413

Exploiting MMS Vulnerabilities to Stealthily Exhaust Mobile Phone's Battery  

E-Print Network (OSTI)

Exploiting MMS Vulnerabilities to Stealthily Exhaust Mobile Phone's Battery Radmilo Racic' battery power up to 22 times faster and therefore could render these devices useless before the end of business hours. This attack targets a unique resource bot- tleneck in mobile devices (the battery power

California at Davis, University of

414

Exploiting MMS Vulnerabilities to Stealthily Exhaust Mobile Phone's Battery  

E-Print Network (OSTI)

Exploiting MMS Vulnerabilities to Stealthily Exhaust Mobile Phone's Battery Radmilo Racic' battery power up to 22 times faster and therefore could render these devices useless before the end of business hours. This attack targets a unique resource bot­ tleneck in mobile devices (the battery power

Chen, Hao

415

Steganographic information hiding that exploits a novel file system vulnerability  

Science Conference Proceedings (OSTI)

In this paper, we present DupeFile, a simple yet critical security vulnerability in numerous file systems. By exploiting DupeFile, adversary can store two or more files with the same name/path, with different contents, inside the same volume. ...

Avinash Srinivasan; Satish Kolli; Jie Wu

2013-08-01T23:59:59.000Z

416

An adaptive architecture of applying vulnerability analysis to IDS alerts  

Science Conference Proceedings (OSTI)

With increasing intrusions and attacks on the Internet, there is an urgent need to develop techniques for network security. Current standalone network security products, such as the firewall systems, the Intrusion Detection System (IDS), the anti-virus ... Keywords: alert, intrusion detection, network security, predicate-based evaluation, vulnerability analysis

Xuejiao Liu; Xin Zhuang; Debao Xiao

2008-07-01T23:59:59.000Z

417

Design and analysis of multi-level active queue management mechanisms for emergency traffic  

Science Conference Proceedings (OSTI)

Multiple average-multiple threshold (MAMT) active queue management (AQM) is proposed as a solution for providing available and dependable service to traffic from emergency users after disasters. MAMT is a simple but effective approach that can be applied ... Keywords: Active queue management, Emergency services, Quality of service

Manali Joshi; Ajay Mansata; Salil Talauliker; Cory Beard

2005-02-01T23:59:59.000Z

418

Texas Water Resources: Vulnerability from Contaminants  

E-Print Network (OSTI)

Numerical models of flow and transport are commonly applied for the sustainable management of water resources and for the selection of appropriate remediation techniques. However, these numerical models are not always accurate due to uncertain parameters and the disparity of scales across which observations are made, hydrological processes occur, and modeling is conducted. The modeling framework becomes further complex because hydrologic processes are coupled with chemical and biological processes. This dissertation focuses on the most widespread contaminants of surface and ground water, which are E. coli and nitrate, respectively. Therefore, this research investigates the linkages between bio-chemical and hydrologic processes for E. coli transport, explores the spatio-temporal variability of nitrate, quantifies uncertainty, and develops models for both E. coli and nitrate transport that better characterize these biogeochemical linkages. A probabilistic framework in the form of Bayesian Neural Networks (BNN) was used to estimate E. coli loads in surface streams and was compared with a conventional model LOADEST. This probabilistic framework is crucial when water quality data are scarce, and most models require a large number of mechanistic parameters to estimate E. coli concentrations. Results indicate that BNN provides better characterization of E. coli at higher loadings. Results also provide the physical, chemical, and biological factors that are critical in the estimation of E. coli concentrations in Plum Creek, Texas. To explore model parameters that control the transport of E. coli in the groundwater (GW) and surface water systems, research was conducted in Lake Granbury, Texas. Results highlight the importance of flow regimes and seasonal variability on E. coli transport. To explore the spatio-temporal variability of nitrate across the Trinity and Ogallala aquifers in Texas, an entropy-based method and a numerical study were employed. Results indicate that the overall mean nitrate-N has declined from 1940 to 2008 in the Trinity Aquifer as opposed to an increase in the Ogallala Aquifer. The numerical study results demonstrate the effect of different factors like GW pumping, flow parameters, hydrogeology of the site at multiple spatial scales. To quantify the uncertainty of nitrate transport in GW, an ensemble Kalman filter was used in combination with the MODFLOW-MT3DMS models. Results indicate that the EnKF notably improves the estimation of nitrate-N concentrations in GW. A conceptual modeling framework with deterministic physical processes and stochastic bio-chemical processes was devised to independently model E. coli and nitrate transport in the subsurface. Results indicate that model structural uncertainty provides useful insights to modeling E. coli and nitrate transport.

Dwivedi, Dipankar

2012-12-01T23:59:59.000Z

419

An assessment of fire vulnerability for aged electrical relays  

SciTech Connect

There has been some concern that, as nuclear power plants age, protective measures taken to control and minimize the impact of fire may become ineffective, or significantly less effective, and hence result in an increased fire risk. One objective of the Fire Vulnerability of Aged Electrical Components Program is to assess the effects of aging and service wear on the fire vulnerability of electrical equipment. An increased fire vulnerability of components may lead to an overall increase in fire risk to the plant. Because of their widespread use in various electrical safety systems, electromechanical relays were chosen to be the initial components for evaluation. This test program assessed the impact of operational and thermal aging on the vulnerability of these relays to fire-induced damage. Only thermal effects of a fire were examined in this test program. The impact of smoke, corrosive materials, or fire suppression effects on relay performance were not addressed in this test program. The purpose of this test program was to assess whether the fire vulnerability of electrical relays increased with aging. The sequence followed for the test program was to: identify specific relay types, develop three fire scenarios, artificially age several relays, test the unaged and aged relays in the fire exposure scenarios, and compare the results. The relays tested were Agastat GPI, General Electric (GE) HMA, HGA, and HFA. At least two relays of each type were artificially aged and at least two relays of each type were new. Relays were operationally aged by cycling the relay under rated load for 2,000 operations. These relays were then thermally aged for 60 days with their coil energized.

Vigil, R.A. [Sandia National Labs., Albuquerque, NM (United States)]|[Science and Engineering Associates, Inc., Albuquerque, NM (United States); Nowlen, S.P. [Sandia National Labs., Albuquerque, NM (United States)

1995-03-01T23:59:59.000Z

420

Oscillatory thermal instability - the Bhopal disaster and liquid bombs  

E-Print Network (OSTI)

Thermal runaway reactions were involved in the Bhopal disaster of 1984, in which methyl isocyanate was vented from a storage tank of the liquid, and occur in liquid peroxide explosions, yet to date there have been few investigations into the mechanism of thermal runaway in such liquid thermoreactive systems. Consequently protocols for storing thermally unstable liquids and deactivating liquid bombs may be suboptimal. In this work the hydrolysis of methyl isocyanate and the thermal decomposition of triacetone triperoxide were simulated using a gradientless, continuous-flow reactor paradigm. This approximation enabled stability analyses on the steady state solutions of the dynamical mass and enthalpy equations. The results indicate that thermal runaway in both systems is due to the onset of a large amplitude, hard thermal oscillation initiated at a subcritical Hopf bifurcation. This type of thermal misbehaviour cannot be predicted using classical ignition theory, and may be typical of liquid thermoreactive syst...

Ball, Rowena

2011-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


421

T-629: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

29: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities 29: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities T-629: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities May 24, 2011 - 3:35pm Addthis PROBLEM: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities. PLATFORM: Avaya versions prior to 3.8.5 (confirmed in 3.8.2) ABSTRACT: Vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user. refrence LINKS: Avaya Security Advisory: ASA-2011-143 Secunia Advisory: SA44062 Securelist ID: SA44062 Vulnerability Report: Avaya WinPDM 3.x IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities in Avaya WinPDM, which can be exploited by malicious people to compromise a vulnerable system. 1) A boundary error in the Unite Host Router service (UniteHostRouter.exe)

422

Matching information security vulnerabilities to organizational security profiles: a genetic algorithm approach  

Science Conference Proceedings (OSTI)

Organizations are making substantial investments in information security to reduce the risk presented by vulnerabilities in their information technology (IT) infrastructure. However, each security technology only addresses specific vulnerabilities and ... Keywords: Genetic algorithms, Information security

Mukul Gupta; Jackie Rees; Alok Chaturvedi; Jie Chi

2006-03-01T23:59:59.000Z

423

Matching information security vulnerabilities to organizational security profiles: a genetic algorithm approach  

Science Conference Proceedings (OSTI)

Organizations are making substantial investments in information security to reduce the risk presented by vulnerabilities in their information technology (IT) infrastructure. However, each security technology only addresses specific vulnerabilities and ... Keywords: genetic algorithms, information security

Mukul Gupta; Jackie Rees; Alok Chaturvedi; Jie Chi

2006-03-01T23:59:59.000Z

424

T-629: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities 9: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities T-629: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities May 24, 2011 - 3:35pm Addthis PROBLEM: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities. PLATFORM: Avaya versions prior to 3.8.5 (confirmed in 3.8.2) ABSTRACT: Vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user. refrence LINKS: Avaya Security Advisory: ASA-2011-143 Secunia Advisory: SA44062 Securelist ID: SA44062 Vulnerability Report: Avaya WinPDM 3.x IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities in Avaya WinPDM, which can be exploited by malicious people to compromise a vulnerable system. 1) A boundary error in the Unite Host Router service (UniteHostRouter.exe)

425

U-234: Oracle MySQL User Login Security Bypass Vulnerability | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

234: Oracle MySQL User Login Security Bypass Vulnerability 234: Oracle MySQL User Login Security Bypass Vulnerability U-234: Oracle MySQL User Login Security Bypass Vulnerability August 14, 2012 - 7:00am Addthis PROBLEM: Oracle MySQL User Login Security Bypass Vulnerability PLATFORM: Version(s): prior to 5.1.63 and 5.5.25 are vulnerable. ABSTRACT: Oracle MySQL is prone to a security bypass vulnerability Attackers can exploit this issue to bypass certain security restrictions. REFERENCE LINKS: http://www.securityfocus.com/bid/53911/discuss CVE-2012-2122 IMPACT ASSESSMENT: Medium Discussion: Security researchers have released details about a vulnerability in the MySQL server that could allow potential attackers to access MySQL databases without inputting proper authentication credentials.The vulnerability is identified as CVE-2012-2122 and was addressed in MySQL 5.1.63 and 5.5.25 in

426

U-158: HP NonStop Server Java Multiple Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: HP NonStop Server Java Multiple Vulnerabilities 8: HP NonStop Server Java Multiple Vulnerabilities U-158: HP NonStop Server Java Multiple Vulnerabilities April 30, 2012 - 7:00am Addthis PROBLEM: HP NonStop Server Java Multiple Vulnerabilities PLATFORM: HP NonStop Server 6.x ABSTRACT: Multiple vulnerabilities have been reported in HP NonStop Server Reference links: Secunia Advisory SA48977 CVE-2011-3547 CVE-2011-3551 CVE-2011-3553 IMPACT ASSESSMENT: High Discussion: HP has acknowledged multiple vulnerabilities in HP NonStop Server, which can be exploited by malicious users to disclose sensitive information and by malicious people to disclose sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. Impact: Successful exploitation of this vulnerability may allow remote manipulation

427

U-196: Cisco AnyConnect VPN Client Two Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Cisco AnyConnect VPN Client Two Vulnerabilities 6: Cisco AnyConnect VPN Client Two Vulnerabilities U-196: Cisco AnyConnect VPN Client Two Vulnerabilities June 21, 2012 - 7:00am Addthis PROBLEM: Two vulnerabilities have been reported in Cisco AnyConnect VPN Client, which can be exploited by malicious people to compromise a user's system. PLATFORM: Cisco AnyConnect VPN Client 2.x Cisco AnyConnect VPN Client 3.x ABSTRACT: The Cisco AnyConnect Secure Mobility Client is affected by the following vulnerabilities: Cisco AnyConnect Secure Mobility Client VPN Downloader Arbitrary Code Execution Vulnerability Cisco AnyConnect Secure Mobility Client VPN Downloader Software Downgrade Vulnerability Cisco AnyConnect Secure Mobility Client and Cisco Secure Desktop HostScan Downloader Software Downgrade Vulnerability Cisco AnyConnect Secure Mobility Client 64-bit Java VPN Downloader

428

T-532: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution  

Energy.gov (U.S. Department of Energy (DOE))

Microsoft is investigating new public reports of a vulnerability in the Windows Graphics Rendering Engine. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the logged-on user.

429

Enhanced homeland security and disaster emergency operations based on biometrics and RFID  

Science Conference Proceedings (OSTI)

Methods that enhance homeland security and disaster emergency operations through biometrics and Radio Frequency Identification (RFID) were studied. Biometrics can be used in visas and e-passports for border security, identity verification at airports, ...

Lidong Wang

2012-07-01T23:59:59.000Z

430

Worth of Geophysical Data in Natural-Disaster-Insurance Rate Setting  

Science Conference Proceedings (OSTI)

Insurance firms that offer natural-disaster insurance base their rates on available information. The benefits from collecting additional data and incorporating this information to improve parameter estimates of probability distributions that are ...

E. D. Attanasi; M. R. Karlinger

1982-04-01T23:59:59.000Z

431

Suggested strategies and best practices in private supply chain disaster response  

E-Print Network (OSTI)

In times of disaster, demand for goods and services in affected areas spikes. Private companies generally have contingencies in place for business continuity; however, most lack a strategic approach to join the general ...

Budhiraj, Karn

2010-01-01T23:59:59.000Z

432

Household Preparedness for Tornado Hazards: The 2011 Disaster in DeKalb County, Alabama  

Science Conference Proceedings (OSTI)

This paper contributes to existing knowledge on factors that influence adoption of hazards adjustments for tornadoes. The Protective Action Decision Model provides the theoretical basis for the study, which was conducted after the 2011 disaster in ...

Philip L. Chaney; Greg S. Weaver; Susan A. Youngblood; Kristin Pitts

2013-10-01T23:59:59.000Z

433

Strategies for an integrated US industry response to a humanitarian disaster  

E-Print Network (OSTI)

This thesis focuses on developing strategies to improve coordination between private businesses, relief agencies, and the government in order to deliver more efficient and effective disaster relief during major national ...

Lam, Sheau Kai

2007-01-01T23:59:59.000Z

434

The Dynamic Effects of Hurricanes in the US: The Role of Non-Disaster Transfer Payments  

E-Print Network (OSTI)

We know little about the dynamic economic impacts of natural disasters. I examine the effect of hurricanes on US counties’ economies 0-10 years after landfall. Overall, I find no substantial changes in county population, ...

Deryugina, Tatyana

435

Picking up the pieces : transitional shelters for disaster relief in the northern mountainous regions of Pakistan  

E-Print Network (OSTI)

This thesis seeks to tackle a complex problem - disaster housing relief - from the angle of architecture design discipline and attempts to find a logical approach to solve such a problem via an in depth examination of a ...

Lee, Weifeng Victoria

2006-01-01T23:59:59.000Z

436

Household Preparedness for Tornado Hazards: The 2011 Disaster in DeKalb County, Alabama  

Science Conference Proceedings (OSTI)

This paper contributes to existing knowledge on factors that influence adoption of hazards adjustments for tornadoes. The Protective Action Decision Model provides the theoretical basis for the study, which was conducted after the 2011 disaster in ...

Philip L. Chaney; Greg S. Weaver; Susan A. Youngblood; Kristin Pitts

437

Taming Nuclear Power. What have we learned from the Fukushima disaster?  

E-Print Network (OSTI)

We analyze the main causes and consequences of the Fukushima nuclear disaster, in comparison with the previous major accidents of Three Mile Island and Chernobyl (among a total of 30 civilian nuclear accidents).

CERN. Geneva

2011-01-01T23:59:59.000Z

438

Online Community Response to Major Disaster: A Study of Tianya Forum in the 2008 Sichuan Earthquake  

Science Conference Proceedings (OSTI)

Immediately after the 2008 Sichuan Earthquake, the netizens reacted and participated in the disaster response in many ways. This work examined a popular Chinese discussion forum during the first week after the earthquake, adopting both quantitative and ...

2009-01-01T23:59:59.000Z

439

Disaster Resiliency and Recovery: Capabilities (Fact Sheet), NREL (National Renewable Energy Laboratory)  

NLE Websites -- All DOE Office Websites (Extended Search)

a a pa b i l i t i e s Disaster Resiliency and Recovery NREL Experts Assist Before and After a Disaster The National Renewable Energy Laboratory (NREL) is the nation's leader in energy efficient and renewable energy technologies, practices, and strategies. For the last 15 years, NREL has provided expertise, tools, and innovations to private industry; federal, state, and local governments; non-profit organizations; and communities during the planning, recovery,

440

Rhode Island Disaster Recovery Business Alliance CEO and Business Needs Assessment  

Science Conference Proceedings (OSTI)

Natural and person-caused disasters are increasing in frequency and magnitude, and these disasters are taking an ever-increasing economic and personal toll. This report describes the early steps of a statewide project in Rhode Island to offset the effects of these catastrophic events. The project involves the efforts of EPRI, the Institute for Business and Home Safety (IBHS), and many other public and private organizations.

1998-12-19T23:59:59.000Z

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


441

V-218: HP Service Manager Unspecified Flaw Lets Remote Users Gain  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: HP Service Manager Unspecified Flaw Lets Remote Users Gain 8: HP Service Manager Unspecified Flaw Lets Remote Users Gain Unauthorized Access V-218: HP Service Manager Unspecified Flaw Lets Remote Users Gain Unauthorized Access August 15, 2013 - 1:30am Addthis PROBLEM: A potential security vulnerability has been identified with HP Service Manager. The vulnerability could be exploited to allow remote unauthenticated access and elevation of privilege. PLATFORM: HP Service Manager v9.31, v9.30, v9.21, v7.11, v6.2.8 ABSTRACT: The vulnerabilities are reported in versions 9.31 and prior. REFERENCE LINKS: SecurityTracker Alert ID: 1028912 CVE-2013-4808 IMPACT ASSESSMENT: High DISCUSSION: A vulnerability was reported in HP Service Manager. A remote user can gain unauthorized access on the target system. IMPACT: User access via network

442

V-218: HP Service Manager Unspecified Flaw Lets Remote Users Gain  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: HP Service Manager Unspecified Flaw Lets Remote Users Gain 8: HP Service Manager Unspecified Flaw Lets Remote Users Gain Unauthorized Access V-218: HP Service Manager Unspecified Flaw Lets Remote Users Gain Unauthorized Access August 15, 2013 - 1:30am Addthis PROBLEM: A potential security vulnerability has been identified with HP Service Manager. The vulnerability could be exploited to allow remote unauthenticated access and elevation of privilege. PLATFORM: HP Service Manager v9.31, v9.30, v9.21, v7.11, v6.2.8 ABSTRACT: The vulnerabilities are reported in versions 9.31 and prior. REFERENCE LINKS: SecurityTracker Alert ID: 1028912 CVE-2013-4808 IMPACT ASSESSMENT: High DISCUSSION: A vulnerability was reported in HP Service Manager. A remote user can gain unauthorized access on the target system. IMPACT: User access via network

443

T-562: Novell ZENworks Configuration Management novell-tftp.exe Buffer  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Novell ZENworks Configuration Management novell-tftp.exe 2: Novell ZENworks Configuration Management novell-tftp.exe Buffer Overflow T-562: Novell ZENworks Configuration Management novell-tftp.exe Buffer Overflow February 22, 2011 - 7:00am Addthis PROBLEM: Novell ZENworks Buffer Overflow in TFTPD. PLATFORM: Novell ZENworks Configuration Management 10.x, Novell ZENworks Configuration Management 11.x ABSTRACT: A vulnerability has been reported in Novell ZENworks Configuration Management, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in novell-tftp.exe when parsing requests. This can be exploited to cause a heap-based buffer overflow via a specially crafted request sent to UDP port 69. The vulnerability is reported in versions 10.3.1, 10.3.2, and 11.0.

444

Research on memory access vulnerability analysis technique in SCADA protocol implementation  

Science Conference Proceedings (OSTI)

SCADA systems play key roles in monitor and control of the critical infrastructures, the vulnerabilities existed in them may destroy the controlled critical infrastructures. This paper proposes an analysis method of memory access vulnerability in SCADA ... Keywords: SCADA protocol implementation, dynamic analysis, memory access vulnerability

Fang Lan; Wang Chunlei; He Ronghui

2010-07-01T23:59:59.000Z

445

Using semantic templates to study vulnerabilities recorded in large software repositories  

Science Conference Proceedings (OSTI)

Software repositories are rich sources of information about vulnerabilities that occur during a product's lifecycle. Although available, such information is scattered across numerous databases. Furthermore, in large software repositories, a single vulnerability ... Keywords: CVE, CWE, buffer overflow, fix patterns, ontology, semantic template, software repository, vulnerability

Yan Wu; Robin A. Gandhi; Harvey Siy

2010-05-01T23:59:59.000Z

446

Using complexity, coupling, and cohesion metrics as early indicators of vulnerabilities  

Science Conference Proceedings (OSTI)

Software security failures are common and the problem is growing. A vulnerability is a weakness in the software that, when exploited, causes a security failure. It is difficult to detect vulnerabilities until they manifest themselves as security failures ... Keywords: Cohesion, Complexity, Coupling, Software metrics, Vulnerability prediction

Istehad Chowdhury; Mohammad Zulkernine

2011-03-01T23:59:59.000Z

447

SIPC Advisory -Vulnerability in Windows Graphics Rendering Engine Could Allow Remote Code Execution -RISK: HIGH  

E-Print Network (OSTI)

SIPC Advisory - Vulnerability in Windows Graphics Rendering Engine Could Allow Remote Code/4/2011 SUBJECT: Vulnerability in Windows Graphics Rendering Engine Could Allow Remote Code Execution OVERVIEW: A new vulnerability has been discovered in Microsoft Windows Graphics Rendering Engine, which could

Holliday, Vance T.

448

Modeling Complex Control Systems to Identify Remotely Accessible Devices Vulnerable to Cyber Attack1  

E-Print Network (OSTI)

Modeling Complex Control Systems to Identify Remotely Accessible Devices Vulnerable to Cyber Attack Acquisition (SCADA) systems that allows us to calculate device vulnerability and help power substation vulnerable to cyber attack. We use graph theory to model electric power control and protection devices

Krings, Axel W.

449

T-596: 0-Day Windows Network Interception Configuration Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: 0-Day Windows Network Interception Configuration 6: 0-Day Windows Network Interception Configuration Vulnerability T-596: 0-Day Windows Network Interception Configuration Vulnerability April 6, 2011 - 5:48am Addthis PROBLEM: 0-Day exploit of IPv4 and IPv6 mechanics and how it applies to Microsoft Windows Operating systems. PLATFORM: Microsoft Operating Systems (OS) Windows Vista, Windows 7, and Windows 2008 Server ABSTRACT: The links below describe a parasitic IPv6 layered over a native IPv4 network. This attack can be used to stage potential man-in-the-middle (MITM) attacks on IPv4 traffic. Please see the "Other Links" section below, as it provides an external URL reference. reference LINKS: InfoSec Institute - SLAAC Attack Cisco Threat Comparison and Best-Practice White Paper IMPACT ASSESSMENT: High

450

Diversity Strategies to Mitigate Postulated Common Cause Failure Vulnerabilities  

Science Conference Proceedings (OSTI)

This paper describes an approach to establish effective mitigating strategies that can resolve potential common-cause failure (CCF) vulnerabilities in instrumentation and control (I&C) systems at nuclear power plants. A particular objective in the development of these strategies, which consist of combinations of diversity attributes and their associated criteria, is to address the unique characteristics of digital technology that can contribute to CCF concerns. The research approach employed to establish diversity strategies involves investigation of available documentation on diversity usage and experience from nuclear power and non-nuclear industries, capture of expert knowledge and lessons learned, determination of common practices, and assessment of the nature of CCFs and compensating diversity attributes. The resulting diversity strategies address considerations such as the effect of technology choices, the nature of CCF vulnerabilities, and the prospective impact of each diversity type. In particular, the impact of each attribute and criterion on the purpose, process, product, and performance aspects of diverse systems are considered.

Wood, Richard Thomas [ORNL

2010-01-01T23:59:59.000Z

451

T-626: Xen Multiple Buffer Overflow and Integer Overflow Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Xen Multiple Buffer Overflow and Integer Overflow 6: Xen Multiple Buffer Overflow and Integer Overflow Vulnerabilities T-626: Xen Multiple Buffer Overflow and Integer Overflow Vulnerabilities May 19, 2011 - 3:05pm Addthis PROBLEM: Xen Multiple Buffer Overflow and Integer Overflow Vulnerabilities PLATFORM: XenSource Xen 3.3.1, XenSource Xen 3.3, XenSource Xen 3.2, XenSource Xen 3.1.2, XenSource Xen 3.1.1, XenSource Xen 3.0.3, XenSource Xen 4.0, XenSource Xen 3.0, RedHat Enterprise Linux Virtualization 5 server, RedHat Enterprise Linux Desktop Multi OS 5 client ,RedHat Enterprise Linux 5 server, Red Hat Fedora 15 ,and Red Hat Enterprise Linux Desktop 5 client ABSTRACT: It was found that the xc_try_bzip2_decode() and xc_try_lzma_decode() decode routines did not correctly check for a possible buffer size overflow in the

452

AFTER A Framework for electrical power sysTems vulnerability  

Open Energy Info (EERE)

AFTER A Framework for electrical power sysTems vulnerability AFTER A Framework for electrical power sysTems vulnerability identification, dEfense and Restoration (Smart Grid Project) (Norway) Jump to: navigation, search Project Name AFTER A Framework for electrical power sysTems vulnerability identification, dEfense and Restoration Country Norway Coordinates 60.472023°, 8.468946° Loading map... {"minzoom":false,"mappingservice":"googlemaps3","type":"ROADMAP","zoom":14,"types":["ROADMAP","SATELLITE","HYBRID","TERRAIN"],"geoservice":"google","maxzoom":false,"width":"600px","height":"350px","centre":false,"title":"","label":"","icon":"","visitedicon":"","lines":[],"polygons":[],"circles":[],"rectangles":[],"copycoords":false,"static":false,"wmsoverlay":"","layers":[],"controls":["pan","zoom","type","scale","streetview"],"zoomstyle":"DEFAULT","typestyle":"DEFAULT","autoinfowindows":false,"kml":[],"gkml":[],"fusiontables":[],"resizable":false,"tilt":0,"kmlrezoom":false,"poi":true,"imageoverlays":[],"markercluster":false,"searchmarkers":"","locations":[{"text":"","title":"","link":null,"lat":60.472023,"lon":8.468946,"alt":0,"address":"","icon":"","group":"","inlineLabel":"","visitedicon":""}]}

453

International Disaster Medical Sciences Fellowship: Model Curriculum and Key Considerations for Establishment of an Innovative International Educational Program  

E-Print Network (OSTI)

Sciences Fellowship: Model Curriculum and Key Considerationsand a model core curriculum based on current evidence-basedand a model core curriculum. The same Disaster Medical

Koenig, Kristi L; Bey, Tareg; Schultz, Carl H

2009-01-01T23:59:59.000Z

454

Social Vulnerability to Climate-Sensitive Hazards in the Southern United States  

Science Conference Proceedings (OSTI)

The southern United States is no stranger to hazard and disaster events. Intense hurricanes, drought, flooding, and other climate-sensitive hazards are commonplace and have outnumbered similar events in other areas of the United States annually in ...

Christopher T. Emrich; Susan L. Cutter

2011-07-01T23:59:59.000Z

455

T-716: Google SketchUp v8.x - '.DAE' File Memory Corruption Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Google SketchUp v8.x - '.DAE' File Memory Corruption 6: Google SketchUp v8.x - '.DAE' File Memory Corruption Vulnerability T-716: Google SketchUp v8.x - '.DAE' File Memory Corruption Vulnerability September 14, 2011 - 9:28am Addthis PROBLEM: Attackers may exploit this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. PLATFORM: Google SketchUp 8 is vulnerable; other versions may also be affected. ABSTRACT: Google SketchUp v8.x - '.DAE' File Memory Corruption Vulnerability reference LINKS: Vulnerability-Lab SketchUp Downloads IMPACT ASSESSMENT: Medium Discussion: A Memory Corruption vulnerability is detected on the Google s SketchUp v8.x. The vulnerability is caused by an memory corruption when processing corrupt DAE files through the filter, which could be exploited by attackers

456

V-070: Apache CouchDB Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Apache CouchDB Multiple Vulnerabilities 0: Apache CouchDB Multiple Vulnerabilities V-070: Apache CouchDB Multiple Vulnerabilities January 16, 2013 - 1:00am Addthis PROBLEM: Apache CouchDB Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 1.0.4, 1.1.2, and 1.2.1. ABSTRACT: Multiple vulnerabilities have been reported in Apache CouchDB REFERENCE LINKS: Secunia Advisory SA51765 Seclists.org/fulldisclosure/2013/Jan/80 Seclists.org/fulldisclosure/2013/Jan/81 Seclists.org/fulldisclosure/2013/Jan/82 CVE-2012-5641 CVE-2012-5649 CVE-2012-5650 IMPACT ASSESSMENT: Medium DISCUSSION: Multiple vulnerabilities have been reported in Apache CouchDB, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information. 1) Input passed via the query parameters to browser-based test suite is not

457

V-197: Adobe ColdFusion 10 WebSockets Security Bypass Vulnerability |  

NLE Websites -- All DOE Office Websites (Extended Search)

7: Adobe ColdFusion 10 WebSockets Security Bypass Vulnerability 7: Adobe ColdFusion 10 WebSockets Security Bypass Vulnerability V-197: Adobe ColdFusion 10 WebSockets Security Bypass Vulnerability July 11, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in Adobe ColdFusion PLATFORM: The vulnerability is reported in version 10 for Windows, Macintosh, and Linux ABSTRACT: The vulnerability is caused due to an unspecified error and can be exploited to invoke public methods on ColdFusion Components (CFC) using WebSockets REFERENCE LINKS: Secunia Advisory SA54024 Adobe Security Bulletin APSB13-19 Stackoverflow.com CVE-2013-3350 IMPACT ASSESSMENT: High DISCUSSION: The hotfix resolves a vulnerability that could permit an attacker to invoke public methods on ColdFusion Components (CFC) using WebSockets IMPACT: Security Bypass

458

T-543: Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities 3: Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities T-543: Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities January 26, 2011 - 7:35am Addthis PROBLEM: Wireshark is prone to multiple denial-of-service and buffer-overflow vulnerabilities. PLATFORM: Wireshark 0.8.20 through 1.2.8. ABSTRACT: Wireshark is prone to multiple denial-of-service and buffer-overflow vulnerabilities. Exploiting these issues may allow attackers to crash the application and deny service to legitimate users. Attackers may also execute arbitrary code in the context of vulnerable users running the application. reference LINKS: Securityfocus IMPACT ASSESSMENT: Medium Discussion: Wireshark is prone to multiple denial-of-service and buffer-overflow vulnerabilities.Exploiting these issues may allow attackers to crash the

459

U-218: Cisco Linksys WMB54G TFTP Command Injection Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

18: Cisco Linksys WMB54G TFTP Command Injection Vulnerability 18: Cisco Linksys WMB54G TFTP Command Injection Vulnerability U-218: Cisco Linksys WMB54G TFTP Command Injection Vulnerability July 23, 2012 - 6:49am Addthis PROBLEM: Cisco Linksys WMB54G TFTP Command Injection Vulnerability PLATFORM: Cisco Linksys WMB54G 1.x ABSTRACT: System access from local network reference LINKS: Bugtraq ID: 54615 Original Advisory Secunia Advisory SA49868 Cisco Advisory ID: cisco-sa-20111019-cs IMPACT ASSESSMENT: Medium Discussion: A vulnerability in Cisco Linksys WMB54G was reported, which can be exploited by malicious people to compromise a vulnerable device. The vulnerability is caused due to missing input validation in the TFTP service when running the firmware update functionality and can be exploited to inject and execute arbitrary shell commands. Additionally, it may be

460

U-099: MySQL Unspecified Code Execution Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

099: MySQL Unspecified Code Execution Vulnerability 099: MySQL Unspecified Code Execution Vulnerability U-099: MySQL Unspecified Code Execution Vulnerability February 9, 2012 - 7:00am Addthis PROBLEM: A vulnerability has been reported in MySQL, which can be exploited by malicious people to compromise a vulnerable system. PLATFORM: MySQL 5.x ABSTRACT: Successful exploitation allows execution of arbitrary code. Reference LINKS: Secunia Advisory SA47894 No CVE references currently available. IMPACT ASSESSMENT: Medium Discussion: The vulnerability is reported in version 5.5.20. Other versions may also be affected. The exploit has been tested with mysql-5.5.20-debian6.0-i686.deb on Debian 6.0. Impact: System access from local network Solution: An effective workaround cannot currently be provided due to limited vulnerability details.

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


461

V-114: RealPlayer MP4 Processing Buffer Overflow Vulnerability | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

14: RealPlayer MP4 Processing Buffer Overflow Vulnerability 14: RealPlayer MP4 Processing Buffer Overflow Vulnerability V-114: RealPlayer MP4 Processing Buffer Overflow Vulnerability March 19, 2013 - 12:01am Addthis PROBLEM: RealPlayer MP4 Processing Buffer Overflow Vulnerability PLATFORM: Versions prior to 16.0.1.18. ABSTRACT: A vulnerability has been reported in RealPlayer REFERENCE LINKS: RealNetworks, Inc Secunia Advisory SA52692 CVE-2013-1750 IMPACT ASSESSMENT: High DISCUSSION: The vulnerability is caused due to an error when processing MP4 files and can be exploited to cause a heap-based buffer overflow via a specially crafted MP4 file. IMPACT: Successful exploitation may allow execution of arbitrary code. SOLUTION: Update to version 16.0.1.18. Addthis Related Articles U-042: Mac RealPlayer Multiple Vulnerabilities V-228: RealPlayer Buffer Overflow and Memory Corruption Error Let Remote

462

Resilience: An Indicator of Recovery Capability in Intermodal Freight Transport  

Science Conference Proceedings (OSTI)

In this paper, an indicator of network resilience is defined that quantifies the ability of an intermodal freight transport network to recover from disruptions due to natural or human-caused disaster. The indicator considers the network's inherent ability ... Keywords: disaster management, flexibility, intermodal freight transport, reliability, resilience, vulnerability

Lichun Chen; Elise Miller-Hooks

2012-02-01T23:59:59.000Z

463

Water vulnerabilities for existing coal-fired power plants.  

SciTech Connect

This report was funded by the U.S. Department of Energy's (DOE's) National Energy Technology Laboratory (NETL) Existing Plants Research Program, which has an energy-water research effort that focuses on water use at power plants. This study complements the Existing Plants Research Program's overall research effort by evaluating water issues that could impact power plants. Water consumption by all users in the United States over the 2005-2030 time period is projected to increase by about 7% (from about 108 billion gallons per day [bgd] to about 115 bgd) (Elcock 2010). By contrast, water consumption by coal-fired power plants over this period is projected to increase by about 21% (from about 2.4 to about 2.9 bgd) (NETL 2009b). The high projected demand for water by power plants, which is expected to increase even further as carbon-capture equipment is installed, combined with decreasing freshwater supplies in many areas, suggests that certain coal-fired plants may be particularly vulnerable to potential water demand-supply conflicts. If not addressed, these conflicts could limit power generation and lead to power disruptions or increased consumer costs. The identification of existing coal-fired plants that are vulnerable to water demand and supply concerns, along with an analysis of information about their cooling systems and related characteristics, provides information to help focus future research and development (R&D) efforts to help ensure that coal-fired generation demands are met in a cost-effective manner that supports sustainable water use. This study identified coal-fired power plants that are considered vulnerable to water demand and supply issues by using a geographical information system (GIS) that facilitated the analysis of plant-specific data for more than 500 plants in the NETL's Coal Power Plant Database (CPPDB) (NETL 2007a) simultaneously with 18 indicators of water demand and supply. Two types of demand indicators were evaluated. The first type consisted of geographical areas where specific conditions can generate demand vulnerabilities. These conditions include high projected future water consumption by thermoelectric power plants, high projected future water consumption by all users, high rates of water withdrawal per square mile (mi{sup 2}), high projected population increases, and areas projected to be in a water crisis or conflict by 2025. The second type of demand indicator was plant specific. These indicators were developed for each plant and include annual water consumption and withdrawal rates and intensities, net annual power generation, and carbon dioxide (CO{sub 2}) emissions. The supply indictors, which are also area based, include areas with low precipitation, high temperatures, low streamflow, and drought. The indicator data, which were in various formats (e.g., maps, tables, raw numbers) were converted to a GIS format and stored, along with the individual plant data from the CPPDB, in a single GIS database. The GIS database allowed the indicator data and plant data to be analyzed and visualized in any combination. To determine the extent to which a plant would be considered 'vulnerable' to a given demand or supply concern (i.e., that the plant's operations could be affected by water shortages represented by a potential demand or supply indicator), criteria were developed to categorize vulnerability according to one of three types: major, moderate, or not vulnerable. Plants with at least two major demand indicator values and/or at least four moderate demand indicator values were considered vulnerable to demand concerns. By using this approach, 144 plants were identified as being subject to demand concerns only. Plants with at least one major supply indicator value and/or at least two moderate supply indicator values were considered vulnerable to supply concerns. By using this approach, 64 plants were identified as being subject to supply concerns only. In addition, 139 plants were identified as subject to both demand and supply concerns. Therefore, a total of 347 plants were considere

Elcock, D.; Kuiper, J.; Environmental Science Division

2010-08-19T23:59:59.000Z

464

V-221: WordPress A Forms Plugin Cross-Site Request Forgery and Form Field Script Insertion Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE))

This vulnerability can be exploited to conduct cross-site request forgery and script insertion attacks

465

Review: Interpretive review of conceptual frameworks and research models that inform Australia's agricultural vulnerability to climate change  

Science Conference Proceedings (OSTI)

Agriculture in Australia is highly vulnerable to climate change. Understanding the sector's vulnerability is critical to developing immediate policy for the future of the agricultural industries and their communities. This review aims to identify research ... Keywords: Biophysical models, Contextual vulnerability, Outcome vulnerability

Leonie J. Pearson; Rohan Nelsonc; Steve Crimp; Jenny Langridge

2011-02-01T23:59:59.000Z

466

August 9, 2006 20:56 PEC TFJD757-10-188416 A COMPARATIVE ANALYSIS OF TWO EXTERNAL HEALTH CARE DISASTER  

E-Print Network (OSTI)

DISASTER RESPONSES FOLLOWING HURRICANE KATRINA Michael G. Millin, MPH, Jennifer L. Jenkins, MD, MS, Thomas of Critical Event Prepared- ness and Response, Baltimore, MD (MGM, TK); and NJ-1 Disaster Medical Assistance;August 9, 2006 20:56 PEC TFJD757-10-188416 A COMPARATIVE ANALYSIS OF TWO EXTERNAL HEALTH CARE DISASTER

Scharfstein, Daniel

467

Hierarchical Disaster Image Classification for Situation Report Enhancement Yimin Yang, Hsin-Yu Ha, Fausto Fleites, Shu-Ching Chen, Steven Luis  

E-Print Network (OSTI)

response situations. The HDIC framework classifies images into different disaster categories and subHierarchical Disaster Image Classification for Situation Report Enhancement Yimin Yang, Hsin-Yu Ha In this paper, a hierarchical disaster image classification (HDIC) framework based on multi-source data fusion

Chen, Shu-Ching

468

Connected Giving: Ordinary People Coordinating Disaster Relief on the Internet Cristen Torrey, Moira Burke, Matthew Lee, Anind Dey, Susan Fussell, Sara Kiesler  

E-Print Network (OSTI)

in need of assistance [1]. The magnitude of the disaster overwhelmed institutions normally responsible boards, blogs, and personal websites--to coordinate a massive grassroots response to the disaster. OurConnected Giving: Ordinary People Coordinating Disaster Relief on the Internet Cristen Torrey

Fussell, Susan R.

469

Insulation Saves Energy and Money at Home...and HOA from Disaster |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Insulation Saves Energy and Money at Home...and HOA from Disaster Insulation Saves Energy and Money at Home...and HOA from Disaster Insulation Saves Energy and Money at Home...and HOA from Disaster December 29, 2009 - 7:30am Addthis Chris Stewart Senior Communicator at DOE's National Renewable Energy Laboratory Earlier this month, just one day after Denver's first cold snap of the season, I woke up and saw a new text message from my downstairs neighbor. She was writing to let me know no one in our small, six-unit condo building had water. Immediately I feared the worst: The pipes froze overnight and burst, damaging the building and causing thousands of dollars in repair work. After throwing on some warm clothes, I surveyed the basement and outside where the water enters our building. No burst was visible. Relieved, we called a plumber, who for a hefty service fee was able to come

470

Rebuilding After Disaster: Going Green from the Ground Up | Open Energy  

Open Energy Info (EERE)

After Disaster: Going Green from the Ground Up After Disaster: Going Green from the Ground Up Jump to: navigation, search Name Rebuilding After Disaster: Going Green from the Ground Up Agency/Company /Organization National Renewable Energy Laboratory Focus Area Buildings, Economic Development, Energy Efficiency, People and Policy, Transportation, Water Conservation, Renewable Energy, Biomass, Geothermal, Ground Source Heat Pumps, Solar, - Solar Hot Water, - Solar Pv, Biomass - Waste To Energy, Wind Phase Bring the Right People Together, Create a Vision, Determine Baseline, Evaluate Options, Develop Goals, Prepare a Plan, Get Feedback, Develop Finance and Implement Projects, Create Early Successes Resource Type Case studies/examples Availability Publicly available--Free Publication Date 10/1/2009

471

Seismic Vulnerability and Performance Level of confined brick walls  

Science Conference Proceedings (OSTI)

There has been an increase on the interest of Engineers and designers to use designing methods based on displacement and behavior (designing based on performance) Regarding to the importance of resisting structure design against dynamic loads such as earthquake, and inability to design according to prediction of nonlinear behavior element caused by nonlinear properties of constructional material.Economically speaking, easy carrying out and accessibility of masonry material have caused an enormous increase in masonry structures in villages, towns and cities. On the other hand, there is a necessity to study behavior and Seismic Vulnerability in these kinds of structures since Iran is located on the earthquake belt of Alpide.Different reasons such as environmental, economic, social, cultural and accessible constructional material have caused different kinds of constructional structures.In this study, some tied walls have been modeled with software and with relevant accelerator suitable with geology conditions under dynamic analysis to research on the Seismic Vulnerability and performance level of confined brick walls. Results from this analysis seem to be satisfactory after comparison of them with the values in Code ATC40, FEMA and standard 2800 of Iran.

Ghalehnovi, M.; Rahdar, H. A. [University of Sistan and Baluchestan, Zahedan (Iran, Islamic Republic of)

2008-07-08T23:59:59.000Z

472

EO 11988: Floodplain Management  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

88 88 Floodplain Management Source: The provisions of Executive Order 11988 of May 24, 1977, appear at 42 FR 26951, unless otherwise noted. By virtue of the authority vested in me by the Constitution and statutes of the United States of America, and as President of the United States of America, in furtherance of the National Environmental Policy Act of 1969, as amended (42 U.S.C. 4321 et seq.), the National Flood Insurance Act of 1968, as amended (42 U.S.C. 4001 et seq.), and the Flood Disaster Protection Act of 1973 (Public Law 93-234, 87 Stat. 975), in order to avoid to the extent possible the long and short term adverse impacts associated with the occupancy and modification of floodplains and to avoid direct or indirect support of floodplain development wherever there is a practicable

473

U-020: McAfee Web Gateway Web Access Cross Site Scripting Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: McAfee Web Gateway Web Access Cross Site Scripting 0: McAfee Web Gateway Web Access Cross Site Scripting Vulnerability U-020: McAfee Web Gateway Web Access Cross Site Scripting Vulnerability October 26, 2011 - 9:00am Addthis PROBLEM: McAfee Web Gateway Web Access Cross Site Scripting Vulnerability. PLATFORM: The vulnerability is reported in versions prior to 7.1.5.2. ABSTRACT: Cross-Site Scripting vulnerabilities allow a third party to manipulate the content or behavior of a web application in a user's browser, without compromising the underlying system. Attackers can exploit this issue by enticing an unsuspecting user to follow a malicious URI. reference LINKS: McAfee Web Gateway Release Notes Bugtraq ID: 50341 Secunia Advisory: SA46570 IMPACT ASSESSMENT: Medium Discussion: A vulnerability has been reported in McAfee Web Gateway, which can be

474

V-213: PuTTY SSH Handshake Integer Overflow Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: PuTTY SSH Handshake Integer Overflow Vulnerabilities 3: PuTTY SSH Handshake Integer Overflow Vulnerabilities V-213: PuTTY SSH Handshake Integer Overflow Vulnerabilities August 7, 2013 - 6:00am Addthis PROBLEM: SEARCH-LAB has reported some vulnerabilities in PuTTY PLATFORM: PuTTY 0.x ABSTRACT: The vulnerabilities can be exploited by malicious people to potentially compromise a user's system. REFERENCE LINKS: Secunia Advisory SA54354 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3520 CVE-2013-4206 CVE-2013-4207 CVE-2013-4208 CVE-2013-4852 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerabilities are caused due to some integer overflow errors when handling the SSH handshake and can be exploited to cause heap-based buffer overflows via a negative handshake message length. IMPACT: Successful exploitation of may allow execution of arbitrary code

475

U-098: ISC BIND Deleted Domain Name Resolving Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

098: ISC BIND Deleted Domain Name Resolving Vulnerability 098: ISC BIND Deleted Domain Name Resolving Vulnerability U-098: ISC BIND Deleted Domain Name Resolving Vulnerability February 8, 2012 - 7:00am Addthis PROBLEM: A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to bypass certain security restrictions. PLATFORM: ISC BIND 9.2.x ISC BIND 9.3.x ISC BIND 9.4.x ISC BIND 9.5.x ISC BIND 9.6.x ISC BIND 9.7.x ISC BIND 9.8.x ABSTRACT: The vulnerability is caused due to an error within the cache update policy. reference LINKS: Original Advisory Secunia Advisory SA47884 CVE-2012-1033 IMPACT ASSESSMENT: High Discussion: Researchers discovered a vulnerability affecting the large majority of popular DNS implementations which allows a malicious domain name to stay resolvable long after it has been removed from the upper level servers. The

476

V-005: ModSecurity Multipart Message Parsing Security Bypass Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: ModSecurity Multipart Message Parsing Security Bypass 5: ModSecurity Multipart Message Parsing Security Bypass Vulnerability V-005: ModSecurity Multipart Message Parsing Security Bypass Vulnerability October 18, 2012 - 6:00am Addthis PROBLEM: ModSecurity Multipart Message Parsing Security Bypass Vulnerability PLATFORM: Modsecurity Versions prior to 2.70 ABSTRACT: SEC Consult has reported a vulnerability in ModSecurity, which can be exploited by malicious people to bypass certain security restrictions REFERENCE LINKS: SEC Consult Secunia Advisory SA49853 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to an error when parsing multipart requests and can be exploited to bypass certain filtering rules. IMPACT: Remote Security Bypass SOLUTION: Update to version 2.70. Addthis Related Articles V-017: Apache Tomcat Security Bypass and Denial of Service Vulnerabilities

477

U-272: IBM WebSphere Commerce User Information Disclosure Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: IBM WebSphere Commerce User Information Disclosure 2: IBM WebSphere Commerce User Information Disclosure Vulnerability U-272: IBM WebSphere Commerce User Information Disclosure Vulnerability October 2, 2012 - 6:00am Addthis PROBLEM: IBM WebSphere Commerce User Information Disclosure Vulnerability PLATFORM: WebSphere Commerce Versions 6.0.0.0 to 6.0.0.11 WebSphere Commerce Versions 7.0.0.0 to 7.0.0.6 ABSTRACT: A vulnerability in WebSphere Commerce could allow disclosure of user personal data. reference LINKS: IBM Security Bulletin 1612484 X-Force Vulnerability Database (78867) Secunia Advisory SA50821 CVE-2012-4830 IMPACT ASSESSMENT: Medium Discussion: A remote unauthenticated attacker could exploit a security vulnerability in WebSphere Commerce to expose user personal data. The attack can be performed manually and the effort required is comparatively low.

478

U-065: Microsoft Windows win32k.sys Memory Corruption Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Microsoft Windows win32k.sys Memory Corruption Vulnerability 5: Microsoft Windows win32k.sys Memory Corruption Vulnerability U-065: Microsoft Windows win32k.sys Memory Corruption Vulnerability December 20, 2011 - 9:45am Addthis PROBLEM: Microsoft Windows win32k.sys Memory Corruption Vulnerability. PLATFORM: Operating System Microsoft Windows 7 ABSTRACT: Successful exploitation may allow execution of arbitrary code with kernel-mode privileges. reference LINKS: Secunia Advisory SA47237 MS11-087:Article ID: 2639417 IMPACT ASSESSMENT: High Discussion: A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory via e.g. a specially crafted web page

479

V-082: Novell GroupWise Client Two Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Novell GroupWise Client Two Vulnerabilities 2: Novell GroupWise Client Two Vulnerabilities V-082: Novell GroupWise Client Two Vulnerabilities February 1, 2013 - 6:00am Addthis PROBLEM: Two vulnerabilities have been reported in Novell GroupWise Client PLATFORM: Novell GroupWise 2012 Novell GroupWise Client 2012 Novell GroupWise Client 8.x Novell GroupWise Server 8.x ABSTRACT: Two vulnerabilities have been reported in Novell GroupWise Client which can be exploited by malicious people to compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52031 CVE-2012-0439 CVE-2013-0804 Novell KB 7011687 Novell KB 7011688 IMPACT ASSESSMENT: High DISCUSSION: The GroupWise Client for Windows is vulnerable to an ActiveX Control exploit where by enticing a target user to open a malicious file or visit a malicious page, a remote attacker could execute arbitrary code on

480

U-276: VMware vCenter Operations Cross-Site Scripting Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

76: VMware vCenter Operations Cross-Site Scripting Vulnerability 76: VMware vCenter Operations Cross-Site Scripting Vulnerability U-276: VMware vCenter Operations Cross-Site Scripting Vulnerability October 8, 2012 - 7:00am Addthis PROBLEM: VMware vCenter Operations Cross-Site Scripting Vulnerability PLATFORM: VMware vCenter Operations 1.x ABSTRACT: A vulnerability has been reported in VMware vCenter Operations, which can be exploited by malicious people to conduct cross-site scripting attacks. reference LINKS: Original Advisory Secunia Advisory SA50795 CVE-2012-5050 IMPACT ASSESSMENT: Medium Discussion: Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Impact: A vulnerability in VMware vCenter Operations, which can be exploited to

Note: This page contains sample records for the topic "disaster management vulnerability" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


481

T-655: Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability 5: Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability T-655: Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability June 27, 2011 - 4:31pm Addthis PROBLEM: Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability PLATFORM: Mozilla Firefox ABSTRACT: Mozilla Firefox is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. reference LINKS: Securityfocus Mozilla Firefox Homepage MFSA 2011-27: XSS encoding hazard with inline SVG IMPACT ASSESSMENT: High Discussion: Mozilla Firefox is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to

482

U-228: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities 8: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities U-228: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities August 6, 2012 - 7:00am Addthis PROBLEM: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities PLATFORM: Adobe Flash Player versions included with BlackBerry PlayBook tablet software versions 2.0.1.358 and earlier. ABSTRACT: Vulnerabilities in Adobe Flash Player version included with the BlackBerry PlayBook tablet software reference LINKS: BlackBerry Article ID: KB31675 Secunia Advisory SA50164 CVE-2012-0752 CVE-2012-0753 CVE-2012-0754 CVE-2012-0755 CVE-2012-0756 CVE-2012-0767 CVE-2012-0768 CVE-2012-0769 CVE-2012-0773 CVE-2012-0779 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in BlackBerry Tablet OS, which

483

T-594: IBM solidDB Password Hash Authentication Bypass Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

94: IBM solidDB Password Hash Authentication Bypass 94: IBM solidDB Password Hash Authentication Bypass Vulnerability T-594: IBM solidDB Password Hash Authentication Bypass Vulnerability April 4, 2011 - 6:08am Addthis PROBLEM: A vulnerability has been reported in IBM solidDB, which can be exploited by malicious people to bypass certain security restrictions. PLATFORM: IBM solidDB 4.x - IBM solidDB 6.x ABSTRACT: This vulnerability could allow remote attackers to execute arbitrary code on vulnerable installations of IBM solidDB. Authentication is not required to exploit this vulnerability. REFERENCE LINKS: IBM Security Alert Secunia Advisory: SA44030 ZDI Advisory: ZDI-11-115 IBM solidDB Support IMPACT ASSESSMENT: Medium Discussion: The specific flaw exists within the solid.exe process which listens by default on TCP ports 1315, 1964 and 2315. The authentication protocol

484

V-086: IntegraXor ActiveX Control Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: IntegraXor ActiveX Control Buffer Overflow Vulnerability 6: IntegraXor ActiveX Control Buffer Overflow Vulnerability V-086: IntegraXor ActiveX Control Buffer Overflow Vulnerability February 7, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in IntegraXor PLATFORM: Integraxor Versions prior to 4.x ABSTRACT: The vulnerability is caused due to an error in the PE3DO32A.ocx ActiveX control and can be exploited to cause a buffer overflow. REFERENCE LINKS: Secunia Advisory SA52073 CVE-2012-4700 US-CERT Advisory IMPACT ASSESSMENT: High DISCUSSION: Successfully exploiting this vulnerability could lead to a DoS for the application or could allow an attacker to execute arbitrary code. IMPACT: Successful exploitation may allow execution of arbitrary code. SOLUTION: Update to version 4.00 build 4280.0 Addthis Related Articles

485

U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability January 23, 2012 - 9:00am Addthis PROBLEM: Linux Kernel "/proc//mem" Privilege Escalation Vulnerability. PLATFORM: Linux Kernel 2.6.x ABSTRACT: A vulnerability has been discovered in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges reference LINKS: Linux Kernel Update CVE-2012-0056 Red Hat Bugzilla Bug 782642 IMPACT ASSESSMENT: Medium Discussion: The vulnerability is caused due to the kernel not properly restricting access to "/proc//mem" file, which can be exploited to gain escalated privileges by e.g. writing into the memory of a privileged process.

486

V-185: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing 5: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing Vulnerability V-185: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing Vulnerability June 25, 2013 - 12:41am Addthis PROBLEM: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing Vulnerability PLATFORM: Apache OpenOffice SDK 3.x ABSTRACT: Apache has acknowledged a vulnerability in Apache OpenOffice SDK REFERENCE LINKS: Apache OpenOffice Secunia Advisory SA53963 Secunia Advisory SA53846 CVE-2013-1571 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to a UDK 3.2.7 Java API Reference JavaDoc file having been generated using a vulnerable version of Oracle Java. IMPACT: Apache can be exploited by malicious people to conduct spoofing attacks. SOLUTION: The vendor has issued a fix. Addthis Related Articles

487

U-224: ISC DHCP Multiple Denial of Service Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: ISC DHCP Multiple Denial of Service Vulnerabilities 4: ISC DHCP Multiple Denial of Service Vulnerabilities U-224: ISC DHCP Multiple Denial of Service Vulnerabilities July 31, 2012 - 7:00am Addthis PROBLEM: ISC DHCP Multiple Denial of Service Vulnerabilities PLATFORM: ISC DHCP before versions DHCP 4.1-ESV-R6 or DHCP 4.2.4-P1 ABSTRACT: ISC DHCP is prone to multiple denial-of-service vulnerabilities. reference LINKS: BIND and DHCP Security Updates Released Bugtraq ID: 54665 Secunia Advisory SA50018 CVE-2012-3571 CVE-2012-3570 CVE-2012-3954 IMPACT ASSESSMENT: Medium Discussion: Multiple vulnerabilities have been reported in ISC DHCP, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error when handling client identifiers can be exploited to trigger an endless loop and prevent the server from processing further client requests

488

V-211: IBM iNotes Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

211: IBM iNotes Multiple Vulnerabilities 211: IBM iNotes Multiple Vulnerabilities V-211: IBM iNotes Multiple Vulnerabilities August 5, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in IBM Lotus iNotes PLATFORM: IBM iNotes 9.x ABSTRACT: IBM iNotes has two cross-site scripting vulnerabilities and an ActiveX Integer overflow vulnerability REFERENCE LINKS: Secunia Advisory SA54436 IBM Security Bulletin 1645503 CVE-2013-3027 CVE-2013-3032 CVE-2013-3990 IMPACT ASSESSMENT: High DISCUSSION: 1) Certain input related to MIME mail is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) An integer overflow error within the DWA9W ActiveX control can be exploited to execute arbitrary code.

489

U-229: HP Network Node Manager i Input Validation Flaw Permits...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Network Node Manager I (NNMi) v8.x, v9.0x, v9.1x, v9.20 for HP-UX, Linux, Solaris, and Windows ABSTRACT: Potential security vulnerabilities have been identified with HP Network...

490

Energy Sector Vulnerability to Climate Change: Adaptation Options to Increase Resilience (Presentation)  

SciTech Connect

The U.S. Department of Energy is conducting an assessment of vulnerabilities of the U.S. energy sector to climate change and extreme weather. Emphasizing peer reviewed research, it seeks to quantify vulnerabilities and identify specific knowledge or technology gaps. It draws upon a July 2012 workshop, ?Climate Change and Extreme Weather Vulnerability Assessment of the US Energy Sector?, hosted by the Atlantic Council and sponsored by DOE to solicit industry input.

Newmark, R. L.; Bilello, D.; Macknick, J.; Hallet, K. C.; Anderson, R.; Tidwell, V.; Zamuda, C.

2013-02-01T23:59:59.000Z

491

Coordinating, integrating, and synchronizing disaster response : use of an emergency response synchronization matrix in emergency planning, exercises, and operations.  

SciTech Connect

The Chemical Stockpile Emergency Preparedness (CSEP) Program is a wide-ranging activity in support of a national initiative involving the U.S. Army Chemical Materiel Command (CMA), the Federal Emergency Management Agency (FEMA), 9 states, and 37 counties. Established in 1988, the CSEP Program enhances emergency planning for the unlikely event of a release of hazardous chemical weapons agent from one of the Army's chemical weapons storage installations currently storing chemical weapons. These obsolete weapons are scheduled to be destroyed; meanwhile, however, they pose a threat to installation workers and residents of the surrounding communities. Argonne's CSEP Program includes a variety of components that serve the needs of multiple program participants. Among the major activities are: (1) Development of the Emergency Planning Synchronization Matrix to facilitate integration of multi-jurisdictional emergency plans: (a) Coordinating, Integrating, and Synchronizing Disaster Response: Use of an Emergency Response Synchronization Matrix in Emergency Planning, Exercises, and Operations. A graphical depiction of the entire emergency response process via a synchronization matrix is an effective management tool for optimizing the design, exercise, and real-life implementation of emergency plans. This system-based approach to emergency planning depicts how a community organizes its response tasks across space and time. It gives responders the opportunity to make real-time adjustments to maximizing the often limited resources in protecting area residents. An effective response to any natural or technological hazard must involve the entire community and must not be limited by individual jurisdictions and organizations acting on their own without coordination, integration, and synchronization. An emergency response to an accidental release of chemical warfare agents from one of this nation's eight chemical weapons stockpile sites, like any other disaster response, is complex. It requires the rapid coordination, integration, and synchronization of multiple levels of governmental and nongovernmental organizations from numerous jurisdictions, each with varying response capabilities, into a unified community response. The community response actions occur in an area extending from an on-site storage location to points 25 or more miles away. Actions are directed and controlled by responding local governments and agencies situated within the response area, as well as by state and federal operations centers quite removed from the area of impact. Time is critical and the protection action decision-making process is greatly compressed. To ensure an effective response with minimal confusion, given the potential catastrophic nature of such releases, the response community must carefully synchronize response operations.

Hewett, P. L., Jr.; Mitrani, J. E.; Metz, W. C.; Vercellone, J. J.; Decision and Information Sciences

2001-11-01T23:59:59.000Z

492

NIST SP 800-51 Revision 1, Guide to Using Vulnerability ...  

Science Conference Proceedings (OSTI)

... A vulnerability naming scheme is a systematic method for creating and maintaining a standardized dictionary of common names for a set of ...

2012-02-06T23:59:59.000Z

493

Integrating scientific modeling and supporting dynamic hazard management with a GeoAgent-based representation of human-environment interactions: A drought example in Central Pennsylvania, USA  

Science Conference Proceedings (OSTI)

Recent natural disasters indicate that modern technologies for environmental monitoring, modeling, and forecasting are not well integrated with cross-level social responses in many hazard-management systems. This research addresses this problem through ... Keywords: Decision support, Drought, GeoAgent, Geographic information systems (GIS), Hazard management, Knowledge representation, Modeling

Chaoqing Yu; Alan M. MacEachren; Donna J. Peuquet; Brent Yarnal

2009-12-01T23:59:59.000Z

494

Plutonium working group report on environmental, safety and health vulnerabilities associated with the Department`s plutonium storage. Volume 2, Appendix A: Process and protocol  

SciTech Connect

This appendix contains documentation prepared by the Plutonium ES and H Vulnerability Working Group for conducting the Plutonium ES and H Vulnerability Assessment and training the assessment teams. It has the following five parts. (1) The Project Plan describes the genesis of the project, sets forth the goals, objectives and scope, provides definitions, the projected schedule, and elements of protocol. (2) The Assessment Plan provides a detailed methodology necessary to guide the many professionals who have been recruited to conduct the DOE-wide assessment. It provides guidance on which types and forms of plutonium are to be considered within the scope of the assessment, and lays out the assessment methodology to be used. (3) The memorandum from the Project to Operations Office Managers provides the protocol and direction for participation in the assessment by external stakeholders and members of the public; and the guidance for the physical inspection of plutonium materials in storage. (4) The memorandum from the Project to the assessment teams provides guidance for vulnerability screening criteria, vulnerability evaluation and prioritization process, and vulnerability quantification for prioritization. (5) The Team Training manual was used at the training session held in Colorado Springs on April 19--21, 1994 for all members of the Working Group Assessment Teams and for the leaders of the Site Assessment Teams. The goal was to provide the same training to all of the individuals who would be conducting the assessments, and thereby provide consistency in the conduct of the assessments and uniformity in reporting of the results. The training manual in Section A.5 includes supplemental material provided to the attendees after the meeting.

NONE

1994-09-01T23:59:59.000Z

495

AFTER A Framework for electrical power sysTems vulnerability  

Open Energy Info (EERE)

Czech Czech Republic) Jump to: navigation, search Project Name AFTER A Framework for electrical power sysTems vulnerability identification, dEfense and Restoration Country Czech Republic Coordinates 49.817493°, 15.472962° Loading map... {"minzoom":false,"mappingservice":"googlemaps3","type":"ROADMAP","zoom":14,"types":["ROADMAP","SATELLITE","HYBRID","TERRAIN"],"geoservice":"google","maxzoom":false,"width":"600px","height":"350px","centre":false,"title":"","label":"","icon":"","visitedicon":"","lines":[],"polygons":[],"circles":[],"rectangles":[],"copycoords":false,"static":false,"wmsoverlay":"","layers":[],"controls":["pan","zoom","type","scale","streetview"],"zoomstyle":"DEFAULT","typestyle":"DEFAULT","autoinfowindows":false,"kml":[],"gkml":[],"fusiontables":[],"resizable":false,"tilt":0,"kmlrezoom":false,"poi":true,"imageoverlays":[],"markercluster":false,"searchmarkers":"","locations":[{"text":"","title":"","link":null,"lat":49.817493,"lon":15.472962,"alt":0,"address":"","icon":"","group":"","inlineLabel":"","visitedicon":""}]}