National Library of Energy BETA

Sample records for file upload vulnerability

  1. U-199: Drupal Drag & Drop Gallery Module Arbitrary File Upload Vulnerability

    Office of Energy Efficiency and Renewable Energy (EERE)

    The vulnerability is caused due to the sites/all/modules/dragdrop_gallery/upload.php script improperly validating uploaded files, which can be exploited to execute arbitrary PHP code by uploading a PHP file with e.g. an appended ".gif" file extension.

  2. V-033: ownCloud Cross-Site Scripting and File Upload Vulnerabilities |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy 3: ownCloud Cross-Site Scripting and File Upload Vulnerabilities V-033: ownCloud Cross-Site Scripting and File Upload Vulnerabilities November 26, 2012 - 2:00am Addthis PROBLEM: ownCloud Cross-Site Scripting and File Upload Vulnerabilities PLATFORM: ownCloud 4.5.2, 4.5.1, 4.0.9 ABSTRACT: Multiple vulnerabilities have been reported in ownCloud REFERENCE LINKS: ownCloud Server Advisories Secunia Advisory SA51357 IMPACT ASSESSMENT: Medium DISCUSSION: 1) Input passed via the

  3. V-177: VMware vCenter Chargeback Manager File Upload Handling Vulnerability

    Broader source: Energy.gov [DOE]

    The vCenter Chargeback Manager contains a critical vulnerability that allows for remote code execution

  4. Help:Uploading Files | Open Energy Information

    Open Energy Info (EERE)

    Uploading Files Jump to: navigation, search Click on the upload file link at the bottom of the page (NOTE: you must be logged in to have this option). Uploading tutorial.JPG Click...

  5. File FTP Document Upload Website | Open Energy Information

    Open Energy Info (EERE)

    Not Provided DOI Not Provided Check for DOI availability: http:crossref.org Online Internet link for File FTP Document Upload Website Citation Vermont Agency of Natural...

  6. V-151: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Let Remote Users Conduct Cross-Site Scripting Attacks | Department of Energy 51: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and Let Remote Users Conduct Cross-Site Scripting Attacks V-151: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and Let Remote Users Conduct Cross-Site Scripting Attacks May 8, 2013 - 12:06am Addthis PROBLEM: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and Let Remote Users Conduct Cross-Site Scripting Attacks

  7. T-647: PHP File Upload Bug May Let Remote Users Overwrite Files on the Target System

    Office of Energy Efficiency and Renewable Energy (EERE)

    PHP is prone to a security-bypass vulnerability.Successful exploits will allow an attacker to delete files from the root directory, which may aid in further attacks. PHP 5.3.6 is vulnerable; other versions may also be affected.

  8. FTP Document Upload Website | Open Energy Information

    Open Energy Info (EERE)

    FTP Document Upload Website Abstract The Drinking Water and Groundwater Protection Division's (DWGPD) File Transfer Protocol (FTP) document upload website. The DWGPD is a division...

  9. NERSC FTP Upload Service

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    NERSC FTP Upload Service The NERSC FTP Upload service is designed for external collaborators to be able to send data to NERSC staff and users. It allows you to create a...

  10. T-607: Update: Adobe Acrobat, Reader, and Flash Player SWF File Processing Arbitrary Code Execution Vulnerability

    Office of Energy Efficiency and Renewable Energy (EERE)

    Update: Adobe Acrobat, Reader, and Flash Player SWF File Processing Arbitrary Code Execution Vulnerability.

  11. V-151: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload...

    Energy Savers [EERE]

    Users Upload Files and Let Remote Users Conduct Cross-Site Scripting Attacks V-151: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and Let Remote Users ...

  12. U-114: IBM Personal Communications WS File Processing Buffer Overflow Vulnerability

    Office of Energy Efficiency and Renewable Energy (EERE)

    A vulnerability in WorkStation files (.ws) by IBM Personal Communications could allow a remote attacker to cause a denial of service (application crash) or potentially execute arbitrary code on vulnerable installations of IBM Personal Communications.

  13. U-173: Symantec Web Gateway Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    Several vulnerabilities were reported in Symantec Web Gateway. A remote user can include and execute arbitrary code on the target system. A remote user can conduct cross-site scripting attacks. A remote user can view/delete/upload files on the target system.

  14. PARS II 104 Contractor Monthly Upload | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    104 Contractor Monthly Upload PARS II 104 Contractor Monthly Upload PDF icon PARS II 104 Contractor Monthly Upload More Documents & Publications PARS II TRAINING PARS II Training ...

  15. California GAMA Special Study:Archival Data Conversion & Upload

    SciTech Connect (OSTI)

    Visser, A.; Eppich, G.; Bibby, R.; Singleton, M.; Hillegonds, D.; Moran, J.; Esser, B.

    2014-02-18

    LLNL has uploaded over 3000 tritium analyses and over 4000 noble gas analyses to the GeoTracker GAMA database.

  16. Energy.gov File Naming Conventions for Downloads | Department...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    File Naming Conventions for Downloads Energy.gov File Naming Conventions for Downloads When uploading files to download pages in Energy.gov's content management system (CMS), ...

  17. EISA 432 Compliance Tracking System Data Upload Templates | Department of

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Energy EISA 432 Compliance Tracking System Data Upload Templates EISA 432 Compliance Tracking System Data Upload Templates These generic Excel templates are available for federal contractors and service providers to provide federal clients with reports in the format agencies are required to use. Providing data in these templates will make it easy for agencies to upload your data into the EISA 432 Compliance Tracking System. Data may be batch imported by the federal agencies into the EISA 432

  18. T-656: Microsoft Office Visio DXF File Handling Arbitrary Code Execution Vulnerability

    Office of Energy Efficiency and Renewable Energy (EERE)

    Microsoft Office Visio contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.

  19. T-569: Adobe Flash SWF File Processing Memory Corruption Remote Code Execution Vulnerability

    Office of Energy Efficiency and Renewable Energy (EERE)

    Critical vulnerabilities have been identified in Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.

  20. Tips & Tricks for Uploading Images with Research Highlights

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    for Uploading Images with Research Highlights Images: (optional) Only images in JPEG, BMP, GIF, or PNG can be accepted up to 10 Mb. The image caption is limited to 500 characters. ...

  1. GPFA-AB_Phase1RiskAnalysisTask5DataUpload

    SciTech Connect (OSTI)

    Teresa E. Jordan

    2015-09-30

    This submission contains information used to compute the risk factors for the GPFA-AB project (DE-EE0006726). The risk factors are natural reservoir quality, thermal resource quality, potential for induced seismicity, and utilization. The methods used to combine the risk factors included taking the product, sum, and minimum of the four risk factors. The files are divided into images, rasters, shapefiles, and supporting information. The image files show what the raster and shapefiles should look like. The raster files contain the input risk factors, calculation of the scaled risk factors, and calculation of the combined risk factors. The shapefiles include definition of the fairways, definition of the US Census Places, the center of the raster cells, and locations of industries. Supporting information contains details of the calculations or processing used in generating the files. An image of the raster will have the same name except *.png as the file ending instead of *.tif. Images with “fairways” or “industries” added to the name are composed of a raster with the relevant shapefile added. The file About_GPFA-AB_Phase1RiskAnalysisTask5DataUpload.pdf contains information the citation, special use considerations, authorship, etc. More details on each file are given in the spreadsheet “list_of_contents.csv” in the folder “SupportingInfo”. Code used to calculate values is available at https://github.com/calvinwhealton/geothermal_pfa under the folder “combining_metrics”.

  2. GPFA-AB_Phase1RiskAnalysisTask5DataUpload

    DOE Data Explorer [Office of Scientific and Technical Information (OSTI)]

    Teresa E. Jordan

    2015-09-30

    This submission contains information used to compute the risk factors for the GPFA-AB project (DE-EE0006726). The risk factors are natural reservoir quality, thermal resource quality, potential for induced seismicity, and utilization. The methods used to combine the risk factors included taking the product, sum, and minimum of the four risk factors. The files are divided into images, rasters, shapefiles, and supporting information. The image files show what the raster and shapefiles should look like. The raster files contain the input risk factors, calculation of the scaled risk factors, and calculation of the combined risk factors. The shapefiles include definition of the fairways, definition of the US Census Places, the center of the raster cells, and locations of industries. Supporting information contains details of the calculations or processing used in generating the files. An image of the raster will have the same name except *.png as the file ending instead of *.tif. Images with fairways or industries added to the name are composed of a raster with the relevant shapefile added. The file About_GPFA-AB_Phase1RiskAnalysisTask5DataUpload.pdf contains information the citation, special use considerations, authorship, etc. More details on each file are given in the spreadsheet list_of_contents.csv in the folder SupportingInfo. Code used to calculate values is available at https://github.com/calvinwhealton/geothermal_pfa under the folder combining_metrics.

  3. V-177: VMware vCenter Chargeback Manager File Upload Handling...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Apache modproxymodrewrite Bug Lets Remote Users Access Internal Servers U-047: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code...

  4. FILE

    Office of Legacy Management (LM)

    c&o--L>+/ co.o-09 ~~Epq-J+~~jDU" 1 . [o( / 5-/-- 1, "I ' -i, [ . - -. j s: FILE :3r.jNER is} -------.- pas',: Current: -----__---_---__-------- ----____-_________________ Cwner ccntacted 0 yes 0 nag i+ yet,? date czntacted ----___--I__- Ty-;Pfz ,' F iTiC~CC2~j 1 iljbj AA-r-ti--=' ="L---- /8;' ; z.eseaf-ch & sevei apment EJ F' raducticx scale tssting rJ Pilot si-jle 0 ' jench Scale Fracess 0 Theoretical Studies 0 Samp:! e & haivsis 0 Fz-citity Tvpe 0 Manui artur i ng

  5. T-622: Adobe Acrobat and Reader Unspecified Memory Corruption Vulnerability

    Broader source: Energy.gov [DOE]

    The vulnerability is due to an unspecified error in the affected software when it processes .pdf files. An unauthenticated, remote attacker could exploit this vulnerability by convincing a user to view a malicious .pdf file. When viewed, the file could trigger a memory corruption error that could allow the attacker to execute arbitrary code on the system with the privileges of the user.

  6. T-557: Microsoft Office Excel Office Art Object Parsing Remote Code Execution Vulnerability

    Broader source: Energy.gov [DOE]

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

  7. GPFA-AB_Phase1UtilizationTask4DataUpload

    SciTech Connect (OSTI)

    Teresa E. Jordan

    2015-09-30

    This submission of Utilization Analysis data to the Geothermal Data Repository (GDR) node of the National Geothermal Data System (NGDS) is in support of Phase 1 Low Temperature Geothermal Play Fairway Analysis for the Appalachian Basin (project DE-EE0006726). The submission includes data pertinent to the methods and results of an analysis of the Surface Levelized Cost of Heat (SLCOH) for US Census Bureau ‘Places’ within the study area. This was calculated using a modification of a program called GEOPHIRES, available at http://koenraadbeckers.net/geophires/index.php. The MATLAB modules used in conjunction with GEOPHIRES, the MATLAB data input file, the GEOPHIRES output data file, and an explanation of the software components have been provided. Results of the SLCOH analysis appear on 4 .png image files as mapped ‘risk’ of heat utilization. For each of the 4 image (.png) files, there is an accompanying georeferenced TIF (.tif) file by the same name. In addition to calculating SLCOH, this Task 4 also identified many sites that may be prospects for use of a geothermal district heating system, based on their size and industry, rather than on the SLCOH. An industry sorted listing of the sites (.xlsx) and a map of these sites plotted as a layer onto different iterations of maps combining the three geological risk factors (Thermal Quality, Natural Reservoir Quality, and Risk of Seismicity) has been provided. In addition to the 6 image (.png) files of the maps in this series, a shape (.shp) file and 7 associated files are included as well. Finally, supporting files (.pdf) describing the utilization analysis methodology and summarizing the anticipated permitting for a deep district heating system are supplied.

  8. GPFA-AB_Phase1UtilizationTask4DataUpload

    DOE Data Explorer [Office of Scientific and Technical Information (OSTI)]

    Teresa E. Jordan

    2015-09-30

    This submission of Utilization Analysis data to the Geothermal Data Repository (GDR) node of the National Geothermal Data System (NGDS) is in support of Phase 1 Low Temperature Geothermal Play Fairway Analysis for the Appalachian Basin (project DE-EE0006726). The submission includes data pertinent to the methods and results of an analysis of the Surface Levelized Cost of Heat (SLCOH) for US Census Bureau Places within the study area. This was calculated using a modification of a program called GEOPHIRES, available at http://koenraadbeckers.net/geophires/index.php. The MATLAB modules used in conjunction with GEOPHIRES, the MATLAB data input file, the GEOPHIRES output data file, and an explanation of the software components have been provided. Results of the SLCOH analysis appear on 4 .png image files as mapped risk of heat utilization. For each of the 4 image (.png) files, there is an accompanying georeferenced TIF (.tif) file by the same name. In addition to calculating SLCOH, this Task 4 also identified many sites that may be prospects for use of a geothermal district heating system, based on their size and industry, rather than on the SLCOH. An industry sorted listing of the sites (.xlsx) and a map of these sites plotted as a layer onto different iterations of maps combining the three geological risk factors (Thermal Quality, Natural Reservoir Quality, and Risk of Seismicity) has been provided. In addition to the 6 image (.png) files of the maps in this series, a shape (.shp) file and 7 associated files are included as well. Finally, supporting files (.pdf) describing the utilization analysis methodology and summarizing the anticipated permitting for a deep district heating system are supplied.

  9. GPFA-AB_Phase1ReservoirTask2DataUpload

    SciTech Connect (OSTI)

    Teresa E. Jordan

    2015-10-22

    This submission to the Geothermal Data Repository (GDR) node of the National Geothermal Data System (NGDS) in support of Phase 1 Low Temperature Geothermal Play Fairway Analysis for the Appalachian Basin. The files included in this zip file contain all data pertinent to the methods and results of this task’s output, which is a cohesive multi-state map of all known potential geothermal reservoirs in our region, ranked by their potential favorability. Favorability is quantified using a new metric, Reservoir Productivity Index, as explained in the Reservoirs Methodology Memo (included in zip file). Shapefile and images of the Reservoir Productivity and Reservoir Uncertainty are included as well.

  10. GPFA-AB_Phase1ReservoirTask2DataUpload

    DOE Data Explorer [Office of Scientific and Technical Information (OSTI)]

    Teresa E. Jordan

    2015-10-22

    This submission to the Geothermal Data Repository (GDR) node of the National Geothermal Data System (NGDS) in support of Phase 1 Low Temperature Geothermal Play Fairway Analysis for the Appalachian Basin. The files included in this zip file contain all data pertinent to the methods and results of this tasks output, which is a cohesive multi-state map of all known potential geothermal reservoirs in our region, ranked by their potential favorability. Favorability is quantified using a new metric, Reservoir Productivity Index, as explained in the Reservoirs Methodology Memo (included in zip file). Shapefile and images of the Reservoir Productivity and Reservoir Uncertainty are included as well.

  11. U-211: EMC Celerra/VNX/VNXe Access Control Bug Lets Remote Authenticated Users Access Files/Directories

    Office of Energy Efficiency and Renewable Energy (EERE)

    A vulnerability was reported in EMC Celerra/VNX/VNXe. A remote authenticated user can access files and directories on the target file system.

  12. V-237: TYPO3 Security Bypass Vulnerabilities | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    7: TYPO3 Security Bypass Vulnerabilities V-237: TYPO3 Security Bypass Vulnerabilities September 9, 2013 - 6:00am Addthis PROBLEM: Some vulnerabilities have been reported in TYPO3 PLATFORM: TYPO3 6.x ABSTRACT: TYPO3 comes with the possibility to restrict editors to certain file actions (copy, delete, move etc.) and to restrict these actions to be performed in certain locations REFERENCE LINKS: Secunia Advisory SA54717 Security Focus ID 62257 IMPACT ASSESSMENT: Medium DISCUSSION: 1) Some errors

  13. V-127: Samba Bug Lets Remote Authenticated Users Modify Files...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    7: Samba Bug Lets Remote Authenticated Users Modify Files V-127: Samba Bug Lets Remote Authenticated Users Modify Files April 5, 2013 - 6:00am Addthis PROBLEM: A vulnerability was...

  14. Original Signatures on File

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Signatures on File

  15. Original Signatures on File

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Original Signatures on File

  16. File Storage

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    File Storage File Storage Disk Quota Change Request Form Carver File Systems Carver has 3 kinds of file systems available to users: home directories, scratch directories and project directories, all provided by the NERSC Global File system. Each file system serves a different purpose. File System Home Scratch Project Environment Variable Definition $HOME $SCRATCH or $GSCRATCH No environment variable /project/projectdirs/ Description Global homes file system shared by all NERSC systems except

  17. File storage

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    File storage File storage Disk Quota Change Request Form Euclid File Systems Euclid has 3 kinds of file systems available to users: home directories, scratch directories and project directories, all provided by the NERSC Global File system. Each file system serves a different purpose. File System Home Scratch Project Environment Variable Definition $HOME $SCRATCH or $GSCRATCH No environment variable /project/projectdirs/ Description Global homes file system shared by all NERSC systems except

  18. Lessons about vulnerability assessments.

    SciTech Connect (OSTI)

    Johnston, R. G.

    2004-01-01

    The Vulnerability Assessment Team (VAT) at Los Alamos National Laboratory believes that physical security can only be optimized through the use of effective vulnerability assessments. As a result of conducting vulnerability assessments on hundreds of different security devices and systems in the last few years, we have identified some of the attributes of effective assessments. These, along with our recommendations and observations about vulnerability assessments, are summarized in this paper. While our work has primarily involved physical security (in contrast to, for example, computer, network, or information security), our experiences may have applicability to other types of security as well.

  19. File Systems

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    File Systems File Systems For a general description of the different file systems available on PDSF please see Eliza File Systems and Other File Systems. Below is a summary of how ATLAS uses the various systems: /common In the past ATLAS used /common primarily for their software installations but with cvmfs (see below) this is no longer necessary. ATLAS users also have made personal directories under /common/atlas. However, this is not the intended use of /common, as described on Other File

  20. Signature on File

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Signature on File Signature on File 5/29/08

  1. U-115: Novell GroupWise Client Address Book Processing Buffer Overflow Vulnerability

    Broader source: Energy.gov [DOE]

    The vulnerability is caused due to an error when processing Novell Address Book (".nab") files and can be exploited to cause a heap-based buffer overflow via an overly long email address.

  2. Facility Environmental Vulnerability Assessment

    SciTech Connect (OSTI)

    Van Hoesen, S.D.

    2001-07-09

    From mid-April through the end of June 2001, a Facility Environmental Vulnerability Assessment (FEVA) was performed at Oak Ridge National Laboratory (ORNL). The primary goal of this FEVA was to establish an environmental vulnerability baseline at ORNL that could be used to support the Laboratory planning process and place environmental vulnerabilities in perspective. The information developed during the FEVA was intended to provide the basis for management to initiate immediate, near-term, and long-term actions to respond to the identified vulnerabilities. It was expected that further evaluation of the vulnerabilities identified during the FEVA could be carried out to support a more quantitative characterization of the sources, evaluation of contaminant pathways, and definition of risks. The FEVA was modeled after the Battelle-supported response to the problems identified at the High Flux Beam Reactor at Brookhaven National Laboratory. This FEVA report satisfies Corrective Action 3A1 contained in the Corrective Action Plan in Response to Independent Review of the High Flux Isotope Reactor Tritium Leak at the Oak Ridge National Laboratory, submitted to the Department of Energy (DOE) ORNL Site Office Manager on April 16, 2001. This assessment successfully achieved its primary goal as defined by Laboratory management. The assessment team was able to develop information about sources and pathway analyses although the following factors impacted the team's ability to provide additional quantitative information: the complexity and scope of the facilities, infrastructure, and programs; the significantly degraded physical condition of the facilities and infrastructure; the large number of known environmental vulnerabilities; the scope of legacy contamination issues [not currently addressed in the Environmental Management (EM) Program]; the lack of facility process and environmental pathway analysis performed by the accountable line management or facility owner; and poor

  3. Energy vulnerability relationships

    SciTech Connect (OSTI)

    Shaw, B.R.; Boesen, J.L.

    1998-02-01

    The US consumption of crude oil resources has been a steadily growing indicator of the vitality and strength of the US economy. At the same time import diversity has also been a rapidly developing dimension of the import picture. In the early 1970`s, embargoes of crude oil from Organization of Producing and Exporting Countries (OPEC) created economic and political havoc due to a significant lack of diversity and a unique set of economic, political and domestic regulatory circumstances. The continued rise of imports has again led to concerns over the security of our crude oil resource but threats to this system must be considered in light of the diversity and current setting of imported oil. This report develops several important issues concerning vulnerability to the disruption of oil imports: (1) The Middle East is not the major supplier of oil to the United States, (2) The US is not vulnerable to having its entire import stream disrupted, (3) Even in stable countries, there exist vulnerabilities to disruption of the export stream of oil, (4) Vulnerability reduction requires a focus on international solutions, and (5) DOE program and policy development must reflect the requirements of the diverse supply. Does this increasing proportion of imported oil create a {open_quotes}dependence{close_quotes}? Does this increasing proportion of imported oil present a vulnerability to {open_quotes}price shocks{close_quotes} and the tremendous dislocations experienced during the 1970`s? Finally, what is the vulnerability of supply disruptions from the current sources of imported oil? If oil is considered to be a finite, rapidly depleting resource, then the answers to these questions must be {open_quotes}yes.{close_quotes} However, if the supply of oil is expanding, and not limited, then dependence is relative to regional supply sources.

  4. Plutonium Vulnerability Management Plan

    SciTech Connect (OSTI)

    1995-03-01

    This Plutonium Vulnerability Management Plan describes the Department of Energy`s response to the vulnerabilities identified in the Plutonium Working Group Report which are a result of the cessation of nuclear weapons production. The responses contained in this document are only part of an overall, coordinated approach designed to enable the Department to accelerate conversion of all nuclear materials, including plutonium, to forms suitable for safe, interim storage. The overall actions being taken are discussed in detail in the Department`s Implementation Plan in response to the Defense Nuclear Facilities Safety Board (DNFSB) Recommendation 94-1. This is included as Attachment B.

  5. File Systems

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    File Systems File Systems For a general description of the different file systems available on PDSF please see Eliza File Systems and Other File Systems. Below is a summary of how ALICE uses the various systems: /common ALICE uses /common to build the software that supports its grid-based automated production work. This software includes AliRoot, Geant, AliEn, and XRootD. /eliza6, /eliza8, /eliza17 ALICE has space on 3 elizas: 16TB on /eliza6, 6TB on /eliza8 and 11TB on /eliza17. The space on

  6. File Systems

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    File Systems File Systems For a general description of the different file systems available on PDSF please see Eliza File Systems and Other File Systems. Below is a summary of how STAR uses the various systems: /common The STAR software is installed on /common. For 32sl44 it is under /common/star/star44 and for sl53 it is under /common/star/star53. In both cases the software consists primarily of a STAR-specific ROOT installation on which releases of the STAR libraries are built as shown on the

  7. SCADA Vulnerability Assessments

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Vulnerability Assessments - Sandia Energy Energy Search Icon Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy Future Stationary Power Energy Conversion Efficiency Solar Energy Wind Energy Water Power Supercritical CO2 Geothermal Natural Gas Safety, Security & Resilience of the Energy Infrastructure Energy Storage Nuclear Power & Engineering Grid Modernization Battery Testing Nuclear Energy Defense Waste Management Programs Advanced

  8. FileSys.pptx

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Navigating NERSC File Systems May 3, 2011 David Turner NERSC User Services Group * Focus on user-writable file systems * Global file systems * Local file systems * Policies * ...

  9. To: File

    Office of Legacy Management (LM)

    In 1931 and 19Siz the Atomic Energy Commission He; and Safety Division participated in ... Information obtained from EPFI files indicates that the facilit continued operations ...

  10. Climate Vulnerabilities | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Climate Vulnerabilities Climate Vulnerabilities The Energy Sector's Vulnerabilities to Climatic Conditions x Impacts Due to... Increasing Temperatures Decreasing Water Availability Increasing Storms, Flooding, and Sea Level Rise See All Impacts Map locations are approximate. Find out more about this data here. Click and drag the map to read about each location

  11. T-613: Microsoft Excel Axis Properties Remote Code Execution Vulnerability

    Broader source: Energy.gov [DOE]

    Microsoft Excel is prone to a remote code-execution vulnerability because the applications fails to sufficiently validate user-supplied input. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will result in a denial-of-service condition.

  12. 1987 RECS Public Use Microdata Files

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    cvs file File 3: Type of Energy and Equipment text file cvs file File 4: Household Demographics text file cvs file File 5: Presence of Appliances text file cvs file File 6: Energy...

  13. TO: FILE

    Office of Legacy Management (LM)

    Homer Watson, Wright Paterson Air Force Base, as a starting point. AWmb ' I. .' ..x; . .:yx . . . . : File a.%-I. (d : AIR FORCE PLANT.36. EvENGALE, OilIO 'w .*:3 '. - ...

  14. File storage

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    This file system is not configured for high IO performance. Home directories should ... Furthermore, SSH will not allow you to login if HOME.ssh is writeable by anyone other ...

  15. TO: FILE

    Office of Legacy Management (LM)

    ... C . Young ,.+-' E. Mitchal file FUS,RAP WI.4,, PA.40 L.-J Iany in :ee, anda Area ' radioactive *hap 6 as a d2 EC stop for 100 employee, and )mme :nd both these Ind Milwaukee

  16. Method and tool for network vulnerability analysis

    DOE Patents [OSTI]

    Swiler, Laura Painton; Phillips, Cynthia A.

    2006-03-14

    A computer system analysis tool and method that will allow for qualitative and quantitative assessment of security attributes and vulnerabilities in systems including computer networks. The invention is based on generation of attack graphs wherein each node represents a possible attack state and each edge represents a change in state caused by a single action taken by an attacker or unwitting assistant. Edges are weighted using metrics such as attacker effort, likelihood of attack success, or time to succeed. Generation of an attack graph is accomplished by matching information about attack requirements (specified in "attack templates") to information about computer system configuration (contained in a configuration file that can be updated to reflect system changes occurring during the course of an attack) and assumed attacker capabilities (reflected in "attacker profiles"). High risk attack paths, which correspond to those considered suited to application of attack countermeasures given limited resources for applying countermeasures, are identified by finding "epsilon optimal paths."

  17. Common Control System Vulnerability

    SciTech Connect (OSTI)

    Trent Nelson

    2005-12-01

    The Control Systems Security Program and other programs within the Idaho National Laboratory have discovered a vulnerability common to control systems in all sectors that allows an attacker to penetrate most control systems, spoof the operator, and gain full control of targeted system elements. This vulnerability has been identified on several systems that have been evaluated at INL, and in each case a 100% success rate of completing the attack paths that lead to full system compromise was observed. Since these systems are employed in multiple critical infrastructure sectors, this vulnerability is deemed common to control systems in all sectors. Modern control systems architectures can be considered analogous to today's information networks, and as such are usually approached by attackers using a common attack methodology to penetrate deeper and deeper into the network. This approach often is composed of several phases, including gaining access to the control network, reconnaissance, profiling of vulnerabilities, launching attacks, escalating privilege, maintaining access, and obscuring or removing information that indicates that an intruder was on the system. With irrefutable proof that an external attack can lead to a compromise of a computing resource on the organization's business local area network (LAN), access to the control network is usually considered the first phase in the attack plan. Once the attacker gains access to the control network through direct connections and/or the business LAN, the second phase of reconnaissance begins with traffic analysis within the control domain. Thus, the communications between the workstations and the field device controllers can be monitored and evaluated, allowing an attacker to capture, analyze, and evaluate the commands sent among the control equipment. Through manipulation of the communication protocols of control systems (a process generally referred to as ''reverse engineering''), an attacker can then map out the

  18. U-117: Potential security vulnerability has been identified with...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Senders ABSTRACT: Remote attackers could execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update. reference LINKS: Vendor Advisory...

  19. Regional Climate Vulnerabilities and Resilience Solutions | Department...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Regional Climate Vulnerabilities and Resilience Solutions Regional Climate Vulnerabilities and Resilience Solutions This interactive map is not viewable in your browser. Please ...

  20. Assessing Climate Change Impacts, Vulnerability and Adaptation...

    Open Energy Info (EERE)

    Climate Change Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan Watershed Jump to: navigation, search Name Assessing Climate Change Impacts, Vulnerability...

  1. V-092: Pidgin Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities have been reported in Pidgin, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), and compromise a user's system.

  2. U-117: Potential security vulnerability has been identified with certain HP printers and HP digital senders

    Broader source: Energy.gov [DOE]

    Remote attackers could execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update.

  3. Are Vulnerability Disclosure Deadlines Justified?

    SciTech Connect (OSTI)

    Miles McQueen; Jason L. Wright; Lawrence Wellman

    2011-09-01

    Vulnerability research organizations Rapid7, Google Security team, and Zero Day Initiative recently imposed grace periods for public disclosure of vulnerabilities. The grace periods ranged from 45 to 182 days, after which disclosure might occur with or without an effective mitigation from the affected software vendor. At this time there is indirect evidence that the shorter grace periods of 45 and 60 days may not be practical. However, there is strong evidence that the recently announced Zero Day Initiative grace period of 182 days yields benefit in speeding up the patch creation process, and may be practical for many software products. Unfortunately, there is also evidence that the 182 day grace period results in more vulnerability announcements without an available patch.

  4. CEKRM. FILES

    Office of Legacy Management (LM)

    *:-I c-Y,- -.>A - L z.23 ' ,gQ+ CEKRM. FILES : -- i" ry .' ;,:;;:i ;- ' _ :;, I' -. .-,- p.." * .i' ' --yr:,? ,5 .Y' :?!, .I I >L L qgy~T.5 ,-:,,. \>,' yt r, .,-:,7 ,A : _ . . T_ 31' :;:: . .' : z ^., - -; &.' -" ' \-,-y . ..L' .:"A .:1i2*;,1 1- .,: _.,-.- 1 ,... _ . , , 2; J..i"!w , . . . .' _ \ ' d>; : r. . _ " ' . ;I 2: a : ..i. ,. 7, I . :ri cij?TL-i; 12, ;;,2;-,: ;. ." * 1. 1 .:1 : :: .' I .-=-. I. Iv-.. . . . . - i. ; i -2. ./ ..l,..- '

  5. NERSC File Systems

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    sharing between platforms. File systems are configured for different purposes. On each machine you have access to at least three different file system Home: Permanent, relatively...

  6. T-540: Sybase EAServer Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    Sybase EAServer is prone to a security-bypass vulnerability and a directory-traversal vulnerability. Attackers may exploit these issues to execute arbitrary code within the context of the application or to disclose sensitive information.

  7. V-059: MoinMoin Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities have been reported in MoinMoin, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system and by malicious people to manipulate certain data.

  8. NX Configuration File

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Configuration File NX Configuration File This is the NX configuration file that you will need to connect to NERSC NX Server: NX5Confgure.nxs.zip To use this file, please follow the Online Tutorial. Last edited: 2016-04-29 11:34:57

  9. V-131: Adobe Shockwave Player Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    This update addresses vulnerabilities that could allow an attacker to run malicious code on the affected system

  10. V-087: Adobe Flash Player Two Vulnerabilities

    Broader source: Energy.gov [DOE]

    Two vulnerabilities are reported as 0-day which can be exploited by malicious people to compromise a user's system.

  11. V-208: Google Chrome Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    Some vulnerabilities have been reported in Google Chrome which allows attackers to access and compromise a user's system.

  12. U-169: Sympa Multiple Security Bypass Vulnerabilities

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities have been reported in Sympa, which can be exploited by malicious people to bypass certain security restrictions.

  13. V-224: Google Chrome Multiple Vulnerabilities | Department of...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    4: Google Chrome Multiple Vulnerabilities V-224: Google Chrome Multiple Vulnerabilities August 22, 2013 - 1:05am Addthis PROBLEM: Multiple vulnerabilities have been reported in...

  14. V-121: Google Chrome Multiple Vulnerabilities | Department of...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1: Google Chrome Multiple Vulnerabilities V-121: Google Chrome Multiple Vulnerabilities March 28, 2013 - 12:29am Addthis PROBLEM: Google Chrome Multiple Vulnerabilities PLATFORM:...

  15. V-207: Wireshark Multiple Denial of Service Vulnerabilities ...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    7: Wireshark Multiple Denial of Service Vulnerabilities V-207: Wireshark Multiple Denial of Service Vulnerabilities July 31, 2013 - 1:59am Addthis PROBLEM: Multiple vulnerabilities...

  16. Grid Cyber Vulnerability & Assessments

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Cyber Vulnerability & Assessments - Sandia Energy Energy Search Icon Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy Future Stationary Power Energy Conversion Efficiency Solar Energy Wind Energy Water Power Supercritical CO2 Geothermal Natural Gas Safety, Security & Resilience of the Energy Infrastructure Energy Storage Nuclear Power & Engineering Grid Modernization Battery Testing Nuclear Energy Defense Waste Management Programs

  17. Cyber-Based Vulnerability Assessments

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Cyber-Based Vulnerability Assessments - Sandia Energy Energy Search Icon Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy Future Stationary Power Energy Conversion Efficiency Solar Energy Wind Energy Water Power Supercritical CO2 Geothermal Natural Gas Safety, Security & Resilience of the Energy Infrastructure Energy Storage Nuclear Power & Engineering Grid Modernization Battery Testing Nuclear Energy Defense Waste Management Programs

  18. Navigating NERSC File Systems

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Navigating NERSC File Systems May 3, 2011 David-Turner.jpg NERSC Training Event 10:00 - ... Navigating NERSC File Systems David Turner, NERSC User Services Group NERSC hosts a number ...

  19. Fast Global File Status

    Energy Science and Technology Software Center (OSTI)

    2013-01-01

    Fast Global File Status (FGFS) is a system software package that implimints a scalable mechanism to retrieve file information, such as its degree of distribution or replication and consistency.

  20. Standard interface file handbook

    SciTech Connect (OSTI)

    Shapiro, A.; Huria, H.C. )

    1992-10-01

    This handbook documents many of the standard interface file formats that have been adopted by the US Department of Energy to facilitate communications between and portability of, various large reactor physics and radiation transport software packages. The emphasis is on those files needed for use of the VENTURE/PC diffusion-depletion code system. File structures, contents and some practical advice on use of the various files are provided.

  1. Assessing the Security Vulnerabilities of Correctional Facilities

    SciTech Connect (OSTI)

    Morrison, G.S.; Spencer, D.S.

    1998-10-27

    The National Institute of Justice has tasked their Satellite Facility at Sandia National Laboratories and their Southeast Regional Technology Center in Charleston, South Carolina to devise new procedures and tools for helping correctional facilities to assess their security vulnerabilities. Thus, a team is visiting selected correctional facilities and performing vulnerability assessments. A vulnerability assessment helps to identi~ the easiest paths for inmate escape, for introduction of contraband such as drugs or weapons, for unexpected intrusion fi-om outside of the facility, and for the perpetration of violent acts on other inmates and correctional employees, In addition, the vulnerability assessment helps to quantify the security risks for the facility. From these initial assessments will come better procedures for performing vulnerability assessments in general at other correctional facilities, as well as the development of tools to assist with the performance of such vulnerability assessments.

  2. V-157: Adobe Reader / Acrobat Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system

  3. Mining Bug Databases for Unidentified Software Vulnerabilities

    SciTech Connect (OSTI)

    Dumidu Wijayasekara; Milos Manic; Jason Wright; Miles McQueen

    2012-06-01

    Identifying software vulnerabilities is becoming more important as critical and sensitive systems increasingly rely on complex software systems. It has been suggested in previous work that some bugs are only identified as vulnerabilities long after the bug has been made public. These vulnerabilities are known as hidden impact vulnerabilities. This paper discusses the feasibility and necessity to mine common publicly available bug databases for vulnerabilities that are yet to be identified. We present bug database analysis of two well known and frequently used software packages, namely Linux kernel and MySQL. It is shown that for both Linux and MySQL, a significant portion of vulnerabilities that were discovered for the time period from January 2006 to April 2011 were hidden impact vulnerabilities. It is also shown that the percentage of hidden impact vulnerabilities has increased in the last two years, for both software packages. We then propose an improved hidden impact vulnerability identification methodology based on text mining bug databases, and conclude by discussing a few potential problems faced by such a classifier.

  4. NSTB Summarizes Vulnerable Areas | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    NSTB Summarizes Vulnerable Areas Experts at the National SCADA Test Bed (NSTB) discovered ... Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems ...

  5. US Energy Sector Vulnerabilities to Climate Change

    Broader source: Energy.gov (indexed) [DOE]

    Photo credits: iStockphoto U.S. ENERGY SECTOR VULNERABILITIES TO CLIMATE CHANGE AND ... and International Affairs (DOE-PI) and the National Renewable Energy Laboratory (NREL). ...

  6. Vulnerability Analysis of Energy Delivery Control Systems

    Broader source: Energy.gov (indexed) [DOE]

    ... Attackers can search for vulnerabilities in firewalls, ... organization, measured in terms of confidentiality, ... in which an adversary can enter the system and potentially ...

  7. Proliferation Vulnerability Red Team report

    SciTech Connect (OSTI)

    Hinton, J.P.; Barnard, R.W.; Bennett, D.E.

    1996-10-01

    This report is the product of a four-month independent technical assessment of potential proliferation vulnerabilities associated with the plutonium disposition alternatives currently under review by DOE/MD. The scope of this MD-chartered/Sandia-led study was limited to technical considerations that could reduce proliferation resistance during various stages of the disposition processes below the Stored Weapon/Spent Fuel standards. Both overt and covert threats from host nation and unauthorized parties were considered. The results of this study will be integrated with complementary work by others into an overall Nonproliferation and Arms Control Assessment in support of a Secretarial Record of Decision later this year for disposition of surplus U.S. weapons plutonium.

  8. Eliza File Systems

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Eliza File Systems Eliza File Systems Storage at PDSF is organized by group and available to all the nodes in PDSF. Please note that files on these file systems are not backed up. It is the responsibility of users to back up their files themselves as necessary. Over the years at PDSF there have been incidents which resulted in a loss of data from disk, often related to aging hardware. You can display the UGE io units with the command "qconf -se global". Disk Vault Experiments SGE io

  9. U-179: IBM Java 7 Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    Vulnerabilities can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

  10. File:Bureauofreclamationfactsheet.pdf | Open Energy Information

    Open Energy Info (EERE)

    Bureauofreclamationfactsheet.pdf Jump to: navigation, search File File history File usage Metadata File:Bureauofreclamationfactsheet.pdf Size of this preview: 463 599 pixels....

  11. File:20121127144703735.pdf | Open Energy Information

    Open Energy Info (EERE)

    20121127144703735.pdf Jump to: navigation, search File File history File usage File:20121127144703735.pdf Size of this preview: 463 599 pixels. Other resolution: 464 600...

  12. File:Windyclassroom.pdf | Open Energy Information

    Open Energy Info (EERE)

    Windyclassroom.pdf Jump to: navigation, search File File history File usage Metadata File:Windyclassroom.pdf Size of this preview: 463 599 pixels. Other resolution: 464 600...

  13. File:Npsfactsheet.pdf | Open Energy Information

    Open Energy Info (EERE)

    Npsfactsheet.pdf Jump to: navigation, search File File history File usage Metadata File:Npsfactsheet.pdf Size of this preview: 463 599 pixels. Other resolution: 464 600...

  14. File:Oregonshpodocumentationstandards.pdf | Open Energy Information

    Open Energy Info (EERE)

    Oregonshpodocumentationstandards.pdf Jump to: navigation, search File File history File usage File:Oregonshpodocumentationstandards.pdf Size of this preview: 463 599 pixels....

  15. File:Noaafactsheet.pdf | Open Energy Information

    Open Energy Info (EERE)

    Noaafactsheet.pdf Jump to: navigation, search File File history File usage Metadata File:Noaafactsheet.pdf Size of this preview: 463 599 pixels. Other resolution: 464 600...

  16. File:Drillinghandbook.pdf | Open Energy Information

    Open Energy Info (EERE)

    Drillinghandbook.pdf Jump to: navigation, search File File history File usage File:Drillinghandbook.pdf Size of this preview: 463 599 pixels. Other resolution: 464 600...

  17. File:Energydatabusfacthseet.pdf | Open Energy Information

    Open Energy Info (EERE)

    Energydatabusfacthseet.pdf Jump to: navigation, search File File history File usage Metadata File:Energydatabusfacthseet.pdf Size of this preview: 463 599 pixels. Other...

  18. File:Bonnevillepowerfactsheet.pdf | Open Energy Information

    Open Energy Info (EERE)

    Bonnevillepowerfactsheet.pdf Jump to: navigation, search File File history File usage Metadata File:Bonnevillepowerfactsheet.pdf Size of this preview: 463 599 pixels. Other...

  19. Original Signature on File

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Original Signature on File Page8 of 8 M. EMERGENCY PROCEDURES 1. The owneroperator must maintain an adequately trained onsite RCRA emergency coordinator to direct emergency...

  20. Other File Systems

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    User Home Directories Your home directory is located at homelogin-name. Home directories ... Home directories are backed up as insurance against catastrophic file system failure. ...

  1. EIA-411 Data File

    Annual Energy Outlook [U.S. Energy Information Administration (EIA)]

    Form EIA-411 Database Form EIA-411 - Coordinated Bulk Power Supply Program Report Data ... except No. 7 (Transmission Outages) which will continue to be a voluntary filing. ...

  2. Determining Vulnerability Importance in Environmental Impact Assessment

    SciTech Connect (OSTI)

    Toro, Javier; Duarte, Oscar; Requena, Ignacio; Zamorano, Montserrat

    2012-01-15

    The concept of vulnerability has been used to describe the susceptibility of physical, biotic, and social systems to harm or hazard. In this sense, it is a tool that reduces the uncertainties of Environmental Impact Assessment (EIA) since it does not depend exclusively on the value assessments of the evaluator, but rather is based on the environmental state indicators of the site where the projects or activities are being carried out. The concept of vulnerability thus reduces the possibility that evaluators will subjectively interpret results, and be influenced by outside interests and pressures during projects. However, up until now, EIA has been hindered by a lack of effective methods. This research study analyzes the concept of vulnerability, defines Vulnerability Importance and proposes its inclusion in qualitative EIA methodology. The method used to quantify Vulnerability Importance is based on a set of environmental factors and indicators that provide a comprehensive overview of the environmental state. The results obtained in Colombia highlight the usefulness and objectivity of this method since there is a direct relation between this value and the environmental state of the departments analyzed. - Research Highlights: Black-Right-Pointing-Pointer The concept of vulnerability could be considered defining Vulnerability Importance included in qualitative EIA methodology. Black-Right-Pointing-Pointer The use of the concept of environmental vulnerability could reduce the subjectivity of qualitative methods of EIA. Black-Right-Pointing-Pointer A method to quantify the Vulnerability Importance proposed provides a comprehensive overview of the environmental state. Black-Right-Pointing-Pointer Results in Colombia highlight the usefulness and objectivity of this method.

  3. V-152: Cisco Unified Customer Voice Portal (CVP) Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    Various components of Cisco Unified CVP are affected. These vulnerabilities can be exploited independently; however, more than one vulnerability could be exploited on the same device.

  4. U-273: Multiple vulnerabilities have been reported in Wireshark

    Broader source: Energy.gov [DOE]

    Vulnerabilities can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

  5. Nuclear Fuel Cycle & Vulnerabilities (Technical Report) | SciTech...

    Office of Scientific and Technical Information (OSTI)

    Nuclear Fuel Cycle & Vulnerabilities Citation Details In-Document Search Title: Nuclear Fuel Cycle & Vulnerabilities The objective of safeguards is the timely detection of ...

  6. V-111: Multiple vulnerabilities have been reported in Puppet...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    vulnerable system. SOLUTION: Update to a fixed version. Addthis Related Articles V-090: Adobe Flash Player AIR Multiple Vulnerabilities V-083: Oracle Java Multiple...

  7. V-051: Oracle Solaris Java Multiple Vulnerabilities | Department...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Related Articles U-191: Oracle Java Multiple Vulnerabilities U-105:Oracle Java SE Critical Patch Update Advisory T-576: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities...

  8. Colombia-Cartagena Vulnerability Assessment | Open Energy Information

    Open Energy Info (EERE)

    Colombia-Cartagena Vulnerability Assessment Jump to: navigation, search Name Colombia-CDKN-Cartagena Vulnerability Assessment AgencyCompany Organization Climate and Development...

  9. Colombia-Cartagena Vulnerability Assessment | Open Energy Information

    Open Energy Info (EERE)

    Colombia-Cartagena Vulnerability Assessment (Redirected from CDKN-Colombia-Cartagena Vulnerability Assessment) Jump to: navigation, search Name Colombia-CDKN-Cartagena...

  10. OLADE-Central America Climate Change Vulnerability Program |...

    Open Energy Info (EERE)

    Central America Climate Change Vulnerability Program Jump to: navigation, search Name OLADE-Central America Climate Change Vulnerability Program AgencyCompany Organization Latin...

  11. India-Vulnerability Assessment and Enhancing Adaptive Capacities...

    Open Energy Info (EERE)

    Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Change Jump to: navigation, search Name India-Vulnerability Assessment and Enhancing Adaptive Capacities to...

  12. T-681:IBM Lotus Symphony Multiple Unspecified Vulnerabilities

    Broader source: Energy.gov [DOE]

    Multiple unspecified vulnerabilities in IBM Lotus Symphony 3 before FP3 have unknown impact and attack vectors, related to "critical security vulnerability issues."

  13. Potential Vulnerability of US Petroleum Refineries to Increasing...

    Energy Savers [EERE]

    Potential Vulnerability of US Petroleum Refineries to Increasing Water Temperature andor Reduced Water Availability Potential Vulnerability of US Petroleum Refineries to ...

  14. V-094: IBM Multiple Products Multiple Vulnerabilities | Department...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Multiple Vulnerabilities V-132: IBM Tivoli System Automation Application Manager Multiple Vulnerabilities V-145: IBM Tivoli Federated Identity Manager Products Java Multiple ...

  15. Nuclear Fuel Cycle & Vulnerabilities (Technical Report) | SciTech...

    Office of Scientific and Technical Information (OSTI)

    Technical Report: Nuclear Fuel Cycle & Vulnerabilities Citation Details In-Document Search Title: Nuclear Fuel Cycle & Vulnerabilities You are accessing a document from the ...

  16. U-104: Adobe Flash Player Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.

  17. V-126: Mozilla Firefox Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct spoofing and cross-site scripting attacks and compromise a user's system

  18. V-187: Mozilla Firefox Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    These vulnerabilities can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.

  19. V-097: Google Chrome Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

  20. Register file soft error recovery

    DOE Patents [OSTI]

    Fleischer, Bruce M.; Fox, Thomas W.; Wait, Charles D.; Muff, Adam J.; Watson, III, Alfred T.

    2013-10-15

    Register file soft error recovery including a system that includes a first register file and a second register file that mirrors the first register file. The system also includes an arithmetic pipeline for receiving data read from the first register file, and error detection circuitry to detect whether the data read from the first register file includes corrupted data. The system further includes error recovery circuitry to insert an error recovery instruction into the arithmetic pipeline in response to detecting the corrupted data. The inserted error recovery instruction replaces the corrupted data in the first register file with a copy of the data from the second register file.

  1. T-534: Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server

    Broader source: Energy.gov [DOE]

    BlackBerry advisory describes a security issue that the BlackBerry Attachment Service component of the BlackBerry Enterprise Server is susceptible to. The issue relates to a known vulnerability in the PDF distiller component of the BlackBerry Attachment Service that affects how the BlackBerry Attachment Service processes PDF files.

  2. File:DIAsample.pdf | Open Energy Information

    Open Energy Info (EERE)

    DIAsample.pdf Jump to: navigation, search File File history File usage File:DIAsample.pdf Size of this preview: 776 600 pixels. Full resolution (1,650 1,275 pixels, file...

  3. Justification Memo NNSA - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Diane Johnson Upload File Upload the file here JM-NNSA -8 -4.doc - 39 KB Short Name justification_memo_nnsa-1

  4. Upload Data - OpenEI Datasets

    Open Energy Info (EERE)

    open data DOE Open Data add to the catalog&3; for DOE-funded data GDR: DOE's Geothermal Data Repository Geothermal Data add a submission to DOE's &3;Geothermal Data Repository...

  5. zeller-panic2011-upload.ppt

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    in precision & search for smaller and smaller effects) 1 2 3 m 2 ATM m 2 SOL S. Zeller, PANIC, July 26, 2011 Neutrino Cross Sections 3 NOvA T2K LBNE CNGS * pursuit...

  6. zeller-aps2011-upload.ppt

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    ... is on D 2 * QE considered the "golden channel" - it's simple ... clean - know size & ... 68k Pb, 65k Fe (DIS event reconstructed in iron) M I N E R A 1 s t g l i m p s e ...

  7. zeller-sbl2011-upload.ppt

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    2011 FSI Models 41 * data in heavy use by model builders (U. Mosel) (P. dePerio) (T. Golan) * need measurements on other targets * and at higher energies (multi-) - LAr:...

  8. UTILITY Submit to BPA: Upload Template

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    achieved. (mmddyyyy) Was measure installed in a federal facility? (Dropdown box below) Utility assigned end user account or member number. Maximum length 50 characters....

  9. Construction of file database management

    SciTech Connect (OSTI)

    MERRILL,KYLE J.

    2000-03-01

    This work created a database for tracking data analysis files from multiple lab techniques and equipment stored on a central file server. Experimental details appropriate for each file type are pulled from the file header and stored in a searchable database. The database also stores specific location and self-directory structure for each data file. Queries can be run on the database according to file type, sample type or other experimental parameters. The database was constructed in Microsoft Access and Visual Basic was used for extraction of information from the file header.

  10. Filing Information | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Filing Information Filing Information The Office of Hearings and Appeals (OHA) encourages electronic filing of submissions, by e-mail or by telefax. OHA's e-mail address for filing submissions is OHA.filings@hq.doe.gov; the OHA telefax number is (202) 287-1415. Note, however, that because of signature issues, we may ask you to file a signed original of a document. We will send an acknowledgment (by letter or e-mail) upon our receipt of all principal pleadings. If you choose to file by regular

  11. MEMORANDUM TO: FILE FROM:

    Office of Legacy Management (LM)

    p' : , .; ' ' < 3.518 MEMORANDUM TO: FILE FROM: -Ye L&a ---...e---e--- DATE 6j88 7 v---s -- ---... SUBJECT: ;&l a+-b IA Tcornqm Q afib4 SITE NAME: CITY: & &&at leg co ...

  12. Unix File Permissions

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    also sometimes known as "world" permissions, and applies to all users who can login to the system. The command "ls -l" displays the permissions and associated group for any file. ...

  13. File:NREL-banglmetst-221.pdf | Open Energy Information

    Open Energy Info (EERE)

    File Edit with form History File:NREL-banglmetst-221.pdf Jump to: navigation, search File File history File usage Selected Meteorological Stations and Elevation Size of this...

  14. Chemical Safety Vulnerability Working Group Report

    SciTech Connect (OSTI)

    Not Available

    1994-09-01

    This report marks the culmination of a 4-month review conducted to identify chemical safety vulnerabilities existing at DOE facilities. This review is an integral part of DOE's efforts to raise its commitment to chemical safety to the same level as that for nuclear safety.

  15. CYBER/PHYSICAL SECURITY VULNERABILITY ASSESSMENT INTEGRATION

    SciTech Connect (OSTI)

    MacDonald, Douglas G.; Key, Brad; Clements, Samuel L.; Hutton, William J.; Craig, Philip A.; Patrick, Scott W.; Crawford, Cary E.

    2011-07-17

    This internally funded Laboratory-Directed R&D project by the Pacific Northwest National Laboratory, in conjunction with QinetiQ North America, is intended to identify and properly assess areas of overlap (and interaction) in the vulnerability assessment process between cyber security and physical protection. Existing vulnerability analysis (VA) processes and software tools exist, and these are heavily utilized in the determination of predicted vulnerability within the physical and cyber security domains. These determinations are normally performed independently of one another, and only interact on a superficial level. Both physical and cyber security subject matter experts have come to realize that though the various interactive elements exist, they are not currently quantified in most periodic security assessments. This endeavor aims to evaluate both physical and cyber VA techniques and provide a strategic approach to integrate the interdependent relationships of each into a single VA capability. This effort will also transform the existing suite of software currently utilized in the physical protection world to more accurately quantify the risk associated with a blended attack scenario. Performance databases will be created to support the characterization of the cyber security elements, and roll them into prototype software tools. This new methodology and software capability will enable analysts to better identify and assess the overall risk during a vulnerability analysis.

  16. V-083: Oracle Java Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    A Critical Patch Update is a collection of patches for multiple security vulnerabilities. The Critical Patch Update for Java SE also includes non-security fixes. Critical Patch Updates are cumulative and each advisory describes only the security fixes added since the previous Critical Patch Update and Security Alert.

  17. File:S-38-Well-Construction-and-Modification-Permit.pdf | Open...

    Open Energy Info (EERE)

    S-38-Well-Construction-and-Modification-Permit.pdf Jump to: navigation, search File File history File usage File:S-38-Well-Construction-and-Modification-Permit.pdf Size of this...

  18. T-565: Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of PrivilegeVulnerability

    Broader source: Energy.gov [DOE]

    Microsoft is releasing this security advisory to help ensure customers are aware that an update to the Microsoft Malware Protection Engine also addresses a security vulnerability reported to Microsoft.

  19. File:Mmpa.pdf | Open Energy Information

    Open Energy Info (EERE)

    Mmpa.pdf Jump to: navigation, search File File history File usage File:Mmpa.pdf Size of this preview: 463 599 pixels. Other resolution: 464 600 pixels. Go to page 1 2 3 4 5 6...

  20. File:Keystone.pdf | Open Energy Information

    Open Energy Info (EERE)

    Keystone.pdf Jump to: navigation, search File File history File usage File:Keystone.pdf Size of this preview: 463 599 pixels. Other resolution: 464 600 pixels. Go to page 1 2...

  1. File:Handbook.pdf | Open Energy Information

    Open Energy Info (EERE)

    Handbook.pdf Jump to: navigation, search File File history File usage File:Handbook.pdf Size of this preview: 463 599 pixels. Other resolution: 464 600 pixels. Go to page 1 2...

  2. File:Install.pdf | Open Energy Information

    Open Energy Info (EERE)

    Install.pdf Jump to: navigation, search File File history File usage File:Install.pdf Size of this preview: 463 599 pixels. Other resolution: 464 600 pixels. Full resolution...

  3. File:Hydrofracking.pdf | Open Energy Information

    Open Energy Info (EERE)

    Hydrofracking.pdf Jump to: navigation, search File File history File usage File:Hydrofracking.pdf Size of this preview: 463 599 pixels. Other resolution: 464 600 pixels. Go...

  4. File:Consultants.pdf | Open Energy Information

    Open Energy Info (EERE)

    Consultants.pdf Jump to: navigation, search File File history File usage File:Consultants.pdf Size of this preview: 463 599 pixels. Other resolution: 464 600 pixels. Go to...

  5. File:Installnot.pdf | Open Energy Information

    Open Energy Info (EERE)

    Installnot.pdf Jump to: navigation, search File File history File usage File:Installnot.pdf Size of this preview: 463 599 pixels. Other resolution: 464 600 pixels. Full...

  6. File:RSC.pdf | Open Energy Information

    Open Energy Info (EERE)

    RSC.pdf Jump to: navigation, search File File history File usage File:RSC.pdf Size of this preview: 463 599 pixels. Other resolution: 464 600 pixels. Go to page 1 2 3 4 5 6 7...

  7. Category:Map Files | Open Energy Information

    Open Energy Info (EERE)

    has the following 4 subcategories, out of 4 total. M Map Image Files Map PDF Files N NREL Map Files 1 pages S SWERA Map Files Media in category...

  8. File:Primer.pdf | Open Energy Information

    Open Energy Info (EERE)

    Primer.pdf Jump to: navigation, search File File history File usage File:Primer.pdf Size of this preview: 463 599 pixels. Other resolution: 464 600 pixels. Go to page 1 2 3 4...

  9. File:600.pdf | Open Energy Information

    Open Energy Info (EERE)

    600.pdf Jump to: navigation, search File File history File usage File:600.pdf Size of this preview: 463 599 pixels. Other resolution: 464 600 pixels. Go to page 1 2 3 4 5 6 7...

  10. File:SGI.pdf | Open Energy Information

    Open Energy Info (EERE)

    SGI.pdf Jump to: navigation, search File File history File usage Metadata File:SGI.pdf Size of this preview: 463 599 pixels. Other resolution: 464 600 pixels. Go to page 1 2...

  11. File:038392007).pdf | Open Energy Information

    Open Energy Info (EERE)

    8392007).pdf Jump to: navigation, search File File history File usage File:038392007).pdf Size of this preview: 463 599 pixels. Other resolution: 463 600 pixels. Go to page 1...

  12. File:Methane.pdf | Open Energy Information

    Open Energy Info (EERE)

    Methane.pdf Jump to: navigation, search File File history File usage File:Methane.pdf Size of this preview: 448 600 pixels. Go to page 1 2 3 4 5 Go next page next page ...

  13. Hopper File Storage and I/O

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    File Storage and IO File Storage and IO Disk Quota Change Request Form Hopper File Systems Hopper has 5 user file systems which provide different degrees of storage, performance...

  14. Setting up File Permissions

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Setting up File Permissions Setting up File Permissions Recommendations for Setting up "Shared" Directories This section shows the recommended commands for setting up shared directories. Please read the full page to get an understanding of what these commands are doing. These recommendations are based on the common use-case at the JGI for user/group read/write and global read access. Creating a New Shared Directory dmj@genepool04:~$ umask 002 # or have this set in .bashrc.ext

  15. Vendor System Vulnerability Testing Test Plan

    SciTech Connect (OSTI)

    James R. Davidson

    2005-01-01

    The Idaho National Laboratory (INL) prepared this generic test plan to provide clients (vendors, end users, program sponsors, etc.) with a sense of the scope and depth of vulnerability testing performed at the INL’s Supervisory Control and Data Acquisition (SCADA) Test Bed and to serve as an example of such a plan. Although this test plan specifically addresses vulnerability testing of systems applied to the energy sector (electric/power transmission and distribution and oil and gas systems), it is generic enough to be applied to control systems used in other critical infrastructures such as the transportation sector, water/waste water sector, or hazardous chemical production facilities. The SCADA Test Bed is established at the INL as a testing environment to evaluate the security vulnerabilities of SCADA systems, energy management systems (EMS), and distributed control systems. It now supports multiple programs sponsored by the U.S. Department of Energy, the U.S. Department of Homeland Security, other government agencies, and private sector clients. This particular test plan applies to testing conducted on a SCADA/EMS provided by a vendor. Before performing detailed vulnerability testing of a SCADA/EMS, an as delivered baseline examination of the system is conducted, to establish a starting point for all-subsequent testing. The series of baseline tests document factory delivered defaults, system configuration, and potential configuration changes to aid in the development of a security plan for in depth vulnerability testing. The baseline test document is provided to the System Provider,a who evaluates the baseline report and provides recommendations to the system configuration to enhance the security profile of the baseline system. Vulnerability testing is then conducted at the SCADA Test Bed, which provides an in-depth security analysis of the Vendor’s system.b a. The term System Provider replaces the name of the company/organization providing the system

  16. Look At (Search) Large Files

    Energy Science and Technology Software Center (OSTI)

    1992-07-13

    Scanning large files for information can be time consuming and expensive when using edit utilities on large mainframe computers. The reason is that editors must usually load the file into a buffer.

  17. OHA Misc Cases Archive File

    Office of Energy Efficiency and Renewable Energy (EERE)

    This is a archive file of our Misc decisions, Please download this file to your local computer and use the build in adobe search feature. Individual cases are listed in the bookmark section of the...

  18. OHA Whistleblower Cases Archive File

    Office of Energy Efficiency and Renewable Energy (EERE)

    This is a archive file of our Whistleblower decisions, Please download this file to your local computer and use the build in adobe search feature. Individual cases are listed in the bookmark...

  19. OHA Security Cases Archive File

    Office of Energy Efficiency and Renewable Energy (EERE)

    This is a archive file of our Security decisions, Please download this file to your local computer and use the build in adobe search feature. Individual cases are listed in the bookmark section of...

  20. OHA EIA CASES ARCHIVE FILE

    Office of Energy Efficiency and Renewable Energy (EERE)

    This is a archive file of our EIA decisions, Please download this file to your local computer and use the build in adobe search feature. Individual cases are listed in the bookmark section of the...

  1. OHA FOIA Cases Archive File

    Office of Energy Efficiency and Renewable Energy (EERE)

    This is a archive file of our FOIA decisions, Please download this file to your local computer and use the build in adobe search feature. Individual cases are listed in the bookmark section of the...

  2. T-731:Symantec IM Manager Code Injection Vulnerability | Department...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    T-731:Symantec IM Manager Code Injection Vulnerability T-731:Symantec IM Manager Code Injection Vulnerability September 30, 2011 - 8:30am Addthis PROBLEM: Symantec IM Manager Code...

  3. V-119: IBM Security AppScan Enterprise Multiple Vulnerabilities...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    9: IBM Security AppScan Enterprise Multiple Vulnerabilities V-119: IBM Security AppScan Enterprise Multiple Vulnerabilities March 26, 2013 - 12:56am Addthis PROBLEM: IBM Security...

  4. V-191: Apple Mac OS X Multiple Vulnerabilities | Department of...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1: Apple Mac OS X Multiple Vulnerabilities V-191: Apple Mac OS X Multiple Vulnerabilities July 3, 2013 - 6:00am Addthis PROBLEM: Apple has issued a security update for Mac OS X...

  5. U-171: DeltaV Products Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities have been reported in DeltaV products, which can be exploited by malicious people to conduct cross-site scripting attacks, SQL injection attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.

  6. File storage and I/O

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    File storage and I/O File storage and I/O Disk Quota Change Request Form Franklin File Systems The Franklin system has 4 different file systems mounted which provide different levels of disk storage, I/O performance and file permanence. The table below describes the various Franklin file systems File System Home Local Scratch Project Environment Variable Definition $HOME $SCRATCH $SCRATCH2 No environment variable /project/projectdirs/ Description Global homes file system shared with other NERSC

  7. V-074: IBM Informix Genero libpng Integer Overflow Vulnerability |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy 74: IBM Informix Genero libpng Integer Overflow Vulnerability V-074: IBM Informix Genero libpng Integer Overflow Vulnerability January 22, 2013 - 12:11am Addthis PROBLEM: IBM Informix Genero libpng Integer Overflow Vulnerability PLATFORM: IBM Informix Genero releases prior to 2.41 - all platforms ABSTRACT: A vulnerability has been reported in libpng. REFERENCE LINKS: IBM Security Bulletin: 1620982 Secunia Advisory SA51905 Secunia Advisory SA48026 CVE-2011-3026 IMPACT

  8. V-180: IBM Application Manager For Smart Business Multiple Vulnerabilities

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    | Department of Energy 0: IBM Application Manager For Smart Business Multiple Vulnerabilities V-180: IBM Application Manager For Smart Business Multiple Vulnerabilities June 18, 2013 - 12:38am Addthis PROBLEM: IBM Application Manager For Smart Business Multiple Vulnerabilities PLATFORM: IBM Application Manager For Smart Business 1.x ABSTRACT: A security issue and multiple vulnerabilities have been reported in IBM Application Manager For Smart Business REFERENCE LINKS: Security Bulletin

  9. U-122 Google Chrome Two Code Execution Vulnerabilities

    Broader source: Energy.gov [DOE]

    Two vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.

  10. V-162: Apache Struts "ParameterInterceptor" Security Bypass Vulnerability

    Broader source: Energy.gov [DOE]

    A vulnerability has been reported in Apache Struts, which can be exploited by malicious people to bypass certain security restrictions.

  11. Vulnerability Analysis of Energy Delivery Control Systems (September 2011)

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    | Department of Energy Systems (September 2011) Vulnerability Analysis of Energy Delivery Control Systems (September 2011) The Vulnerability Analysis of Energy Delivery Control Systems report, prepared by Idaho National Laboratory, describes the common vulnerabilities on energy sector control systems, and provides recommendations for vendors and owners of those systems to identify and reduce those risks. Vulnerability Analysis of Energy Delivery Control Systems (September 2011) (2.69 MB)

  12. U-197: Cisco Adaptive Security Appliances Denial of Service Vulnerability |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy 7: Cisco Adaptive Security Appliances Denial of Service Vulnerability U-197: Cisco Adaptive Security Appliances Denial of Service Vulnerability June 22, 2012 - 7:00am Addthis PROBLEM: A vulnerability has been reported in Cisco Adaptive Security Appliances (ASA), which can be exploited by malicious people to cause a DoS (Denial of Service). PLATFORM: Cisco Adaptive Security Appliance (ASA) 8.x Cisco ASA 5500 Series Adaptive Security Appliances ABSTRACT: The vulnerability

  13. U-198: IBM Lotus Expeditor Multiple Vulnerabilities | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    8: IBM Lotus Expeditor Multiple Vulnerabilities U-198: IBM Lotus Expeditor Multiple Vulnerabilities June 25, 2012 - 7:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in IBM Lotus Expeditor. PLATFORM: IBM Lotus Expeditor 6.x ABSTRACT: The vulnerabilities can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.. Reference Links: Vendor Advisory

  14. U-246: Tigase XMPP Dialback Protection Bypass Vulnerability

    Broader source: Energy.gov [DOE]

    A vulnerability has been reported in Tigase, which can be exploited by malicious people to bypass certain security restrictions.

  15. U-013: HP Data Protector Multiple Unspecified Vulnerabilities

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities were reported in HP Data Protector. A remote user can execute arbitrary code on the target system.

  16. V-116: Google Picasa BMP and TIFF Images Processing Vulnerabilities

    Broader source: Energy.gov [DOE]

    Two vulnerabilities have been discovered in Google Picasa, which can be exploited by malicious people to compromise a user's system

  17. T-564: Vulnerabilities in Citrix Licensing administration components

    Broader source: Energy.gov [DOE]

    The vulnerabilities impact all current versions of the Citrix Licensing Administration Console, formerly known as the License Management Console.

  18. T-594: IBM solidDB Password Hash Authentication Bypass Vulnerability

    Broader source: Energy.gov [DOE]

    This vulnerability could allow remote attackers to execute arbitrary code on vulnerable installations of IBM solidDB. Authentication is not required to exploit this vulnerability.

  19. Enhancing Energy Infrastructure Resiliency and Addressing Vulnerabilities

    Broader source: Energy.gov [DOE]

    Quadrennial Energy Review Task Force Secretariat and Energy Policy and Systems Analysis Staff, U. S. Department of Energy (DOE) Public Meeting on “Enhancing Resilience in Energy Infrastructure and Addressing Vulnerabilities” On Friday, April 11, 2014, at 10 a.m. in room HVC-215 of the U.S. Capitol, the Department of Energy (DOE), acting as the Secretariat for the Quadrennial Energy Review Task Force, will hold a public meeting to discuss and receive comments on issues related to the Quadrennial Energy Review (QER). The meeting will focus on infrastructure vulnerabilities related to the electricity, natural gas and petroleum transmission, storage and distribution systems (TS&D). The meeting will consist of two facilitated panels of experts on identifying and addressing vulnerabilities within the nation’s energy TS&D infrastructure. Following the panels, an opportunity will be provided for public comment via an open microphone session. The meeting will be livestreamed at energy.gov/live

  20. Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    | Department of Energy Critical Infrastructure Protection Cyber Vulnerability Assessment Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment This document describes a customized process for cyber vulnerability assessment in compliance with the Critical Infrastructure Protection standards adopted by the North American Electric Reliability Corporation in 2006. This guide covers the planning, execution, and reporting process. Guide to Critical Infrastructure Protection

  1. US Energy Sector Vulnerabilities to Climate Change

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    On the cover: Trans-Alaska oil pipeline; aerial view of New Jersey refinery; coal barges on Mississippi River in St. Paul, Minnesota; power plant in Prince George's County, Maryland; Grand Coulee Dam in Washington State; corn field near Somers, Iowa; wind turbines in Texas. Photo credits: iStockphoto U.S. ENERGY SECTOR VULNERABILITIES TO CLIMATE CHANGE AND EXTREME WEATHER Acknowledgements This report was drafted by the U.S. Department of Energy's Office of Policy and International Affairs

  2. U-187: Adobe Flash Player Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    Adobe released security updates for Adobe Flash Player 11.2.202.235 and earlier versions for Windows, Macintosh and Linux, Adobe Flash Player 11.1.115.8 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.9 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

  3. COMMON VULNERABILITIES IN CRITICAL INFRASTRUCTURE CONTROL SYSTEMS

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    COMMON VULNERABILITIES IN CRITICAL INFRASTRUCTURE CONTROL SYSTEMS Jason Stamp, John Dillinger, and William Young Networked Systems Survivability and Assurance Department Jennifer DePoy Information Operations Red Team & Assessments Department Sandia National Laboratories Albuquerque, NM 87185-0785 22 May 2003 (2 nd edition, revised 11 November 2003) Copyright © 2003, Sandia Corporation. All rights reserved. Permission is granted to display, copy, publish, and distribute this document in its

  4. MPI File Tree Walk

    Energy Science and Technology Software Center (OSTI)

    2007-04-30

    MPI-FTW is a scalable MPI based software application that navigates a directory tree by dynamically allocating processes to navigate sub-directories found. Upon completion, MPI-FTW provides statistics on the number of directories found, files found, and time to complete. Inaddition, commands can be executed at each directory level.

  5. MEMORANDUfl J: FILE DATE

    Office of Legacy Management (LM)

    J: FILE DATE r so ---...w------m FROM: 9. 34oyc -w---...v----- SUBJECT: D3 Bo;s CL&;C J mL-;+J; - Rcc cap 049 'A :j: &336;s L-.fh w-f L-1 ALE"nirTE ---...

  6. U-162: Drupal Multiple Vulnerabilities | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2: Drupal Multiple Vulnerabilities U-162: Drupal Multiple Vulnerabilities May 4, 2012 - 7:00am Addthis PROBLEM: Drupal Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in 7.x versions prior to 7.13. ABSTRACT: Several vulnerabilities were reported in Drupal: Denial of Service, Access bypass, and Unvalidated form redirect reference LINKS: Security Advisory: DRUPAL-SA-CORE-2012-002 Bugtraq ID: 53359 Secunia Advisory SA49012 CVE-2012-1588 CVE-2012-1589 CVE-2012-1590 CVE-2012-1591

  7. File:01UTALandUsePlanning.pdf | Open Energy Information

    Open Energy Info (EERE)

    Datasets Community Login | Sign Up Search File Edit History File:01UTALandUsePlanning.pdf Jump to: navigation, search File File history File usage Metadata File:01UTALandUsePlan...

  8. File:01CAALandUsePlanning.pdf | Open Energy Information

    Open Energy Info (EERE)

    File Edit History File:01CAALandUsePlanning.pdf Jump to: navigation, search File File history File usage Metadata File:01CAALandUsePlanning.pdf Size of this preview: 463 599...

  9. File:01IDALandUseConsiderations.pdf | Open Energy Information

    Open Energy Info (EERE)

    File Edit History File:01IDALandUseConsiderations.pdf Jump to: navigation, search File File history File usage Metadata File:01IDALandUseConsiderations.pdf Size of this preview:...

  10. File:08COCStateTransmissionProcess.pdf | Open Energy Information

    Open Energy Info (EERE)

    Community Login | Sign Up Search File Edit History File:08COCStateTransmissionProcess.pdf Jump to: navigation, search File File history File usage Metadata File:08COCStateTransm...

  11. File:01MTALandUseConsiderations.pdf | Open Energy Information

    Open Energy Info (EERE)

    File Edit History File:01MTALandUseConsiderations.pdf Jump to: navigation, search File File history File usage Metadata File:01MTALandUseConsiderations.pdf Size of this preview:...

  12. File:03COCEncroachmentOverview.pdf | Open Energy Information

    Open Energy Info (EERE)

    File Edit History File:03COCEncroachmentOverview.pdf Jump to: navigation, search File File history File usage Metadata File:03COCEncroachmentOverview.pdf Size of this preview: 463...

  13. File:0 - Overall Flow (Solar).pdf | Open Energy Information

    Open Energy Info (EERE)

    File Edit History File:0 - Overall Flow (Solar).pdf Jump to: navigation, search File File history File usage Metadata File:0 - Overall Flow (Solar).pdf Size of this preview: 463 ...

  14. DOE - Fossil Energy: Introduction Page to E-Filing System

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    E-Filing Natural Gas Import & Export Regulation - E-Filing DOE's Natural Gas E-Filing System More Info E-Filing Instructions Go directly to e-Filing Form View Sample e-File...

  15. File:WSR flowchart-introduction.pdf | Open Energy Information

    Open Energy Info (EERE)

    Apps Datasets Community Login | Sign Up Search File Edit History File:WSR flowchart-introduction.pdf Jump to: navigation, search File File history File usage File:WSR...

  16. Detailed Drawings of NERSC File Systems

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    File System Drawing Detailed Drawings of NERSC File Systems Cori Global Scratch cori scratch Global Project project Abbreviations CMP Chip Multicore Processor OSS Object Storage Server: a component of a Lustre File System OST Object Storage Target: a component of a Lustre File System LNET Lustre Network router MDS Metadata Server, manage file operation, e.g., create new file, write to shared file DVS Data Virtualization Server, Running a service to mount external storage to Cray systems HPSS

  17. File Storage and I/O

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    File Storage and I/O File Storage and I/O Disk Quota Change Request Form Hopper File Systems Hopper has 5 user file systems which provide different degrees of storage, performance and permanence. The table below summarizes these file systems: File System Home Local Scratch Global Scratch Project Environment Variable Definition $HOME $SCRATCH $SCRATCH2 $GSCRATCH None. Must use /project/projectdirs/ Description Global home file system shared with other NERSC systems. All NERSC machines mount the

  18. Original Signature On File

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Signature On File Department of Energy Carl sbad Field Office P. O. Box 3090 Carlsbad , New Mexico 8822 1 June 10, 2009 Mr. Steve Zappe, Project Leader Hazardous Waste Bureau New Mexico Environment Department 2905 Rodeo Park Drive East, Building 1 Santa Fe, New Mexico 87505-6303 Subject: Transmittal of CBFO Final Audit Report A-09-12 , Los Alamos National Laboratory Central Characterization Project TRU Waste Characterization and Certification Dear Mr. Zappe: Enclosed is the Carlsbad Field Office

  19. Vulnerability Analysis of Energy Delivery Control Systems

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    0-18381 Vulnerability Analysis of Energy Delivery Control Systems September 2011 Idaho National Laboratory Idaho Falls, Idaho 83415 http://www.inl.gov Prepared for the U.S. Department of Energy Office of Electricity Delivery and Energy Reliability Under DOE Idaho Operations Office Contract DE-AC07-05ID14517 The INL is a U.S. Department of Energy National Laboratory operated by Battelle Energy Alliance DISCLAIMER This information was prepared as an account of work sponsored by an agency of the

  20. T-550: Apache Denial of Service Vulnerability

    Office of Energy Efficiency and Renewable Energy (EERE)

    Apache 'APR-util' is prone to a vulnerability that may allow attackers to cause a denial-of-service condition. Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, may allow remote users to cause a Denial of Service (DoS - memory consumption).

  1. File:08MTATransmission (3).pdf | Open Energy Information

    Open Energy Info (EERE)

    08MTATransmission (3).pdf Jump to: navigation, search File File history File usage Metadata File:08MTATransmission (3).pdf Size of this preview: 463 599 pixels. Other...

  2. File:07FDCPURPAQualifyingFacilityCertificationProcess.pdf | Open...

    Open Energy Info (EERE)

    FDCPURPAQualifyingFacilityCertificationProcess.pdf Jump to: navigation, search File File history File usage Metadata File:07FDCPURPAQualifyingFacilityCertificationProcess.pdf Size...

  3. File:07TXBRECGeneratorCertification.pdf | Open Energy Information

    Open Energy Info (EERE)

    7TXBRECGeneratorCertification.pdf Jump to: navigation, search File File history File usage Metadata File:07TXBRECGeneratorCertification.pdf Size of this preview: 463 599 pixels....

  4. File:04AKBGeophysicalExplorationPermit.pdf | Open Energy Information

    Open Energy Info (EERE)

    AKBGeophysicalExplorationPermit.pdf Jump to: navigation, search File File history File usage Metadata File:04AKBGeophysicalExplorationPermit.pdf Size of this preview: 463 599...

  5. File:07FDBPlantCommissioning.pdf | Open Energy Information

    Open Energy Info (EERE)

    FDBPlantCommissioning.pdf Jump to: navigation, search File File history File usage Metadata File:07FDBPlantCommissioning.pdf Size of this preview: 463 599 pixels. Other...

  6. File:07HIAGeothermalAndCableSystemDevelopmentPermitting.pdf ...

    Open Energy Info (EERE)

    HIAGeothermalAndCableSystemDevelopmentPermitting.pdf Jump to: navigation, search File File history File usage Metadata File:07HIAGeothermalAndCableSystemDevelopmentPermitting.pdf...

  7. File:ApplicationtoAppropriate.pdf | Open Energy Information

    Open Energy Info (EERE)

    ApplicationtoAppropriate.pdf Jump to: navigation, search File File history File usage File:ApplicationtoAppropriate.pdf Size of this preview: 463 599 pixels. Other resolution:...

  8. File:08CABCaliforniaTransmissionCPUCProcess.pdf | Open Energy...

    Open Energy Info (EERE)

    8CABCaliforniaTransmissionCPUCProcess.pdf Jump to: navigation, search File File history File usage File:08CABCaliforniaTransmissionCPUCProcess.pdf Size of this preview: 463 599...

  9. File:AlaskaTitleVApplicationSubmittalInstructions.pdf | Open...

    Open Energy Info (EERE)

    AlaskaTitleVApplicationSubmittalInstructions.pdf Jump to: navigation, search File File history File usage File:AlaskaTitleVApplicationSubmittalInstructions.pdf Size of this...

  10. File:03ORENoncompetitiveGeothermalLease.pdf | Open Energy Information

    Open Energy Info (EERE)

    ORENoncompetitiveGeothermalLease.pdf Jump to: navigation, search File File history File usage Metadata File:03ORENoncompetitiveGeothermalLease.pdf Size of this preview: 463 599...

  11. File:07CAAPlantCommissioningProcessApplicationForCertification...

    Open Energy Info (EERE)

    7CAAPlantCommissioningProcessApplicationForCertification.pdf Jump to: navigation, search File File history File usage Metadata File:07CAAPlantCommissioningProcessApplicationForCert...

  12. File:08IDAStateTransmission.pdf | Open Energy Information

    Open Energy Info (EERE)

    IDAStateTransmission.pdf Jump to: navigation, search File File history File usage Metadata File:08IDAStateTransmission.pdf Size of this preview: 463 599 pixels. Other...

  13. File:03AKCEncroachmentOverview.pdf | Open Energy Information

    Open Energy Info (EERE)

    AKCEncroachmentOverview.pdf Jump to: navigation, search File File history File usage Metadata File:03AKCEncroachmentOverview.pdf Size of this preview: 463 599 pixels. Other...

  14. File:06ORATransportationPermit.pdf | Open Energy Information

    Open Energy Info (EERE)

    ORATransportationPermit.pdf Jump to: navigation, search File File history File usage Metadata File:06ORATransportationPermit.pdf Size of this preview: 463 599 pixels. Other...

  15. File:06NVATransportationPermit.pdf | Open Energy Information

    Open Energy Info (EERE)

    NVATransportationPermit.pdf Jump to: navigation, search File File history File usage Metadata File:06NVATransportationPermit.pdf Size of this preview: 463 599 pixels. Other...

  16. File:08CAACaliforniaTransmission.pdf | Open Energy Information

    Open Energy Info (EERE)

    CAACaliforniaTransmission.pdf Jump to: navigation, search File File history File usage Metadata File:08CAACaliforniaTransmission.pdf Size of this preview: 463 599 pixels. Other...

  17. File:06AKATransportationOversizeOverweight.pdf | Open Energy...

    Open Energy Info (EERE)

    6AKATransportationOversizeOverweight.pdf Jump to: navigation, search File File history File usage Metadata File:06AKATransportationOversizeOverweight.pdf Size of this preview: 463...

  18. File:07CACCaliforniaEnergyFacilityCPUCProcess.pdf | Open Energy...

    Open Energy Info (EERE)

    CACCaliforniaEnergyFacilityCPUCProcess.pdf Jump to: navigation, search File File history File usage Metadata File:07CACCaliforniaEnergyFacilityCPUCProcess.pdf Size of this preview:...

  19. File:03CACEncroachmentPermit.pdf | Open Energy Information

    Open Energy Info (EERE)

    CACEncroachmentPermit.pdf Jump to: navigation, search File File history File usage Metadata File:03CACEncroachmentPermit.pdf Size of this preview: 463 599 pixels. Other...

  20. File:06FDAEPAConstructionGeneralPermitConstructionStormwater...

    Open Energy Info (EERE)

    06FDAEPAConstructionGeneralPermitConstructionStormwater.pdf Jump to: navigation, search File File history File usage Metadata File:06FDAEPAConstructionGeneralPermitConstructionStor...

  1. File:07ORDExpeditedPlantCommissioningProcess.pdf | Open Energy...

    Open Energy Info (EERE)

    ORDExpeditedPlantCommissioningProcess.pdf Jump to: navigation, search File File history File usage Metadata File:07ORDExpeditedPlantCommissioningProcess.pdf Size of this preview:...

  2. File:03IDCEncroachmentPermit.pdf | Open Energy Information

    Open Energy Info (EERE)

    IDCEncroachmentPermit.pdf Jump to: navigation, search File File history File usage Metadata File:03IDCEncroachmentPermit.pdf Size of this preview: 463 599 pixels. Other...

  3. File:0 - Overall Flow - Transmission.pdf | Open Energy Information

    Open Energy Info (EERE)

    - Overall Flow - Transmission.pdf Jump to: navigation, search File File history File usage Metadata File:0 - Overall Flow - Transmission.pdf Size of this preview: 463 599...

  4. File:Federal Hydropower - Southwestern Power Administration.pdf...

    Open Energy Info (EERE)

    Federal Hydropower - Southwestern Power Administration.pdf Jump to: navigation, search File File history File usage Metadata File:Federal Hydropower - Southwestern Power...

  5. File:Federal Hydropower - Western Area Power Administration.pdf...

    Open Energy Info (EERE)

    Hydropower - Western Area Power Administration.pdf Jump to: navigation, search File File history File usage Metadata File:Federal Hydropower - Western Area Power Administration.pdf...

  6. File:Texas Construction General Permit (TXR150000).pdf | Open...

    Open Energy Info (EERE)

    Texas Construction General Permit (TXR150000).pdf Jump to: navigation, search File File history File usage Metadata File:Texas Construction General Permit (TXR150000).pdf Size of...

  7. File:03NVCEncroachment (1).pdf | Open Energy Information

    Open Energy Info (EERE)

    NVCEncroachment (1).pdf Jump to: navigation, search File File history File usage Metadata File:03NVCEncroachment (1).pdf Size of this preview: 463 599 pixels. Other resolution:...

  8. Data Storage & File Systems | Argonne Leadership Computing Facility

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    continue to build documentation for our new computing resource. Feedback Form Data Storage & File Systems BGQ File Systems BGQ File Systems: An overview of the BGQ file...

  9. File:(PECC) Special Program on Climate Change SUMMARY (english...

    Open Energy Info (EERE)

    (PECC) Special Program on Climate Change SUMMARY (english).pdf Jump to: navigation, search File File history File usage File:(PECC) Special Program on Climate Change SUMMARY...

  10. File:CDPHE Industrial Individual Wastewater Discharge Permit...

    Open Energy Info (EERE)

    CDPHE Industrial Individual Wastewater Discharge Permit Application.pdf Jump to: navigation, search File File history File usage Metadata File:CDPHE Industrial Individual...

  11. Evaluating operating system vulnerability to memory errors.

    SciTech Connect (OSTI)

    Ferreira, Kurt Brian; Bridges, Patrick G.; Pedretti, Kevin Thomas Tauke; Mueller, Frank; Fiala, David; Brightwell, Ronald Brian

    2012-05-01

    Reliability is of great concern to the scalability of extreme-scale systems. Of particular concern are soft errors in main memory, which are a leading cause of failures on current systems and are predicted to be the leading cause on future systems. While great effort has gone into designing algorithms and applications that can continue to make progress in the presence of these errors without restarting, the most critical software running on a node, the operating system (OS), is currently left relatively unprotected. OS resiliency is of particular importance because, though this software typically represents a small footprint of a compute node's physical memory, recent studies show more memory errors in this region of memory than the remainder of the system. In this paper, we investigate the soft error vulnerability of two operating systems used in current and future high-performance computing systems: Kitten, the lightweight kernel developed at Sandia National Laboratories, and CLE, a high-performance Linux-based operating system developed by Cray. For each of these platforms, we outline major structures and subsystems that are vulnerable to soft errors and describe methods that could be used to reconstruct damaged state. Our results show the Kitten lightweight operating system may be an easier target to harden against memory errors due to its smaller memory footprint, largely deterministic state, and simpler system structure.

  12. File:06COBConstructionStormWaterPermit.pdf | Open Energy Information

    Open Energy Info (EERE)

    Login | Sign Up Search File Edit History File:06COBConstructionStormWaterPermit.pdf Jump to: navigation, search File File history File usage Metadata File:06COBConstructio...

  13. Social vulnerability indicators as a sustainable planning tool

    SciTech Connect (OSTI)

    Lee, Yung-Jaan

    2014-01-15

    In the face of global warming and environmental change, the conventional strategy of resource centralization will not be able to cope with a future of increasingly extreme climate events and related disasters. It may even contribute to inter-regional disparities as a result of these events. To promote sustainable development, this study offers a case study of developmental planning in Chiayi, Taiwan and a review of the relevant literature to propose a framework of social vulnerability indicators at the township level. The proposed framework can not only be used to measure the social vulnerability of individual townships in Chiayi, but also be used to capture the spatial developmental of Chiayi. Seventeen social vulnerability indicators provide information in five dimensions. Owing to limited access to relevant data, the values of only 13 indicators were calculated. By simply summarizing indicators without using weightings and by using zero-mean normalization to standardize the indicators, this study calculates social vulnerability scores for each township. To make social vulnerability indicators more useful, this study performs an overlay analysis of social vulnerability and patterns of risk associated with national disasters. The social vulnerability analysis draws on secondary data for 2012 from Taiwan's National Geographic Information System. The second layer of analysis consists of the flood potential ratings of the Taiwan Water Resources Agency as an index of biophysical vulnerability. The third layer consists of township-level administrative boundaries. Analytical results reveal that four out of the 18 townships in Chiayi not only are vulnerable to large-scale flooding during serious flood events, but also have the highest degree of social vulnerability. Administrative boundaries, on which social vulnerability is based, do not correspond precisely to “cross-administrative boundaries,” which are characteristics of the natural environment. This study adopts

  14. Policy Flash Archive Search File

    Office of Environmental Management (EM)

    ... Policy Flash Archive Search File 4 Flash2002-10 ... Principles; 2) Contract Terms and Conditions Required to ... Transaction Authority to enter into Technology Investment ...

  15. 1999 CBECS Public Use Files

    U.S. Energy Information Administration (EIA) Indexed Site

    only. Geographic identifiers and National Oceanic and Atmospheric Administration Weather Division identifiers are not included on any data files delivered to EIA. Geographic...

  16. File:INL-geothermal-mt.pdf | Open Energy Information

    Open Energy Info (EERE)

    current 12:41, 16 December 2010 Thumbnail for version as of 12:41, 16 December 2010 5,100 4,200 (1.99 MB) MapBot (Talk | contribs) Automated upload from NREL's "mapsearch"...

  17. U-035: Adobe Flash Player Multiple Vulnerabilities | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    35: Adobe Flash Player Multiple Vulnerabilities U-035: Adobe Flash Player Multiple Vulnerabilities November 14, 2011 - 10:15am Addthis PROBLEM: Adobe Flash Player Multiple Vulnerabilities. PLATFORM: Adobe Flash Player 11.0.1.152 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems Adobe Flash Player 11.0.1.153 and earlier versions for Android Adobe AIR 3.0 and earlier versions for Windows, Macintosh, and Android ABSTRACT: Adobe recommends users of Adobe Flash Player

  18. T-544: Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities

    Broader source: Energy.gov [DOE]

    Cisco IOS Software Release 12.4(24)MD1 on the Cisco CSG2 contains two vulnerabilities that can be exploited by a remote, unauthenticated attacker to create a denial of service condition that prevents traffic from passing through the CSG2. These vulnerabilities require only a single content service to be active on the Cisco CSG2 and can be exploited via crafted TCP packets. A three-way handshake is not required to exploit either of these vulnerabilities.

  19. Top 10 Vulnerabilities of Control Systems and Their Associated Migitations

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    (2006) | Department of Energy Top 10 Vulnerabilities of Control Systems and Their Associated Migitations (2006) Top 10 Vulnerabilities of Control Systems and Their Associated Migitations (2006) This document addresses potential risks that can apply to some electricity sector organizations and provides practices that can help mitigate the risks. Each organization decides for itself the risks it can accept and the practices it deems appropriate to manage those risks. Top 10 Vulnerabilities of

  20. Tribal Energy System Vulnerabilities to Climate Change and Extreme Weather

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    | Department of Energy System Vulnerabilities to Climate Change and Extreme Weather Tribal Energy System Vulnerabilities to Climate Change and Extreme Weather This U.S. Department of Energy Office of Indian Energy report assesses climate change and extreme weather vulnerabilities specific to tribal energy infrastructure and systems in the contiguous United States and Alaska. It includes information about the impacts from climate change and extreme weather events on both onsite and offsite

  1. TOP 10 VULNERABILITIES OF CONTROL SYSTEMS AND THEIR ASSOCIATED MITIGATIONS

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    | Department of Energy TOP 10 VULNERABILITIES OF CONTROL SYSTEMS AND THEIR ASSOCIATED MITIGATIONS TOP 10 VULNERABILITIES OF CONTROL SYSTEMS AND THEIR ASSOCIATED MITIGATIONS This document provides practices that can help mitigate the potential risks that can occur to some electricity sector organizations. Each organization decides for itself the risks it can accept and the practices it deems appropriate to manage those risks. TOP 10 VULNERABILITIES OF CONTROL SYSTEMS AND THEIR ASSOCIATED

  2. MEMORANDUM TO: FILE

    Office of Legacy Management (LM)

    ' a 7 > 3gI, q OH.I-r7.-I (jt' , ""7 MEMORANDUM TO: FILE FROM: ' 'Y OIL&i cz ,,,',, -------we- SUBJECT: SITE NAME: _____ CITY:-AQY&- --------------e----e-- OWNER(S) Owner contacted n yes =urr="t: ----- -Llz2-:---,-- -----___ &,&/4$- '1 :) ' if yes, data contacted ------------- TYPE OF OPERATION ----------------- a Research t Development lti- Facility Type 0 Production scale testing a Manufacturing 5 University 0 Research Organization 0 Government Sponsored

  3. MEMORANDUM TO: FILE FROM:

    Office of Legacy Management (LM)

    p' : , .; ' _ ' < 3.518 MEMORANDUM TO: FILE FROM: -Ye L&a --------e---e--- DATE 6j8/8 7 v---s -- ---------- SUBJECT: ;&l a+-b IA T~cornqm Q afib4 SITE NAME: CITY: & &&at leg co Current: ------------------------ Owner contacted 0 yes p no; if yem, date contacted --w---w------ TYPE OF OPERATION The T$SYI L-- Tj flmf ----------------- FResearch & Development a Facility 0 Production scale testing 0 Pilot Scale p Manufacturing 0 Bench Scale Process [3 University 0

  4. GlNTRM FILES

    Office of Legacy Management (LM)

    : .; GlNTRM FILES .- Red Rwtaaie!a .=?%A .-m JJullen mtoxges8ntuuo -006 .017 .olb J-m .021 .OLt .Ol2 *Jeta Lhh .029 .0X9 ,026 ~k~exwteethaae~oyeencloee~ttothxflcmrof bUckaide. After the deccxmdnatimpxcblarrrro mlved.the rt8tma dt&itO lo- &ctioacoilrpasdistuEeed. 1. . ,, -. . . ' The conparty visited 3~ciali.z.e~ ja the a.ppLicatica of Znductiw beat. The purpose of this trip wa s to advise on haaBh and safety measures for the preoceeptance testing of inductioo heat treating equipment

  5. HEMORANDUH TO: FILE DATE

    Office of Legacy Management (LM)

    HEMORANDUH TO: FILE DATE 1123 lLjl ---WV-------------- FROM: P. s&w+ -------v-----s-- SUBJECT: lJ+ - e;& SITE NAME: LJo"zL - /L,' de Cd -J--h=- ALTERNATE l --e-e-- ------w------- ---,,,' ,m--, NAME: ---------------------- CITY: LL-pL~ ------------ ------------- STATE3 e--w-- OWNER tS) -----w-- Past I --k-!!.l~ -pa L . -v-----w------- Current: Owner contac?-ed 0 yes 0 no; if yes, I+Lff A zid;&m - -------------------------- date contacted ------B--m--- TYPE OF OPERATION

  6. V-161: IBM Maximo Asset Management Products Java Multiple Vulnerabilities

    Broader source: Energy.gov [DOE]

    Asset and Service Mgmt Products - Potential security exposure when using JavaTM based applications due to vulnerabilities in Java Software Developer Kits.

  7. AFTER A Framework for electrical power sysTems vulnerability...

    Open Energy Info (EERE)

    Germany) Jump to: navigation, search Project Name AFTER A Framework for electrical power sysTems vulnerability identification, dEfense and Restoration Country Germany Coordinates...

  8. T-629: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities

    Broader source: Energy.gov [DOE]

    Vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.

  9. AFTER A Framework for electrical power sysTems vulnerability...

    Open Energy Info (EERE)

    United Kingdom) Jump to: navigation, search Project Name AFTER A Framework for electrical power sysTems vulnerability identification, dEfense and Restoration Country United Kingdom...

  10. AFTER A Framework for electrical power sysTems vulnerability...

    Open Energy Info (EERE)

    :"","inlineLabel":"","visitedicon":"" Display map Period 2011-2014 References EU Smart Grid Projects Map1 Overview AFTER addresses vulnerability evaluation and contingency...