National Library of Energy BETA

Sample records for heap overflow lets

  1. V-134: Cisco AnyConnect Secure Mobility Client Heap Overflow Lets Local

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Users Gain Elevated Privileges | Department of Energy 4: Cisco AnyConnect Secure Mobility Client Heap Overflow Lets Local Users Gain Elevated Privileges V-134: Cisco AnyConnect Secure Mobility Client Heap Overflow Lets Local Users Gain Elevated Privileges April 15, 2013 - 1:30am Addthis PROBLEM: Cisco AnyConnect Secure Mobility Client Heap Overflow Lets Local Users Gain Elevated Privileges PLATFORM: Cisco AnyConnect Secure Mobility Client Cisco Secure Desktop ABSTRACT: Some vulnerabilities

  2. V-134: Cisco AnyConnect Secure Mobility Client Heap Overflow...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    4: Cisco AnyConnect Secure Mobility Client Heap Overflow Lets Local Users Gain Elevated Privileges V-134: Cisco AnyConnect Secure Mobility Client Heap Overflow Lets Local Users ...

  3. V-093: Symantec PGP Desktop Buffer Overflows Let Local Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Secure Mobility Client Heap Overflow Lets Local Users Gain Elevated Privileges V-066: Adobe AcrobatReader Multiple Flaws Lets Remote Users Execute Arbitrary Code and Local Users...

  4. T-545: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Execute Arbitrary Code | Department of Energy 5: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users Execute Arbitrary Code T-545: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users Execute Arbitrary Code January 28, 2011 - 7:21am Addthis PROBLEM: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users Execute Arbitrary Code. PLATFORM: RealPlayer 14.0.1 and prior versions ABSTRACT: A vulnerability was reported in RealPlayer. A remote user can

  5. U-056: Linux Kernel HFS Buffer Overflow Lets Local Users Gain...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    6: Linux Kernel HFS Buffer Overflow Lets Local Users Gain Root Privileges U-056: Linux Kernel HFS Buffer Overflow Lets Local Users Gain Root Privileges December 9, 2011 - 8:00am...

  6. T-583: Linux Kernel OSF Partition Table Buffer Overflow Lets Local Users Obtain Information

    Broader source: Energy.gov [DOE]

    A local user can create a storage device with specially crafted OSF partition tables. When the kernel automatically evaluates the partition tables, a buffer overflow may occur and data from kernel heap space may leak to user-space.

  7. T-695: Avaya Aura Application Server Buffer Overflow in 'cstore.exe' Lets Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Avaya Aura Application Server Buffer Overflow in 'cstore.exe' Lets Remote Users Execute Arbitrary Code.

  8. V-049: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let Remote Users

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Execute Arbitrary Code | Department of Energy 9: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let Remote Users Execute Arbitrary Code V-049: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let Remote Users Execute Arbitrary Code December 18, 2012 - 1:30am Addthis PROBLEM: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let Remote Users Execute Arbitrary Code PLATFORM: Windows RealPlayer 15.0.6.14 and prior. ABSTRACT: Two vulnerabilities were reported in RealPlayer. REFERENCE

  9. V-049: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    V-049: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let Remote Users Execute ... The vendor has issued a fix (16.0.0.282). Addthis Related Articles V-228: RealPlayer ...

  10. V-228: RealPlayer Buffer Overflow and Memory Corruption Error Let Remote

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Users Execute Arbitrary Code | Department of Energy 8: RealPlayer Buffer Overflow and Memory Corruption Error Let Remote Users Execute Arbitrary Code V-228: RealPlayer Buffer Overflow and Memory Corruption Error Let Remote Users Execute Arbitrary Code August 27, 2013 - 6:00am Addthis PROBLEM: Two vulnerabilities were reported in RealPlayer PLATFORM: RealPlayer 16.0.2.32 and prior ABSTRACT: A remote user can cause arbitrary code to be executed on the target user's system REFERENCE LINKS:

  11. U-080: Linux Kernel XFS Heap Overflow May Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in the Linux Kernel. A remote user can cause arbitrary code to be executed on the target user's system.

  12. T-664: Apache Santuario Buffer Overflow Lets Remote Users Deny Service

    Broader source: Energy.gov [DOE]

    A buffer overflow exists when creating or verifying XML signatures with RSA keys of sizes on the order of 8192 or more bits. This typically results in a crash and denial of service in applications that verify signatures using keys that could be supplied by an attacker.

  13. T-567: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users Gain Elevated Privileges

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in the Linux Kernel. A local user may be able to obtain elevated privileges on the target system. A physically local user can connect a storage device with a specially crafted LDM partition table to trigger a buffer overflow in the ldm_frag_add() function in 'fs/partitions/ldm.c' and potentially execute arbitrary code with elevated privileges.

  14. V-228: RealPlayer Buffer Overflow and Memory Corruption Error...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    V-228: RealPlayer Buffer Overflow and Memory Corruption Error Let Remote Users Execute ... Lets Remote Users Execute Arbitrary Code V-049: RealPlayer Buffer Overflow and Invalid ...

  15. Colton Heaps | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Colton Heaps About Us Colton Heaps - Project Leader at NREL Colton Heaps Colton Heaps is a project leader at NREL specializing in renewable energy project development, energy efficiency, sustainable design, and financial analysis. Mr. Heap's support for the Office of Indian Energy focuses on the energy issues of tribes that receive assistance through the START Renewable Energy Project Development Assistance Program. Prior to joining NREL, Mr. Heaps served as a civil engineering officer in the

  16. U-115: Novell GroupWise Client Address Book Processing Buffer Overflow Vulnerability

    Broader source: Energy.gov [DOE]

    The vulnerability is caused due to an error when processing Novell Address Book (".nab") files and can be exploited to cause a heap-based buffer overflow via an overly long email address.

  17. T-548: Novell ZENworks Handheld Management (ZHM) ZfHIPCnd.exe buffer overflow

    Broader source: Energy.gov [DOE]

    Novell ZENworks Handheld Management (ZHM) is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the ZfHIPCnd.exe Access Point process. By sending a specially-crafted request to TCP port 2400, a remote attacker could overflow a buffer and execute arbitrary code on the system with SYSTEM privileges or cause the application to crash.

  18. U-154: IBM Rational ClearQuest ActiveX Control Buffer Overflow...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    V-020: Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary Code U-126: Cisco Adaptive Security Appliances Port Forwarder ActiveX Control Buffer Overflow ...

  19. Nuclear reactor overflow line

    DOE Patents [OSTI]

    Severson, Wayne J.

    1976-01-01

    The overflow line for the reactor vessel of a liquid-metal-cooled nuclear reactor includes means for establishing and maintaining a continuous bleed flow of coolant amounting to 5 to 10% of the total coolant flow through the overflow line to prevent thermal shock to the overflow line when the reactor is restarted following a trip. Preferably a tube is disposed concentrically just inside the overflow line extending from a point just inside the reactor vessel to an overflow tank and a suction line is provided opening into the body of liquid metal in the reactor vessel and into the annulus between the overflow line and the inner tube.

  20. T-676: Apple iOS Certificate Chain Validation Flaw Lets Certain...

    Broader source: Energy.gov (indexed) [DOE]

    T-727:Microsoft Windows SSLTLS Protocol Flaw Lets Remote Users Decryption Sessions U-259: RSA BSAFE SSL-C Lets Remote Users Decrypt SSLTLS Traffic and SSL Buffer Overflow Lets ...

  1. U-259: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic...

    Office of Environmental Management (EM)

    59: RSA BSAFE SSL-C Lets Remote Users Decrypt SSLTLS Traffic and SSL Buffer Overflow Lets Remote Users Execute Arbitrary Code U-259: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL...

  2. U-259: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic and SSL

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Buffer Overflow Lets Remote Users Execute Arbitrary Code | Department of Energy 59: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic and SSL Buffer Overflow Lets Remote Users Execute Arbitrary Code U-259: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic and SSL Buffer Overflow Lets Remote Users Execute Arbitrary Code September 13, 2012 - 6:00am Addthis PROBLEM: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic and SSL Buffer Overflow Lets Remote Users Execute

  3. U-048: HP LaserJet Printers Unspecified Flaw Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    T-699: EMC AutoStart Buffer Overflows Let Remote Users Execute Arbitrary Code U-049: IBM Tivoli Netcool Reporter CGI Bug Lets Remote Users Inject Commands on the Target System...

  4. T-562: Novell ZENworks Configuration Management novell-tftp.exe Buffer Overflow

    Broader source: Energy.gov [DOE]

    A vulnerability has been reported in Novell ZENworks Configuration Management, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in novell-tftp.exe when parsing requests. This can be exploited to cause a heap-based buffer overflow via a specially crafted request sent to UDP port 69. The vulnerability is reported in versions 10.3.1, 10.3.2, and 11.0.

  5. Overflow control valve

    DOE Patents [OSTI]

    Hundal, Rolv; Kessinger, Boyd A.; Parlak, Edward A.

    1984-07-24

    An overflow control valve for use in a liquid sodium coolant pump tank which valve can be extended to create a seal with the pump tank wall or retracted to break the seal thereby accommodating valve removal. An actuating shaft which controls valve disc position also has cams which bear on roller surfaces to force retraction of a sliding cylinder against spring tension to retract the cylinder from sealing contact with the pump tank.

  6. T-626: Xen Multiple Buffer Overflow and Integer Overflow Vulnerabilities

    Broader source: Energy.gov [DOE]

    It was found that the xc_try_bzip2_decode() and xc_try_lzma_decode() decode routines did not correctly check for a possible buffer size overflow in the decoding loop. As well, several integer overflow flaws and missing error/range checking were found that could lead to an infinite loop. A privileged guest user could use these flaws to crash the guest or, possibly, execute arbitrary code in the privileged management domain (Dom0). (CVE-2011-1583)

  7. V-182: Symantec Endpoint Protection Manager Buffer Overflow Vulnerabil...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability V-182: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability June 20, 2013 - 6:00am Addthis...

  8. T-545: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    A remote user can cause arbitrary code to be executed on the target user's system. reference LINKS: Security Tracker Alert CVE-2010-4393 IMPACT ASSESSMENT: Medium Discussion: A ...

  9. Power-law connections: From Zipf to Heaps and beyond

    SciTech Connect (OSTI)

    Eliazar, Iddo I.; Cohen, Morrel H.

    2013-05-15

    In this paper we explore the asymptotic statistics of a general model of rank distributions in the large-ensemble limit; the construction of the general model is motivated by recent empirical studies of rank distributions. Applying Lorenzian, oligarchic, and Heapsian asymptotic analyses we establish a comprehensive set of closed-form results linking together rank distributions, probability distributions, oligarchy sizes, and innovation rates. In particular, the general results reveal the fundamental underlying connections between Zipfs law, Paretos law, and Heaps lawthree elemental empirical power-laws that are ubiquitously observed in the sciences. -- Highlights: ? The large-ensemble asymptotic statistics of rank distributions are explored. ? Lorenzian, oligarchic, and Heapsian asymptotic analyses are applied. ? Associated oligarchy sizes and induced innovation rates are analyzed. ? General elemental statistical connections are established. ? The underlying connections between Zipfs, Paretos and Heaps laws are unveiled.

  10. V-074: IBM Informix Genero libpng Integer Overflow Vulnerability |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy 74: IBM Informix Genero libpng Integer Overflow Vulnerability V-074: IBM Informix Genero libpng Integer Overflow Vulnerability January 22, 2013 - 12:11am Addthis PROBLEM: IBM Informix Genero libpng Integer Overflow Vulnerability PLATFORM: IBM Informix Genero releases prior to 2.41 - all platforms ABSTRACT: A vulnerability has been reported in libpng. REFERENCE LINKS: IBM Security Bulletin: 1620982 Secunia Advisory SA51905 Secunia Advisory SA48026 CVE-2011-3026 IMPACT

  11. V-182: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability

    Broader source: Energy.gov [DOE]

    Symantec was notified of a pre-authentication buffer overflow found in the Symantec Endpoint Protection Manager (SEPM) and Symantec Endpoint Protection Center (SPC)

  12. U-236: Microsoft JScript and VBScript Engine Integer Overflow Lets Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Execution of arbitrary code via network A remote user can cause arbitrary code to be executed on the target

  13. Event heap: a coordination infrastructure for dynamic heterogeneous application interactions in ubiquitous computing environments

    DOE Patents [OSTI]

    Johanson, Bradley E.; Fox, Armando; Winograd, Terry A.; Hanrahan, Patrick M.

    2010-04-20

    An efficient and adaptive middleware infrastructure called the Event Heap system dynamically coordinates application interactions and communications in a ubiquitous computing environment, e.g., an interactive workspace, having heterogeneous software applications running on various machines and devices across different platforms. Applications exchange events via the Event Heap. Each event is characterized by a set of unordered, named fields. Events are routed by matching certain attributes in the fields. The source and target versions of each field are automatically set when an event is posted or used as a template. The Event Heap system implements a unique combination of features, both intrinsic to tuplespaces and specific to the Event Heap, including content based addressing, support for routing patterns, standard routing fields, limited data persistence, query persistence/registration, transparent communication, self-description, flexible typing, logical/physical centralization, portable client API, at most once per source first-in-first-out ordering, and modular restartability.

  14. Urban runoff and combined sewer overflow. [Wastewater treatment

    SciTech Connect (OSTI)

    Moffa, P.E.; Freedman, S.D.; Owens, E.M.; Field, R.; Cibik, C.

    1982-06-01

    The control, treatment and management of urban runoff and sewer overflow are reviewed. Simplified modeling and monitoring techniques are used to characterize urban runoff and to assess control alternatives. (KRM)

  15. V-219: Kingsoft Writer 2012 WPS Font Names Buffer Overflow Vulnerabili...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    9: Kingsoft Writer 2012 WPS Font Names Buffer Overflow Vulnerability V-219: Kingsoft Writer 2012 WPS Font Names Buffer Overflow Vulnerability August 16, 2013 - 5:52am Addthis...

  16. U-177: Lotus Quickr for Domino ActiveX Control Buffer Overflow Lets Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in Lotus Quickr for Domino. A remote user can cause arbitrary code to be executed on the target user's system.

  17. U-128: VMware ESX/ESXi Buffer Overflow and Null Pointer Dereference Lets Local Users Gain Elevated Privileges

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in VMware ESX. A local user can obtain elevated privileges on the target system.

  18. V-114: RealPlayer MP4 Processing Buffer Overflow Vulnerability | Department

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    of Energy 14: RealPlayer MP4 Processing Buffer Overflow Vulnerability V-114: RealPlayer MP4 Processing Buffer Overflow Vulnerability March 19, 2013 - 12:01am Addthis PROBLEM: RealPlayer MP4 Processing Buffer Overflow Vulnerability PLATFORM: Versions prior to 16.0.1.18. ABSTRACT: A vulnerability has been reported in RealPlayer REFERENCE LINKS: RealNetworks, Inc Secunia Advisory SA52692 CVE-2013-1750 IMPACT ASSESSMENT: High DISCUSSION: The vulnerability is caused due to an error when

  19. V-086: IntegraXor ActiveX Control Buffer Overflow Vulnerability

    Broader source: Energy.gov [DOE]

    The vulnerability is caused due to an error in the PE3DO32A.ocx ActiveX control and can be exploited to cause a buffer overflow.

  20. Spotlight on Austin, Texas: Let Your Contractor Be Your Guide...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Let Your Contractor Be Your Guide for Big Rewards Spotlight on Austin, Texas: Let Your Contractor Be Your Guide for Big Rewards Spotlight on Austin, Texas: Let Your Contractor Be ...

  1. T-707: Apache Tomcat AJP Protocol Processing Bug Lets Remote...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AJP Protocol Processing Bug Lets Remote Users Bypass Authentication or Obtain Information T-707: Apache Tomcat AJP Protocol Processing Bug Lets Remote Users Bypass Authentication...

  2. T-663: Cisco Content Services Gateway ICMP Processing Flaw Lets...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    3: Cisco Content Services Gateway ICMP Processing Flaw Lets Remote Users Deny Service T-663: Cisco Content Services Gateway ICMP Processing Flaw Lets Remote Users Deny Service July...

  3. V-235: Cisco Mobility Services Engine Configuration Error Lets...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5: Cisco Mobility Services Engine Configuration Error Lets Remote Users Login Anonymously V-235: Cisco Mobility Services Engine Configuration Error Lets Remote Users Login ...

  4. V-202: Cisco Video Surveillance Manager Bugs Let Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Video Surveillance Manager Bugs Let Remote Users Obtain Potentially Sensitive Information V-202: Cisco Video Surveillance Manager Bugs Let Remote Users Obtain Potentially Sensitive...

  5. V-150: Apache VCL Input Validation Flaw Lets Remote Authenticated...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Apache VCL Input Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges V-150: Apache VCL Input Validation Flaw Lets Remote Authenticated Users Gain Elevated...

  6. V-155: Apache Tomcat FORM Authenticator Lets Remote Users Conduct...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5: Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks V-155: Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks...

  7. V-220: Juniper Security Threat Response Manager Lets Remote Authentica...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Threat Response Manager Lets Remote Authenticated Users Execute Arbitrary Commands V-220: Juniper Security Threat Response Manager Lets Remote Authenticated Users Execute...

  8. V-176: Adobe Flash Player Memory Corruption Flaw Lets Remote...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    6: Adobe Flash Player Memory Corruption Flaw Lets Remote Users Execute Arbitrary Code V-176: Adobe Flash Player Memory Corruption Flaw Lets Remote Users Execute Arbitrary Code June...

  9. V-149: Microsoft Internet Explorer Object Access Bug Lets Remote...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    9: Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary Code V-149: Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary...

  10. U-262: Microsoft Internet Explorer Flaw Lets Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2: Microsoft Internet Explorer Flaw Lets Remote Users Execute Arbitrary Code U-262: Microsoft Internet Explorer Flaw Lets Remote Users Execute Arbitrary Code September 18, 2012 -...

  11. T-728: Apache Tomcat HTTP DIGEST Authentication Weaknesses Let...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    8: Apache Tomcat HTTP DIGEST Authentication Weaknesses Let Remote Users Conduct Bypass Attacks T-728: Apache Tomcat HTTP DIGEST Authentication Weaknesses Let Remote Users Conduct...

  12. U-047: Siemens Automation License Manager Bugs Let Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    7: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code U-047: Siemens Automation License Manager Bugs Let Remote Users Deny Service or...

  13. Defining a Possible Low LET Bystander Effect

    SciTech Connect (OSTI)

    Charles R. Geard

    2009-05-04

    Current radiation protection guidelines assume a linear response to ionizing radiations down through doses where epidemiological studies provide very limited to no information as to the propriety of such assumptions. The bystander response is a non-targeted effect which might impact such guidelines. These studies while clearly affirming a bystander response for high LET radiations, do not provide such affirmation for environmentally relevant low dose, low LET radiations. Caution and further study are necessary before making judgements that could impact on current standards.

  14. T-527: OpenSC Smart Card Serial Number Multiple Buffer Overflow Vulnerabilities

    Broader source: Energy.gov [DOE]

    OpenSC is prone to multiple buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage these issues to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

  15. T-574: Google Chrome Multiple Flaws Let Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    4: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code T-574: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code March 10, 2011 - 3:05pm Addthis...

  16. V-127: Samba Bug Lets Remote Authenticated Users Modify Files...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    7: Samba Bug Lets Remote Authenticated Users Modify Files V-127: Samba Bug Lets Remote Authenticated Users Modify Files April 5, 2013 - 6:00am Addthis PROBLEM: A vulnerability was...

  17. INFOGRAPHIC: Let's Get to Work on Solar Soft Costs | Department...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Let's Get to Work on Solar Soft Costs INFOGRAPHIC: Let's Get to Work on Solar Soft Costs December 2, 2013 - 1:00pm Addthis Learn how soft costs are contributing to the price of ...

  18. V-218: HP Service Manager Unspecified Flaw Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    U-010:HP Onboard Administrator Unspecified Flaw Lets Remote Users Gain Access U-029: TCPIP Services for OpenVMS POPIMAP Service Bug Lets Remote Users Gain Unauthorized Access...

  19. U-010:HP Onboard Administrator Unspecified Flaw Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    0:HP Onboard Administrator Unspecified Flaw Lets Remote Users Gain Access U-010:HP Onboard Administrator Unspecified Flaw Lets Remote Users Gain Access October 13, 2011 - 8:15am...

  20. Solar Decathlon 2015: Let the Competition Begin | Department...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Let the Competition Begin Solar Decathlon 2015: Let the Competition Begin February 13, 2014 - 1:00pm Addthis The Solar Decathlon competition has provided more than 17,000 college ...

  1. Sandia National Laboratories: Let it rain

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Let it rain By Karli Massey Thursday, September 01, 2016 Sandia's clean water stewards focus on stormwater runoff Sandia experts, students explore mechanical challenges at summer institute Environmental technical professional John Kay (4141) inspects a construction site at Sandia before a storm to ensure proper protection measures are in place near stormwater drains. Monsoon season is well underway in New Mexico and other areas across the Southwest. The flash floods caused by monsoon storms

  2. T-660: OpenSSH on FreeBSD Has Buffer Overflow in pam_thread() That Lets Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    The module does not adequately validate user input leading to an cross-site scripting (XSS) possibility in certain circumstances.

  3. U-277: Google Chrome Multiple Flaws Let Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Addthis PROBLEM: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): prior to 22.0.1229.92 ABSTRACT: Several vulnerabilities were...

  4. Task QA plan for Modified Prototypic Hydragard{trademark} Sampler Overflow System Demonstration at TNX

    SciTech Connect (OSTI)

    Snyder, T.K.

    1993-10-04

    The primary objective of this task is to evaluate the proposed design modifications to the sample system, including the adequacy of the recommended eductor and the quality of samples obtained from the modified system. Presently, the sample streams are circulated from the originating tank, through a Hydragard{trademark} sampler system, and back to the originating tank. The overflow from the Hydragard{trademark} sampler flows to the Recycle Collection Tank (RCT). This report outlines the planned quality assurance controls for the design modification task, including organization and personnel, surveillances, and records package.

  5. T-556: BMC PATROL Agent Service Daemon stack-based buffer overflow

    Broader source: Energy.gov [DOE]

    Stack-based buffer overflow in BMC PATROL Agent Service Daemon for in Performance Analysis for Servers, Performance Assurance for Servers, and Performance Assurance for Virtual Servers 7.4.00 through 7.5.10; Performance Analyzer and Performance Predictor for Servers 7.4.00 through 7.5.10; and Capacity Management Essentials 1.2.00 (7.4.15) allows remote attackers to execute arbitrary code via a crafted length value in a BGS_MULTIPLE_READS command to TCP port 6768.

  6. V-151: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload...

    Energy Savers [EERE]

    Users Upload Files and Let Remote Users Conduct Cross-Site Scripting Attacks V-151: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and Let Remote Users ...

  7. U-279: Cisco Firewall Services Module Bugs Let Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    79: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service U-279: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code ...

  8. U-159: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    9: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users Bypass Authentication U-159: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users Bypass...

  9. U-242: Linux Kernel Netlink SCM_CREDENTIALS Processing Flaw Lets...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2: Linux Kernel Netlink SCMCREDENTIALS Processing Flaw Lets Local Users Gain Elevated Privileges U-242: Linux Kernel Netlink SCMCREDENTIALS Processing Flaw Lets Local Users Gain...

  10. V-156: Linux Kernel Array Bounds Checking Flaw Lets Local Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    6: Linux Kernel Array Bounds Checking Flaw Lets Local Users Gain Elevated Privileges V-156: Linux Kernel Array Bounds Checking Flaw Lets Local Users Gain Elevated Privileges May...

  11. V-195: RSA Authentication Manager Lets Local Users View the Administra...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5: RSA Authentication Manager Lets Local Users View the Administrative Account Password V-195: RSA Authentication Manager Lets Local Users View the Administrative Account Password...

  12. V-172: ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    ISC BIND RUNTIMECHECK Error Lets Remote Users Deny Service Against Recursive Resolvers V-172: ISC BIND RUNTIMECHECK Error Lets Remote Users Deny Service Against Recursive...

  13. U-241: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information U-241: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain...

  14. U-005: Apache mod_proxy Pattern Matching Bug Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5: Apache modproxy Pattern Matching Bug Lets Remote Users Access Internal Servers U-005: Apache modproxy Pattern Matching Bug Lets Remote Users Access Internal Servers October 6,...

  15. U-142: HP Onboard Administrator Bugs Let Remote Users Gain Access...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks U-142: HP Onboard Administrator Bugs Let Remote Users Gain...

  16. U-046: Apache mod_proxy/mod_rewrite Bug Lets Remote Users Access...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    6: Apache modproxymodrewrite Bug Lets Remote Users Access Internal Servers U-046: Apache modproxymodrewrite Bug Lets Remote Users Access Internal Servers November 28, 2011 -...

  17. U-049: IBM Tivoli Netcool Reporter CGI Bug Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    LaserJet Printers Unspecified Flaw Lets Remote Users Update Firmware with Arbitrary Code U-053: Linux kexec Bugs Let Local and Remote Users Obtain Potentially Sensitive Information

  18. T-703: Cisco Unified Communications Manager Open Query Interface Lets

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Remote Users Obtain Database Contents | Department of Energy 703: Cisco Unified Communications Manager Open Query Interface Lets Remote Users Obtain Database Contents T-703: Cisco Unified Communications Manager Open Query Interface Lets Remote Users Obtain Database Contents August 26, 2011 - 3:45pm Addthis PROBLEM: A vulnerability was reported in Cisco Unified Communications Manager. A remote user can obtain database contents PLATFORM: Cisco Unified Communications Manager 6.x, 7.x, 8.0, 8.5

  19. T-678: Red Hat Enterprise Virtualization Hypervisor VLAN Packet Processing Flaw Lets Remote Users Deny Service

    Office of Energy Efficiency and Renewable Energy (EERE)

    Red Hat Enterprise Virtualization Hypervisor VLAN Packet Processing Flaw Lets Remote Users Deny Service.

  20. T-707: Apache Tomcat AJP Protocol Processing Bug Lets Remote Users Bypass Authentication or Obtain Information

    Broader source: Energy.gov [DOE]

    Apache Tomcat AJP protocol processing bug lets remote users bypass authentication or obtain information.

  1. V-151: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Let Remote Users Conduct Cross-Site Scripting Attacks | Department of Energy 51: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and Let Remote Users Conduct Cross-Site Scripting Attacks V-151: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and Let Remote Users Conduct Cross-Site Scripting Attacks May 8, 2013 - 12:06am Addthis PROBLEM: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and Let Remote Users Conduct Cross-Site Scripting Attacks

  2. Shrinking the trash heap

    SciTech Connect (OSTI)

    Gillis, A.M.

    1992-02-01

    This article evaluates uses of composted solid wastes. Uses are described for agriculture, horticulture, silviculture, for soil amendments and for land reclamation projects. Researchers are exploring problems related to the availability and toxicity of metals in the compost and the effects of these metals in the food supply. Consumer acceptance has been the major drawback to successful marketing of the product.

  3. T-559: Stack-based buffer overflow in oninit in IBM Informix Dynamic Server (IDS) 11.50 allows remote execution

    Broader source: Energy.gov [DOE]

    Stack-based buffer overflow in oninit in IBM Informix Dynamic Server (IDS) 11.50 allows remote execution attackers to execute arbitrary code via crafted arguments in the USELASTCOMMITTED session environment option in a SQL SET ENVIRONMENT statement

  4. A directed-overflow and damage-control N -glycosidase in riboflavin biosynthesis

    DOE Public Access Gateway for Energy & Science Beta (PAGES Beta)

    Frelin, Océane; Huang, Lili; Hasnain, Ghulam; Jeffryes, James G.; Ziemak, Michael J.; Rocca, James R.; Wang, Bing; Rice, Jennifer; Roje, Sanja; Yurgel, Svetlana N.; et al

    2015-02-15

    Plants and bacteria synthesize the essential human micronutrient riboflavin (vitamin B2) via the same multistep pathway. The early intermediates of this pathway are notoriously reactive, and may be overproduced in vivo because riboflavin biosynthesis enzymes lack feedback controls. Here we demonstrate disposal of riboflavin intermediates by COG3236 (DUF1768), a protein of previously unknown function that is fused to two different riboflavin pathway enzymes in plants and bacteria (RIBR and RibA, respectively). We present cheminformatic, biochemical, genetic, and genomic evidence to show that: (i) plant and bacterial COG3236 proteins cleave the N-glycosidic bond of the first two intermediates of riboflavin biosynthesis,more » yielding relatively innocuous products; (ii) certain COG3236 proteins are in a multienzyme riboflavin biosynthesis complex that gives them privileged access to riboflavin intermediates; and (iii) COG3236 action in Arabidopsis thaliana and Escherichia coli helps maintain flavin levels. We find COG3236 proteins thus illustrate two emerging principles in chemical biology: directed overflow metabolism, in which excess flux is diverted out of a pathway, and the pre-emption of damage from reactive metabolites.« less

  5. FROM HOT JUPITERS TO SUPER-EARTHS VIA ROCHE LOBE OVERFLOW

    SciTech Connect (OSTI)

    Valsecchi, Francesca; Rasio, Frederic A.; Steffen, Jason H.

    2014-09-20

    Through tidal dissipation in a slowly spinning host star, the orbits of many hot Jupiters may decay down to the Roche limit. We expect that the ensuing mass transfer will be stable in most cases. Using detailed numerical calculations, we find that this evolution is quite rapid, potentially leading to the complete removal of the gaseous envelope in a few gigayears, and leaving behind an exposed rocky core (a {sup h}ot super-Earth{sup )}. Final orbital periods are quite sensitive to the details of the planet's mass-radius relation and to the effects of irradiation and photo-evaporation, but could be as short as a few hours or as long as several days. Our scenario predicts the existence of planets with intermediate masses ({sup h}ot Neptunes{sup )} that should be found precisely at their Roche limit and in the process of losing mass through Roche lobe overflow. The observed excess of small single-planet candidate systems observed by Kepler may also be the result of this process. If so, the properties of their host stars should track those of the hot Jupiters. Moreover, the number of systems that produced hot Jupiters could be two to three times larger than one would infer from contemporary observations.

  6. U-170: Apple QuickTime Multiple Flaws Let Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    overflow CVE-2012-0670. A specially crafted '.pict' file can trigger a memory corruption error CVE-2012-0671. Impact: A remote user can create a file that, when loaded by...

  7. T-568: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    execute arbitrary code. 4) An error within the internal memory mapping of non-local JavaScript variables can be exploited to cause a buffer overflow and potentially execute...

  8. The exometabolome of Clostridium thermocellum reveals overflow metabolism at high cellulose loading

    DOE Public Access Gateway for Energy & Science Beta (PAGES Beta)

    Holwerda, Evert K.; Thorne, Philip G.; Olson, Daniel G.; Amador-Noguez, Daniel; Engle, Nancy L.; Tschaplinski, Timothy J.; van Dijken, Johannes P.; Lynd, Lee R.

    2014-10-21

    Background: Clostridium thermocellum is a model thermophilic organism for the production of biofuels from lignocellulosic substrates. The majority of publications studying the physiology of this organism use substrate concentrations of ≤10 g/L. However, industrially relevant concentrations of substrate start at 100 g/L carbohydrate, which corresponds to approximately 150 g/L solids. To gain insight into the physiology of fermentation of high substrate concentrations, we studied the growth on, and utilization of high concentrations of crystalline cellulose varying from 50 to 100 g/L by C. thermocellum. Results: Using a defined medium, batch cultures of C. thermocellum achieved 93% conversion of cellulose (Avicel)more » initially present at 100 g/L. The maximum rate of substrate utilization increased with increasing substrate loading. During fermentation of 100 g/L cellulose, growth ceased when about half of the substrate had been solubilized. However, fermentation continued in an uncoupled mode until substrate utilization was almost complete. In addition to commonly reported fermentation products, amino acids - predominantly L-valine and L-alanine - were secreted at concentrations up to 7.5 g/L. Uncoupled metabolism was also accompanied by products not documented previously for C. thermocellum, including isobutanol, meso- and RR/SS-2,3-butanediol and trace amounts of 3-methyl-1-butanol, 2-methyl-1-butanol and 1-propanol. We hypothesize that C. thermocellum uses overflow metabolism to balance its metabolism around the pyruvate node in glycolysis. In conclusion: C. thermocellum is able to utilize industrially relevant concentrations of cellulose, up to 93 g/L. We report here one of the highest degrees of crystalline cellulose utilization observed thus far for a pure culture of C. thermocellum, the highest maximum substrate utilization rate and the highest amount of isobutanol produced by a wild-type organism.« less

  9. The exometabolome of Clostridium thermocellum reveals overflow metabolism at high cellulose loading

    SciTech Connect (OSTI)

    Holwerda, Evert K.; Thorne, Philip G.; Olson, Daniel G.; Amador-Noguez, Daniel; Engle, Nancy L.; Tschaplinski, Timothy J.; van Dijken, Johannes P.; Lynd, Lee R.

    2014-10-21

    Background: Clostridium thermocellum is a model thermophilic organism for the production of biofuels from lignocellulosic substrates. The majority of publications studying the physiology of this organism use substrate concentrations of ≤10 g/L. However, industrially relevant concentrations of substrate start at 100 g/L carbohydrate, which corresponds to approximately 150 g/L solids. To gain insight into the physiology of fermentation of high substrate concentrations, we studied the growth on, and utilization of high concentrations of crystalline cellulose varying from 50 to 100 g/L by C. thermocellum. Results: Using a defined medium, batch cultures of C. thermocellum achieved 93% conversion of cellulose (Avicel) initially present at 100 g/L. The maximum rate of substrate utilization increased with increasing substrate loading. During fermentation of 100 g/L cellulose, growth ceased when about half of the substrate had been solubilized. However, fermentation continued in an uncoupled mode until substrate utilization was almost complete. In addition to commonly reported fermentation products, amino acids - predominantly L-valine and L-alanine - were secreted at concentrations up to 7.5 g/L. Uncoupled metabolism was also accompanied by products not documented previously for C. thermocellum, including isobutanol, meso- and RR/SS-2,3-butanediol and trace amounts of 3-methyl-1-butanol, 2-methyl-1-butanol and 1-propanol. We hypothesize that C. thermocellum uses overflow metabolism to balance its metabolism around the pyruvate node in glycolysis. In conclusion: C. thermocellum is able to utilize industrially relevant concentrations of cellulose, up to 93 g/L. We report here one of the highest degrees of crystalline cellulose utilization observed thus far for a pure culture of C. thermocellum, the highest maximum substrate utilization rate and the highest amount of isobutanol produced by a wild-type organism.

  10. T-621: Citrix XenServer Lets Local Administrative Users on the...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1: Citrix XenServer Lets Local Administrative Users on the Guest OS Deny Service T-621: Citrix XenServer Lets Local Administrative Users on the Guest OS Deny Service May 12, 2011 -...

  11. T-704: RSA enVision Lets Remote Users View Files and Remote Authentica...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    RSA enVision Lets Remote Users View Files and Remote Authenticated Users Obtain Password T-704: RSA enVision Lets Remote Users View Files and Remote Authenticated Users Obtain...

  12. U-107: Cisco NX-OS IP Packet Processing Flaw Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    07: Cisco NX-OS IP Packet Processing Flaw Lets Remote Users Deny Service U-107: Cisco NX-OS IP Packet Processing Flaw Lets Remote Users Deny Service February 21, 2012 - 6:00am ...

  13. T-536: Cisco ASA Multiple Flaws Let Remote Users Deny Service...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    6: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls T-536: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls ...

  14. V-189: Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users Deny Service on the Target Host V-189: Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users Deny Service on the Target...

  15. V-115: Apple iOS Bugs Let Local Users Gain Elevated Privileges...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5: Apple iOS Bugs Let Local Users Gain Elevated Privileges V-115: Apple iOS Bugs Let Local Users Gain Elevated Privileges March 20, 2013 - 12:08am Addthis PROBLEM: Apple iOS Bugs...

  16. V-113: Apple Safari Bugs Let Remote Users Execute Arbitrary Code...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    3: Apple Safari Bugs Let Remote Users Execute Arbitrary Code V-113: Apple Safari Bugs Let Remote Users Execute Arbitrary Code March 18, 2013 - 1:53am Addthis PROBLEM: Apple Safari...

  17. V-020: Apple QuickTime Multiple Flaws Let Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    0: Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary Code V-020: Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary Code November 9, 2012 - 6:00am...

  18. V-184: Google Chrome Flash Plug-in Lets Remote Users Conduct...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    4: Google Chrome Flash Plug-in Lets Remote Users Conduct Clickjacking Attacks V-184: Google Chrome Flash Plug-in Lets Remote Users Conduct Clickjacking Attacks June 24, 2013 -...

  19. V-225: McAfee Email Gateway SMTP Processing Flaw Lets Remote...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5: McAfee Email Gateway SMTP Processing Flaw Lets Remote Users Deny Service V-225: McAfee Email Gateway SMTP Processing Flaw Lets Remote Users Deny Service August 23, 2013 - 1:26am...

  20. V-212: Samba smbd CPU Processing Loop Lets Remote Users Deny...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2: Samba smbd CPU Processing Loop Lets Remote Users Deny Service V-212: Samba smbd CPU Processing Loop Lets Remote Users Deny Service August 6, 2013 - 6:00am Addthis PROBLEM: A...

  1. V-141: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other Operating Systems V-141: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other Operating Systems April...

  2. V-066: Adobe Acrobat/Reader Multiple Flaws Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    6: Adobe AcrobatReader Multiple Flaws Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges V-066: Adobe AcrobatReader Multiple Flaws Lets Remote...

  3. V-045: Adobe ColdFusion Lets Local Users Bypass Sandbox Restrictions...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5: Adobe ColdFusion Lets Local Users Bypass Sandbox Restrictions V-045: Adobe ColdFusion Lets Local Users Bypass Sandbox Restrictions December 12, 2012 - 2:00am Addthis PROBLEM:...

  4. U-257: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    7: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service U-257: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service September 12, 2012 - 6:00am Addthis...

  5. V-203: HP LoadRunner Multiple Bugs Let Remote Users Deny Service...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    V-171: Apple Safari Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks V-110: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code...

  6. V-110: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    0: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code V-110: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code March 13, 2013 - 12:04am Addthis PROBLEM:...

  7. V-140: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    0: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information V-140: Apache ActiveMQ Bugs Let Remote...

  8. V-095: Oracle Java Flaws Let Remote Users Execute Arbitrary Code...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5: Oracle Java Flaws Let Remote Users Execute Arbitrary Code V-095: Oracle Java Flaws Let Remote Users Execute Arbitrary Code February 20, 2013 - 12:38am Addthis PROBLEM: Oracle...

  9. V-142: Oracle Java Reflection API Flaw Lets Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2: Oracle Java Reflection API Flaw Lets Remote Users Execute Arbitrary Code V-142: Oracle Java Reflection API Flaw Lets Remote Users Execute Arbitrary Code April 25, 2013 - 12:14am...

  10. U-029: TCP/IP Services for OpenVMS POP/IMAP Service Bug Lets...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    9: TCPIP Services for OpenVMS POPIMAP Service Bug Lets Remote Users Gain Unauthorized Access U-029: TCPIP Services for OpenVMS POPIMAP Service Bug Lets Remote Users Gain...

  11. V-144: HP Printers Let Remote Users Access Files on the Printer...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    4: HP Printers Let Remote Users Access Files on the Printer V-144: HP Printers Let Remote Users Access Files on the Printer April 29, 2013 - 12:27am Addthis PROBLEM: HP Printers...

  12. V-179: Blackberry Z10 Flaw Lets Physically Local Users Access...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    9: Blackberry Z10 Flaw Lets Physically Local Users Access the Device V-179: Blackberry Z10 Flaw Lets Physically Local Users Access the Device June 17, 2013 - 1:09am Addthis...

  13. V-194: Citrix XenServer Memory Management Error Lets Local Administrat...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    XenServer Memory Management Error Lets Local Administrative Users on the Guest Gain Access on the Host V-194: Citrix XenServer Memory Management Error Lets Local Administrative...

  14. V-147: IBM Lotus Notes Mail Client Lets Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    7: IBM Lotus Notes Mail Client Lets Remote Users Execute Java Applets V-147: IBM Lotus Notes Mail Client Lets Remote Users Execute Java Applets May 2, 2013 - 6:00am Addthis...

  15. V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service ...

  16. U-239: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    U-165: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs T-676: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote Users Access or ...

  17. U-082: McAfee SaaS 'myCIOScn.dll' ActiveX Control Lets Remote...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Lets Remote Users Execute Arbitrary Code January 17, 2012 - 1:00pm Addthis PROBLEM: PHP Null Pointer Dereference in zendstrndup() Lets Local Users Deny Service PLATFORM: PHP...

  18. T-673: Apple Safari Multiple Flaws Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks

    Broader source: Energy.gov [DOE]

    Apple Safari Multiple Flaws Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks

  19. V-135: Cisco ASA Multiple Bugs Let Remote Users Deny Service | Department

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    of Energy 5: Cisco ASA Multiple Bugs Let Remote Users Deny Service V-135: Cisco ASA Multiple Bugs Let Remote Users Deny Service April 16, 2013 - 12:21am Addthis PROBLEM: Cisco ASA Multiple Bugs Let Remote Users Deny Service PLATFORM: Cisco ASA Software for Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, and Cisco ASA 1000V Cloud Firewall are affected by multiple vulnerabilities. Affected

  20. U-053: Linux kexec Bugs Let Local and Remote Users Obtain Potentially

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Sensitive Information | Department of Energy 53: Linux kexec Bugs Let Local and Remote Users Obtain Potentially Sensitive Information U-053: Linux kexec Bugs Let Local and Remote Users Obtain Potentially Sensitive Information December 7, 2011 - 7:30am Addthis PROBLEM: Linux kexec Bugs Let Local and Remote Users Obtain Potentially Sensitive Information . PLATFORM: Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat Enterprise Linux Server (v. 6) Red Hat

  1. U-279: Cisco Firewall Services Module Bugs Let Remote Users Execute

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Arbitrary Code and Deny Service | Department of Energy 79: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service U-279: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service October 11, 2012 - 6:00am Addthis PROBLEM: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service PLATFORM: Version(s): prior to 4.1(9) ABSTRACT: Several vulnerabilities were reported in Cisco Firewall

  2. Spotlight on Austin, Texas: Let Your Contractor Be Your Guide for Big

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Rewards | Department of Energy Let Your Contractor Be Your Guide for Big Rewards Spotlight on Austin, Texas: Let Your Contractor Be Your Guide for Big Rewards Spotlight on Austin, Texas: Let Your Contractor Be Your Guide for Big Rewards, as posted on the U.S. Department of Energy's Better Buildings Neighborhood Program website. Spotlight on Austin, Texas (444.88 KB) More Documents & Publications Spotlight on Austin, Texas: Best Offer Ever Produces Upgrades in Record Time Spotlight on

  3. T-536: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Security Controls | Department of Energy 36: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls T-536: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls January 18, 2011 - 2:30pm Addthis PROBLEM: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls. PLATFORM: Cisco 5500 Series Adaptive Security Appliances (ASA) ABSTRACT: Cisco ASA 5500 Series Adaptive Security Appliances are affected by multiple

  4. V-076: Cisco Wireless LAN Controller Bugs Let Remote Users Deny...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cisco Wireless LAN Controller Bugs Let Remote Users Deny Service and Remote Authenticated Users Modify the Configuration and Execute Arbitrary Code V-076: Cisco Wireless LAN ...

  5. U-053: Linux kexec Bugs Let Local and Remote Users Obtain Potentially...

    Office of Environmental Management (EM)

    Linux kexec Bugs Let Local and Remote Users Obtain Potentially Sensitive Information . PLATFORM: Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) ...

  6. U-233: Oracle Database INDEXTYPE CTXSYS.CONTEXT Bug Lets Remote...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Articles U-083:Oracle Critical Patch Update Advisory - January 2012 V-067: Oracle Java Flaw Lets Remote Users Execute Arbitrary Code T-576: Oracle Solaris Adobe Flash Player...

  7. Debate response: Which rate designs provide revenue stability and efficient price signals? Let the debate continue.

    SciTech Connect (OSTI)

    Boonin, David Magnus

    2009-11-15

    Let's engage in further discussion that provides solutions and details, not just criticisms and assertions. Let's engage in a meaningful dialogue about the conditions where real-time pricing or critical peak pricing with decoupling or the SFV rate design with a feebate is most effective. (author)

  8. Let7a involves in neural stem cell differentiation relating with TLX level

    SciTech Connect (OSTI)

    Song, Juhyun; Cho, Kyoung Joo; Oh, Yumi; Lee, Jong Eun

    2015-07-10

    Neural stem cells (NSCs) have the potential for differentiation into neurons known as a groundbreaking therapeutic solution for central nervous system (CNS) diseases. To resolve the therapeutic efficiency of NSCs, recent researchers have focused on the study on microRNA's role in CNS. Some micro RNAs have been reported significant functions in NSC self-renewal and differentiation through the post-transcriptional regulation of neurogenesis genes. MicroRNA-Let7a (Let7a) has known as the regulator of diverse cellular mechanisms including cell differentiation and proliferation. In present study, we investigated whether Let7a regulates NSC differentiation by targeting the nuclear receptor TLX, which is an essential regulator of NSC self-renewal, proliferation and differentiation. We performed the following experiments: western blot analysis, TaqMan assay, RT-PCR, and immunocytochemistry to confirm the alteration of NSCs. Our data showed that let7a play important roles in controlling NSC fate determination. Thus, manipulating Let-7A and TLX could be a novel strategy to enhance the efficiency of NSC's neuronal differentiation for CNS disorders. - Highlights: • Let7a influences on NSC differentiation and proliferation. • Let7a involves in mainly NSC differentiation rather than proliferation. • Let7a positively regulates the TLX expression.

  9. Don't Let Your Money and Hot Water Go Down the Drain | Department...

    Energy Savers [EERE]

    Don't Let Your Money and Hot Water Go Down the Drain Don't Let Your Money and Hot Water Go Down the Drain December 9, 2008 - 4:00am Addthis John Lippert Do you look at your ...

  10. T-606: Sun Java System Access Manager Lets Remote Users Partially Modify Data and Remote Authenticated Users Partially Access Data

    Broader source: Energy.gov [DOE]

    Sun Java System Access Manager Lets Remote Users Partially Modify Data and Remote Authenticated Users Partially Access Data.

  11. U-049: IBM Tivoli Netcool Reporter CGI Bug Lets Remote Users Inject

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Commands on the Target System | Department of Energy 49: IBM Tivoli Netcool Reporter CGI Bug Lets Remote Users Inject Commands on the Target System U-049: IBM Tivoli Netcool Reporter CGI Bug Lets Remote Users Inject Commands on the Target System December 1, 2011 - 9:00am Addthis PROBLEM: IBM Tivoli Netcool Reporter CGI Bug Lets Remote Users Inject Commands on the Target System. PLATFORM: IBM Tivoli Netcool Reporter prior to 2.2.0.8 ABSTRACT: A vulnerability was reported in IBM Tivoli Netcool

  12. U-239: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Addresses | Department of Energy 39: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source Addresses U-239: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source Addresses August 20, 2012 - 7:00am Addthis PROBLEM: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source Addresses PLATFORM: Version(s): 6 beta 4 and prior versions ABSTRACT: A remote user can spoof SMS source addresses. Reference LINKS: SecurityTracker Alert ID: 1027410 Apple.com PCMag.com

  13. V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Users Deny Service | Department of Energy 1: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service January 17, 2013 - 12:00am Addthis PROBLEM: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service PLATFORM: The vulnerability is reported in versions 8.7.1 and 8.7.1.1. ABSTRACT: A vulnerability has been reported in Cisco ASA 1000V Cloud Firewall

  14. V-165: Cisco WebEx for iOS Certificate Validation Flaw Lets Remote Users

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Spoof the Server | Department of Energy 65: Cisco WebEx for iOS Certificate Validation Flaw Lets Remote Users Spoof the Server V-165: Cisco WebEx for iOS Certificate Validation Flaw Lets Remote Users Spoof the Server May 28, 2013 - 12:46am Addthis PROBLEM: Cisco WebEx for iOS Certificate Validation Flaw Lets Remote Users Spoof the Server PLATFORM: Cisco WebEx for iOS 4.1, Other versions may also be affected. ABSTRACT: A vulnerability was reported in Cisco WebEx for iOS. REFERENCE LINKS:

  15. T-575: OpenLDAP back-ndb Lets Remote Users Authenticate Without a Valid

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Password | Department of Energy 5: OpenLDAP back-ndb Lets Remote Users Authenticate Without a Valid Password T-575: OpenLDAP back-ndb Lets Remote Users Authenticate Without a Valid Password March 11, 2011 - 3:05pm Addthis PROBLEM: A vulnerability was reported in OpenLDAP. A remote user can authenticate without a valid password. PLATFORM: Open LDAP version(s) 2.4.12 - 2.2.24 ABSTRACT: OpenLDAP back-ndb Lets Remote Users Authenticate Without a Valid Password. reference LINKS: SecurityTracker

  16. T-727:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Sessions | Department of Energy 7:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption Sessions T-727:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption Sessions September 27, 2011 - 8:00am Addthis PROBLEM: Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption Sessions. PLATFORM: Windows XP Service Pack 3 Windows XP Professional x64 Edition Service Pack 2 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows

  17. MicroRNAs let-7b/i suppress human glioma cell invasion and migration by targeting IKBKE directly

    SciTech Connect (OSTI)

    Tian, Yuan; Hao, Shaobo; Ye, Minhua; Zhang, Anling; Nan, Yang; Wang, Guangxiu; Jia, Zhifan; Yu, Kai; Guo, Lianmei; Pu, Peiyu; Huang, Qiang; Zhong, Yue

    2015-03-06

    We demonstrated that IKBKE is overexpressed in human gliomas and that the downregulation of IKBKE markedly inhibits the proliferative and invasive abilities of glioma cells, which is consistent with the results reported by several different research groups. Therefore, IKBKE represents a promising therapeutic target for the treatment of glioma. In the present study, we verified that the microRNAs let-7b and let-7i target IKBKE through luciferase assays and found that let-7b/i mimics can knock down IKBKE and upregulate E-cadherin through western blot analysis. Moreover, the expression levels of let-7b/i were significantly lower in glioma cell lines than that in normal brain tissues, as determined by quantitative real-time PCR. Furthermore, let-7b/i inhibit the invasion and migration of glioma cells, as determined through wound healing and Transwell assays. The above-mentioned data suggest that let-7b/i inhibit the invasive ability of glioma cells by directly downregulating IKBKE and indirectly upregulating E-cadherin. - Highlights: • Let-7b and let-7i are downregulated in glioma cell lines. • IKBKE is a target gene of let-7b/i. • Let-7b/i inhibit the invasion and migration of glioma cells. • Let-7b/i upregulate E-cadherin by downregulating IKBKE.

  18. U-068:Linux Kernel SG_IO ioctl Bug Lets Local Users Gain Elevated...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Linux Kernel SGIO ioctl Bug Lets Local Users Gain Elevated Privileges PLATFORM: Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat...

  19. T-563: Red Hat Directory Server Bugs Let Local Users Gain Elevated...

    Broader source: Energy.gov (indexed) [DOE]

    server and command line utilities for server administration. Addthis Related Articles T-671: Red Hat system-config-firewall Lets Local Users Gain Root Privileges V-041: Red Hat...

  20. V-183: Cisco TelePresence TC and TE Bugs Let Remote Users Deny...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Remote Users Deny Service and Remote Adjacent Authenticated Users Gain Root Shell Access V-183: Cisco TelePresence TC and TE Bugs Let Remote Users Deny Service and Remote Adjacent...

  1. T-727:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    U-033: Microsoft Security Bulletin Summary for November 2011 T-706: Microsoft Fraudulent Digital Certificate Issued by DigiNotar U-259: RSA BSAFE SSL-C Lets Remote Users Decrypt ...

  2. U-247: EMC Cloud Tiering Appliance Flaw Lets Remote Users Bypass...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    CTA 7.3.1 and later with Hotfix ESA-2012-034 Addthis Related Articles V-045: Adobe ColdFusion Lets Local Users Bypass Sandbox Restrictions V-036: EMC Smarts Network...

  3. U-111: IBM AIX ICMP Processing Flaw Lets Remote Users Deny Service...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    aixefixessecurityicmpfix.tar Addthis Related Articles U-096: IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny Service V-031: IBM WebSphere DataPower...

  4. T-575: OpenLDAP back-ndb Lets Remote Users Authenticate Without...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Remote Users Authenticate Without a Valid Password T-575: OpenLDAP back-ndb Lets Remote Users Authenticate Without a Valid Password March 11, 2011 - 3:05pm Addthis PROBLEM: A ...

  5. U-089:Apache Struts ParameterInterceptor() Flaw Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Apache Struts ParameterInterceptor() Flaw Lets Remote Users Execute Arbitrary Commands PLATFORM: Struts 2.0.0 - Struts 2.3.1.1 ABSTRACT: A remote user can execute arbitrary code...

  6. V-109: Google Chrome WebKit Type Confusion Error Lets Remote...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Google Chrome WebKit Type Confusion Error Lets Remote Users Execute Arbitrary Code PLATFORM: Google Chrome prior to 25.0.1364.160 ABSTRACT: A vulnerability was reported in...

  7. V-076: Cisco Wireless LAN Controller Bugs Let Remote Users Deny Service and

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Remote Authenticated Users Modify the Configuration and Execute Arbitrary Code | Department of Energy 6: Cisco Wireless LAN Controller Bugs Let Remote Users Deny Service and Remote Authenticated Users Modify the Configuration and Execute Arbitrary Code V-076: Cisco Wireless LAN Controller Bugs Let Remote Users Deny Service and Remote Authenticated Users Modify the Configuration and Execute Arbitrary Code January 24, 2013 - 6:00am Addthis PROBLEM: Several vulnerabilities were reported in

  8. Let's Try That Again: Selling the Teapot Dome Oil Field | Department of

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Energy Let's Try That Again: Selling the Teapot Dome Oil Field Let's Try That Again: Selling the Teapot Dome Oil Field January 30, 2015 - 11:28am Addthis A solitary oil pump at the Teapot Dome Oilfield in Wyoming. | Department of Energy photo. A solitary oil pump at the Teapot Dome Oilfield in Wyoming. | Department of Energy photo. Allison Lantero Allison Lantero Digital Content Specialist, Office of Public Affairs In 1922, President Warren Harding's Interior Secretary Albert Fall found

  9. V-235: Cisco Mobility Services Engine Configuration Error Lets Remote Users

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Login Anonymously | Department of Energy 5: Cisco Mobility Services Engine Configuration Error Lets Remote Users Login Anonymously V-235: Cisco Mobility Services Engine Configuration Error Lets Remote Users Login Anonymously September 5, 2013 - 12:33am Addthis PROBLEM: A vulnerability was reported in Cisco Mobility Services Engine. A remote user can login anonymously. PLATFORM: Cisco Mobility Services Engine ABSTRACT: A vulnerability in Cisco Mobility Services Engine could allow an

  10. U-091: cURL Lets Remote Users Decrypt SSL/TLS Traffic | Department of

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Energy 91: cURL Lets Remote Users Decrypt SSL/TLS Traffic U-091: cURL Lets Remote Users Decrypt SSL/TLS Traffic January 30, 2012 - 6:45am Addthis PROBLEM: A vulnerability was reported in cURL. PLATFORM: Linux (Any), UNIX (Any), Windows (Any) : Version(s): 7.10.6 through 7.23.1 ABSTRACT: A remote user can decrypt SSL/TLS sessions in certain cases. reference LINKS: CVE-2011-3389 SecurityTracker Alert ID: 1026587 Vendor Advisory IMPACT ASSESSMENT: Moderate Discussion: A remote user with the

  11. U-107: Cisco NX-OS IP Packet Processing Flaw Lets Remote Users Deny Service

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    | Department of Energy 07: Cisco NX-OS IP Packet Processing Flaw Lets Remote Users Deny Service U-107: Cisco NX-OS IP Packet Processing Flaw Lets Remote Users Deny Service February 21, 2012 - 6:00am Addthis PROBLEM: A vulnerability was reported in Cisco NX-OS. A remote user can cause denial of service conditions. PLATFORM: Nexus 1000v, 5000, and 7000 Series Switches ABSTRACT: A remote user can send a specially crafted IP packet to cause the target device to reload. reference LINKS: Cisco

  12. T-676: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Users Access or Modify SSL/TLS Sessions | Department of Energy 76: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote Users Access or Modify SSL/TLS Sessions T-676: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote Users Access or Modify SSL/TLS Sessions July 26, 2011 - 1:06am Addthis PROBLEM: A vulnerability was reported in Apple iOS. A remote user with the ability to conduct a man-in-the-middle attack can access or modify SSL/TLS sessions. PLATFORM: iOS 4.2.5

  13. T-692: VMware vFabric tc Server Lets Remote Users Login Using Obfuscated

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Passwords | Department of Energy 92: VMware vFabric tc Server Lets Remote Users Login Using Obfuscated Passwords T-692: VMware vFabric tc Server Lets Remote Users Login Using Obfuscated Passwords August 12, 2011 - 3:47pm Addthis PROBLEM: A vulnerability was reported in VMware vFabric tc Server. A remote user can login using an obfuscated version of their password. PLATFORM: Version(s): vFabric tc Server 2.0.0.RELEASE to 2.0.5.SR01, 2.1.0.RELEASE to 2.1.1.SR01 ABSTRACT: VMware vFabric tc

  14. U-152: OpenSSL "asn1_d2i_read_bio()" DER Format Data Processing Vulnerability

    Broader source: Energy.gov [DOE]

    The vulnerability is caused due to a type casting error in the "asn1_d2i_read_bio()" function when processing DER format data and can be exploited to cause a heap-based buffer overflow.

  15. Effects of estrogen and gender on cataractogenesis induced by high-LET radiation

    SciTech Connect (OSTI)

    Henderson, M.A.; Rusek, A.; Valluri, S.; Garrett, J.; Lopez, J.; Caperell-Grant, A.; Mendonca, M.; Bigsby, R.; Dynlacht, J.

    2010-02-01

    Planning for long-duration manned lunar and interplanetary missions requires an understanding of radiation-induced cataractogenesis. Previously, it was demonstrated that low-linear energy transfer (LET) irradiation with 10 Gy of {sup 60}Co {gamma} rays resulted in an increased incidence of cataracts in male rats compared to female rats. This gender difference was not due to differences in estrogen, since male rats treated with the major secreted estrogen 17-{beta}-estradiol (E2) showed an identical increase compared to untreated males. We now compare the incidence and rate of progression of cataracts induced by high-LET radiation in male and female Sprague-Dawley rats. Rats received a single dose of 1 Gy of 600 MeV {sup 56}Fe ions. Lens opacification was measured at 2-4 week intervals with a slit lamp. The incidence and rate of progression of radiation-induced cataracts was significantly increased in the animals in which estrogen was available from endogenous or exogenous sources. Male rats with E2 capsules implanted had significantly higher rates of progression compared to male rats with empty capsules implanted (P = 0.025) but not compared to the intact female rats. These results contrast with data obtained after low-LET irradiation and suggest the possibility that the different types of damage caused by high- and low-LET radiation may be influenced differentially by steroid sex hormones.

  16. SU-E-T-555: A Protontherapy Inverse Treatment Planning System Prototype with Linear Energy Transfer (LET) Optimization

    SciTech Connect (OSTI)

    Sanchez-Parcerisa, D; Carabe-Fernandez, A

    2014-06-01

    Purpose: Develop and benchmark an inverse treatment planning system (TPS) for proton radiotherapy integrating fast analytical dose and LET calculations in patient geometries and a dual objective function with both dose and LET components, enabling us to apply optimization techniques to improve the predicted outcome of treatments based on radiobiological models. Methods: The software package was developed in MATLAB and implements a fluence-dose calculation technique based on a pencil beam model for dose calculations and a 3D LET model based on the extension of the LET in the radial direction as a function of the predicted radiological pathway. Both models were benchmarked against commissioning data from our institution, dose calculations performed with a commercial treatment planning system and Monte Carlo simulations. The optimization is based on the adaptive simulated annealing approach . Results: The dose and LET calculations were tested in a water phantom and several real patient treatments. The pass rate for the gamma index analysis (3%/3mm) test was above 90% for all test cases analyzed, and the calculation time was of the order of seconds. The inverse planning module produced plans with a significantly higher mean LET in the target compared to traditional plans, without any loss of target coverage. The clinical relevance of this improvement is under consideration . Conclusion: The developed treatment planning system is a valuable clinical and research tool that enables us to incorporate LET effects into proton radiotherapy planning in a streamlined fashion.

  17. Research Highlight: Let the Good Times Flow - Joint Center for Energy

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Storage Research October 1, 2015, News Articles Research Highlight: Let the Good Times Flow There are two electrodes in every battery. One electrode, called the cathode, connects to the positive end of the battery and is where the electric current leaves the battery. The other electrode, the anode, connects to the negative end of the battery and is where the electric current enters the battery. The flow of these electrons through an external circuit is what produces the electric current.

  18. Spotlight on Austin, Texas: Let Your Contractor Be Your Guide for Big Rewards

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1 Spotlight on Austin, Texas: Let Your Contractor Be Your Guide for Big Rewards Workforce All About Contractors Austin Energy, a municipally owned utility, has a long history of collaborating closely with the building contractors in its area to deliver energy efficiency programs, which benefits both parties involved. Because contractors understand that Austin Energy has made a long-term commitment to supporting energy efficiency, they have been willing to invest time and money into the technical

  19. SU-E-T-581: On the Value of LET as a Radiation Quality Descriptor for RBE

    SciTech Connect (OSTI)

    Pater, P; Backstrom, G; Enger, S; Seuntjens, J; Naqa, I El; Villegas, F; Ahnesjo, A

    2015-06-15

    Purpose: To investigate the relationship between linear energy transfer (LET) and relative biological effectiveness (RBE) for protons and light ions, and the corresponding role of LET as a descriptor of radiation quality of hadron therapy. Methods: Monte Carlo (MC) proton and light ion (He, Li, C) tracks with LET < 30 eV nm{sup -1} were generated in an event-by-event mode. They were overlaid on a cell nucleus model containing 6×10{sup 9} nucleotide base pairs using an isotropic irradiation procedure that provides electronic equilibrium. Strand breaks (sbs) were scored in the DNA sugar-phosphate groups and further sub-classified into single or double sbs (ssbs or dsbs). Distributions of ssbs and dsbs for 2 Gy fractions were calculated to estimate RBE for the induction of initial dsbs with reference to {sup 60}Co. Additionally, sbs were classified based on their complexity (i.e. the number of sbs in each cluster). Results: An increase in LET for light ions of the same atomic number or a decrease in atomic number for ions of the same LET resulted in a lower kinetic energy of emitted secondary electrons. The clustering of DNA damage was more pronounced as reflected by the increase in proton RBE from ∼ 1.75 to 4 for LET values of 7 to 28 eV nm{sup -1}. A significant RBE decrease between protons, He, Li and C ions of the same LET was also noticed as function of the atomic number. Significant differences in ssbs and dsbs complexities were also seen for particles with the same LET, potentially supporting a clustering-based radiation quality descriptor. Conclusion: The LET-RBE relationships were simulated for proton and light ions and exhibited expected trends, including different RBEs for particles with the same LET but different atomic numbers. A complexity based radiation quality descriptor may allow better differentiation of RBE between radiation fields of similar LET. We would like to acknowledge support from the Fonds de recherche du Quebec Sante (FRQS), from the

  20. V-012: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting Attacks and May Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    PROBLEM: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting Attacks and May Let Remote Users Execute Arbitrary Code

  1. TEC Evaluation_PNNL11300_1996.pdf

    Office of Environmental Management (EM)

    Execute Arbitrary Code | Department of Energy 5: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users Execute Arbitrary Code T-545: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users Execute Arbitrary Code January 28, 2011 - 7:21am Addthis PROBLEM: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users Execute Arbitrary Code. PLATFORM: RealPlayer 14.0.1 and prior versions ABSTRACT: A vulnerability was reported in RealPlayer. A remote user can

  2. V-123: VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    (2044373) Addthis Related Articles U-128: VMware ESXESXi Buffer Overflow and Null Pointer Dereference Lets Local Users Gain Elevated Privileges T-552: Cisco Nexus 1000V...

  3. SU-E-T-354: Peak Temperature Ratio of TLD Glow Curves to Investigate the Spatial Dependence of LET in a Clinical Proton Beam

    SciTech Connect (OSTI)

    Reft, C [UniversityChicago, Chicago, IL (United States); Pankuch, M; Ramirez, H [ProCure Treatment Centers, Warrenville, IL (United States)

    2014-06-01

    Purpose: Use the ratio of the two high temperature peaks (HTR) in TLD 700 glow curves to investigate spatial dependence of the linear energy transfer (LET) in proton beams. Studies show that the relative biological effectiveness (RBE) depends upon the physical dose as well as its spatial distribution. Although proton therapy uses a spatially invariant RBE of 1.1, studies suggest that the RBE increases in the distal edge of a spread out Bragg peak (SOBP) due to the increased LET. Methods: Glow curve studies in TLD 700 show that the 280 C temperature peak is more sensitive to LET radiation than the 210 C temperature peak. Therefore, the areas under the individual temperature peaks for TLDs irradiated in a proton beam normalized to the peak ratio for 6 MV photons are used to determine the HTR to obtain information on its LET. TLD 700 chips with dimensions 0.310.310.038 cc are irradiated with 90 MeV protons at varying depths in a specially designed blue wax phantom to investigate LET spatial dependence. Results: Five TLDs were placed at five different depths of the percent depth dose curve (PDD) of range 16.2 cm: center of the SOPB and approximately at the 99% distal edge, 90%, 75% and 25% of the PDD, respectively. HTR was 1.3 at the center of the SOBP and varied from 2.2 to 3.9 which can be related to an LET variation from 0.5 to 18 KeV/? via calibration with radiation beams of varying LET. Conclusion: HTR data show a spatially invariant LET slightly greater than the 6 MV radiations in the SOBP, but a rapidly increasing LET at the end of the proton range. These results indicate a spatial variation in RBE with potential treatment consequences when selecting treatment margins to minimize the uncertainties in proton RBE.

  4. Movement and Injury Rates for Three Life Stages of Spring Chinook Salmon Oncorhynchus Tshawytscha : A Comparison of Submerged Orifices and an Overflow Weir for Fish Bypass in a Modular Rotary Drum Fish Screen : Annual Report 1995.

    SciTech Connect (OSTI)

    Abernethy, C. Scott; Neitzel, Duane A.; Mavros, William V.

    1996-03-01

    The Pacific Northwest National Laboratory (PNNL) evaluated the effectiveness of 6-in. and 2-in. submerged orifices, and an overflow weir for fish bypass at a rotary drum fish screening facility. A modular drum screen built by the Washington Department of Fish and Wildlife (WDFW) was installed at PNNL`s Aquatic Ecology research laboratory in Richland, Washington. Fry, subyearlings, and smolts of spring chinook salmon (Oncorhynchus tshawyacha) were introduced into the test system, and their movement and injury rates were monitored. A total of 33 tests (100 fish per test) that lasted from 24 to 48 hr were completed from 1994 through 1995. Passage rate depended on both fish size and bypass configuration. For fry/fingerling spring chinook salmon, there was no difference in passage rate through the three bypass configurations (2-in. orifice, 6-in. orifice, or overflow weir). Subyearlings moved sooner when the 6-in. orifice was used, with more than 50% exiting through the fish bypass in the first 8 hr. Smolts exited quickly and preferred the 6-in. orifice, with over 90% of the smolts exiting through the bypass in less than 2 hr. Passage was slightly slower when a weir was used, with 90% of the smolts exiting in about 4 hr. When the 2-in. orifice was used in the bypass, 90% of the smolts did not exit until after 8 hr. In addition, about 7% of the smolts failed to migrate from the forebay within 24 hr, indicating that smolts were significantly delayed when the 2-in. orifice was used. Few significant injuries were detected for any of the life stages. However, light descaling occurred on about 15% of chinook salmon smolts passing through the 2-in. orifice. Although a single passage through the orifice did not appear to cause significant scale loss or other damage, passing through several screening facilities with 2-in. orifices could cause cumulative injuries.

  5. MOLECULAR MECHANISM OF SUPPRESSION OF NEOPLASTIC TRANSFORMATION BY LOW DOSES OF LOW LET RADIATION

    SciTech Connect (OSTI)

    J.LESIE REDPATH, PH.D.

    2011-03-29

    We are currently funded (9/01-8/04) by the DOE Low Dose Radiation Research Program to examine mechanisms underlying the suppression of neoplastic transformation in vitro by low doses of low LET radiation. For the new studies proposed under Notice 04-21, we intend to follow up on our observation that upregulation of DNA repair may be an important factor and that its importance is dose-dependent. The experimental system will be the human hybrid cell neoplastic transformation assay that we are currently using. We propose to test the following hypothesis: Down-regulation of DNA dsb repair will abrogate the low dose suppression of neoplastic transformation. Using the technique of RNA silencing, it is proposed to test the effect of down-regulation of the two major DNA dsb repair pathways, homologous recombination (HR) and non-homologous end-joining (NHEJ), on the dose response relationship for neoplastic transformation. Based on prior studies, we predict that this will result in abrogation of the suppressive effect at doses in the range 1 to 10 cGy, but not at lower doses. The proposed experiments will also help address the question as to which of the two DNA repair pathways may be the most important in causing suppression of transformation. HR is a pathway that is predominant in S and G2 phase cells and is known to be less error-prone than the NHEJ pathway that is predominant in G1 phase. We hypothesize that down-regulation of HR will result in the most effective abrogation of suppression. An important component of this study will be the determination of the how abrogation of DNA dsb repair impacts the spontaneous transformation frequency, presumably a consequence of endogeneous DNA damage. Experiments will be carried out using partially synchronized populations of cells enriched for G1 and S/G2 respectively. In addition to the endpoint of neoplastic transformation the impact of down-regulation of HR and NHEJ on the formation and disappearance of the DNA dsb marker

  6. Oxidative Stress and Skeletal Health with Low-Dose, Low-LET (Linear Energy Transfer) Ionizing Radiation

    SciTech Connect (OSTI)

    Globus, Ruth K.

    2014-11-03

    We performed in vivo and in vitro experiments to accomplish the following specific aims of this project: 1) determine if low dose, low LET radiation affects skeletal remodeling at structural, cellular and molecular levels and 2) determine if low dose, low LET radiation modulates skeletal health during aging via oxidative mechanisms. A third aim is supported by NASA supplement to this DOE grant focusing on the influence of high LET radiation on bone. A series of experiments were conducted at the NASA Space Radiation Laboratory at Brookhaven, NSRL-BNL, using iron (56Fe) or a sequential exposure to protons / iron / protons, and separate experiments at NASA Ames Research Center (ARC) using 137Cs. The following provides a summary of key findings. (1) Exposure of nine-week old female mice to priming doses of gamma radiation (10cGy x 5) did not significantly affect bone volume/total volume (BV/TV) or microarchitecture as analyzed by 3D microcomputed tomography. As expected, exposure to the challenge dose of 2 Gy gamma irradiation resulted in significant decreases in BV/TV. The priming dose combined with the 2Gy challenge dose had no further effect on BV/TV compared to challenge dose alone, with the sole exception of the Structural Model Index (SMI). SMI reflects the ratio of rods-to-plates in cancellous bone tissue, such that higher SMI values indicate a tendency toward a weaker structure compared to lower SMI values. Mice treated with both priming and challenge dose had 25% higher SMI values compared to sham-irradiated controls and 7% higher values compared to mice treated with the challenge dose alone. Thus, although this priming regimen had relatively modest effects on cancellous tissue, the difference in SMI suggests this fractionated priming doses have adverse, rather than beneficial, effects on bone structure. (2) In 10-week old male mice, a single exposure to 100cGy of 137Cs reduces trabecular bone number and connectivity density by 20% and 36% respectively one

  7. Heap/stack guard pages using a wakeup unit

    SciTech Connect (OSTI)

    Gooding, Thomas M; Satterfield, David L; Steinmacher-Burow, Burkhard

    2014-04-29

    A method and system for providing a memory access check on a processor including the steps of detecting accesses to a memory device including level-1 cache using a wakeup unit. The method includes invalidating level-1 cache ranges corresponding to a guard page, and configuring a plurality of wakeup address compare (WAC) registers to allow access to selected WAC registers. The method selects one of the plurality of WAC registers, and sets up a WAC register related to the guard page. The method configures the wakeup unit to interrupt on access of the selected WAC register. The method detects access of the memory device using the wakeup unit when a guard page is violated. The method generates an interrupt to the core using the wakeup unit, and determines the source of the interrupt. The method detects the activated WAC registers assigned to the violated guard page, and initiates a response.

  8. Global garbage collection for distributed heap storage systems

    SciTech Connect (OSTI)

    Ali, K.A.M.; Haridi, S.

    1986-10-01

    The authors present a garbage-collection algorithm, suitable for loosely-coupled multi-processor systems, in which the processing elements (PEs) share only the communication medium. The algorithm is global, i.e., it involves all the PEs in the system. It allows space compaction, and it uses a system-wide marking phase to mark all accessible objects where a combination of parallel breadth-first/depth-first strategies is used for tracing the object-graphs according to a decentralized credit mechanism that regulates the number of garbage collections messages in the system. The credit mechanism is crucial for determining the space requirement of the garbage-collection messages. Also a variation of this algorithm is presented for systems with high locality of reference. It allows each PE to perform first its local garbage collection and only invokes the global garbage collection when the freed space by the local collector is insufficient.

  9. Real-time Molecular Study of Bystander Effects of Low dose Low LET radiation Using Living Cell Imaging and Nanoparticale Optics

    SciTech Connect (OSTI)

    Natarajan, Mohan; Xu, Nancy R; Mohan, Sumathy

    2013-06-03

    In this study two novel approaches are proposed to investigate precisely the low dose low LET radiation damage and its effect on bystander cells in real time. First, a flow shear model system, which would provide us a near in vivo situation where endothelial cells in the presence of extra cellular matrix experiencing continuous flow shear stress, will be used. Endothelial cells on matri-gel (simulated extra cellular matrix) will be subjected to physiological flow shear (that occurs in normal blood vessels). Second, a unique tool (Single nano particle/single live cell/single molecule microscopy and spectroscopy; Figure A) will be used to track the molecular trafficking by single live cell imaging. Single molecule chemical microscopy allows one to single out and study rare events that otherwise might be lost in assembled average measurement, and monitor many target single molecules simultaneously in real-time. Multi color single novel metal nanoparticle probes allow one to prepare multicolor probes (Figure B) to monitor many single components (events) simultaneously and perform multi-complex analysis in real-time. These nano-particles resist to photo bleaching and hence serve as probes for unlimited timeframe of analysis. Single live cell microscopy allows one to image many single cells simultaneously in real-time. With the combination of these unique tools, we will be able to study under near-physiological conditions the cellular and sub-cellular responses (even subtle changes at one molecule level) to low and very low doses of low LET radiation in real time (milli-second or nano-second) at sub-10 nanometer spatial resolution. This would allow us to precisely identify, at least in part, the molecular mediators that are responsible of radiation damage in the irradiated cells and the mediators that are responsible for initiating the signaling in the neighboring cells. Endothelial cells subjected to flow shear (2 dynes/cm2 or 16 dynes/cm2) and exposed to 0.1, 1 and 10

  10. T-604: Google Chrome updated version of the Adobe Flash player

    Broader source: Energy.gov [DOE]

    The Chrome Stable channel has been updated to 10.0.648.205 for Windows, Mac, Linux and Chrome Frame. This release contains a new version of Adobe Flash 0-Day CVE-2011-0611. Update also includes a fix for a security vulnerability Critical CVE-2011-1300: Off-by-three in GPU process, CVE-2011-1301: Use-after-free in the GPU process, and CVE-2011-1302: Heap overflow in the GPU process.

  11. T-629: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities

    Broader source: Energy.gov [DOE]

    Vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.

  12. V-213: PuTTY SSH Handshake Integer Overflow Vulnerabilities ...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    source code repository Addthis Related Articles V-222: SUSE update for Filezilla V-157: Adobe Reader Acrobat Multiple Vulnerabilities V-066: Adobe AcrobatReader Multiple Flaws...

  13. U-202: Apple QuickTime Multiple Stack Overflow Vulnerabilities

    Broader source: Energy.gov [DOE]

    Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.

  14. T-588: HP Virtual SAN Appliance Stack Overflow

    Office of Energy Efficiency and Renewable Energy (EERE)

    A vulnerability has been reported in HP StorageWorks P4000 Virtual SAN Appliance Software, which can be exploited by malicious people to compromise a vulnerable system.

  15. Let the private sector handle energy conservation

    SciTech Connect (OSTI)

    Bajer, E.R.

    1982-08-23

    Mr. Bajer feels that elimination of many federal conservation programs will have no effect on the US goal of reducing oil imports because the private sector can do a better job of providing these efforts. He notes that many government programs were the result of overreaction to the 1973 oil embargo, when Congress misread the public's willingness to respond. The American people have taken the initiative, however, and have reduced their energy consumption and import rates. Mr. Bajer further notes that, according to the DOE Office of Policy, Planning and Analysis, DOE's conservation programs accounted for less than 5% of reduction of energy use per unit of GNP. He thinks that new policies will allow market forces to continue providing conservation incentives and will remove government intervention and competition with the private sector. (DCK)

  16. V-219: Kingsoft Writer 2012 WPS Font Names Buffer Overflow Vulnerability

    Broader source: Energy.gov [DOE]

    Kaveh Ghaemmaghami has discovered a vulnerability in Kingsoft Writer 2012, which can be exploited by malicious people to compromise a user's system.

  17. U-154: IBM Rational ClearQuest ActiveX Control Buffer Overflow Vulnerability

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in IBM Rational ClearQuest. A remote user can cause arbitrary code to be executed on the target user's system.

  18. Storm and combined sewer overflow: An overview of EPA's Research Program. Book chapter

    SciTech Connect (OSTI)

    Field, R.

    1993-01-01

    The report represents an overview of the EPA's Storm and Combined Sewer Pollution Control Research Program performed over a 20-year period beginning with the mid-1960s. It covers Program involvements in the development of a diverse technology including pollution-problem assessment/solution methodology and associated instrumentation and stormwater management models, best management practices, erosion control, infiltration/inflow, control, control-treatment technology and the associated sludge and solids residuals handling and many others.

  19. U-108: Net4Switch ipswcom ActiveX Control Buffer Overflow Vulnerability

    Broader source: Energy.gov [DOE]

    The vulnerability is caused due to a boundary error within the "CxDbgPrint()" function (cxcmrt.dll) when creating a debug message string.

  20. V-056: FreeType BDF Glyph Processing Buffer Overflow Vulnerability

    Broader source: Energy.gov [DOE]

    Several vulnerabilities were reported in FreeType. A remote user can cause arbitrary code to be executed on the target user's system.

  1. T-559: Stack-based buffer overflow in oninit in IBM Informix...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    exploit this vulnerability. The specific flaw exists within the oninit process bound to TCP port 9088 when processing the arguments to the USELASTCOMMITTED option in a SQL query....

  2. U-114: IBM Personal Communications WS File Processing Buffer Overflow Vulnerability

    Office of Energy Efficiency and Renewable Energy (EERE)

    A vulnerability in WorkStation files (.ws) by IBM Personal Communications could allow a remote attacker to cause a denial of service (application crash) or potentially execute arbitrary code on vulnerable installations of IBM Personal Communications.

  3. V-148: Novell iPrint Client Unspecified Buffer Overflow Vulnerability

    Broader source: Energy.gov [DOE]

    A vulnerability has been reported in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system

  4. U-126: Cisco Adaptive Security Appliances Port Forwarder ActiveX Control Buffer Overflow Vulnerability

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in Cisco ASA. A remote user can cause arbitrary code to be executed on the target user's system.

  5. V-098: Linux Kernel Extended Verification Module Bug Lets Local...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    reported in the Linux Kernel. REFERENCE LINKS: The Linux Kernel Archives Linux Kernel Red Hat Bugzilla - Bug 913266 SecurityTracker Alert ID: 1028196 CVE-2013-0313 IMPACT...

  6. U-137: HP Performance Manager Unspecified Bug Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    vulnerability has been identified with HP Performance Manager running on HP-UX, Linux, Solaris, and Windows. The vulnerability could be exploited remotely to execute...

  7. T-636: Wireshark Multiple Flaws Let Remote Users Deny Service

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities were reported in Wireshark. A remote user can cause denial of service conditions.

  8. Going completely renewable: is it possible (let alone desirable)?

    SciTech Connect (OSTI)

    Sovacool, Benjamin K.; Watts, Charmaine

    2009-05-15

    With the right mix of leadership and policy, a completely renewable electricity sector for New Zealand and the United States is feasible, achievable, and desirable. (author)

  9. Solar Decathlon 2013: Let the Building Begin | Department of Energy

    Energy Savers [EERE]

    Managing Social Media Records Managing Social Media Records What is Social Media? Your Responsibilities As a DOE federal or contractor Employee your basic records obligations are to: Follow the Lifecycle Records Management Lifecycle Create or receive official records needed to do business Social Media, Web 2.0, and Gov 2 0 bring together technology obligations are to: Planning for the use of Social Media should address records management requirements. Create or Capture records A RECORD is a

  10. U-203: HP Photosmart Bug Lets Remote Users Deny Service

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in HP Photosmart. A remote user can cause denial of service conditions.

  11. Let's Compare Tritium Design Practices Across The DOE Complex

    Broader source: Energy.gov [DOE]

    Presentation from the 32nd Tritium Focus Group Meeting held in Germantown, Maryland on April 23-25, 2013.

  12. U-084: Cisco Digital Media Manager Lets Remote Authenticated...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Show and Share. Impact: A remote authenticated user can send a specially crafted URL via TCP port 8443 to access administrative resources and gain administrative privileges....

  13. V-160: Wireshark Multiple Bugs Let Remote Users Deny Service...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    can be exploited to cause a crash via specially crafted packets. 6) An error in the MPEG DSM-CC dissector (dissectorspacket-mpeg-dsmcc.c) can be exploited to cause a crash via...

  14. V-103: RSA Authentication Agent Lets Remote Users Bypass Authenticatio...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    issued a fix (7.1.2). Addthis Related Articles U-267: RSA Authentication Agent 7.1 for Microsoft Windows and RSA Authentication Client 3.5 Access Control Vulnerability...

  15. Solar Decathlon 2013: Let the Building Begin | Department of...

    Broader source: Energy.gov (indexed) [DOE]

    Day 7 Construction During the 7th day of construction, the Solar Decathlon village has ... The University of North Carolina at Charlotte team members assemble their Solar Decathlon ...

  16. U-176: Wireshark Multiple Bugs Let Remote Users Deny Service

    Broader source: Energy.gov [DOE]

    Several vulnerabilities were reported in Wireshark. A remote user can cause denial of service conditions.

  17. U-014: Oracle Java Runtime Environment (JRE) Multiple Flaws Let...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    SDK and JRE 1.4.233 and prior ABSTRACT: A remote user can create a Java applet or Java Web Start application that, when loaded by the target user, will access or modify data or...

  18. Using High Performance Libraries and Tools

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    is a user extensible heap manager built on top of jemalloc which enables control of memory characteristics and a partitioning of the heap between kinds of memory (including user...

  19. 1st Quarter 2016 Domestic Uranium Production Report

    U.S. Energy Information Administration (EIA) Indexed Site

    3. U.S. uranium mills and heap leach facilities by owner, location, capacity, and operating status" "Owner","Mill and Heap Leach1 Facility name","County, state (existing and ...

  20. U-192: VMware Workstation/Player VM Remote Device Bug Lets Local...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    aBSTRACT: A local or remote user can cause denial of service conditions on the target virtual system. reference LINKS: Vendor Advisory Security Tracker ID 1027173 CVE-2012-3289...

  1. BLM and NEPA: Lets`s get back to the future

    SciTech Connect (OSTI)

    Meridith, D.P.

    1995-12-01

    This talk is a personalized account of the relationship between The National Environmental Policy Act (NEPA) and the Bureau of Land Management (BLM) and the challenges the BLM faces in the future.

  2. Letting the Sun Shine on Solar Costs: An Empirical Investigation of Photovoltaic Cost Trends in California

    SciTech Connect (OSTI)

    Wiser, R.; Bolinger, M.; Cappers, P.; Margolis, R.

    2006-01-01

    This report provides a comprehensive analysis of grid-connected solar photovoltaic (PV) cost trends in California, which is by far the largest PV market in the United States. The findings of this work may help stakeholders to understand important trends in the California PV market, and policymakers to design more effective solar incentive programs--a particularly important objective given the recent announcement from the California Public Utilities Commission (CPUC) to establish an 11-year, $3.2 billion incentive program for customer-sited solar. The study statistically analyzes the installed cost of grid-connected PV systems funded by the state's two largest solar rebate programs, overseen by the California Energy Commission (CEC) [operating since 1998] and the CPUC [operating since 2001].

  3. U-208: HP Operations Agent Bugs Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Two vulnerabilities were reported in HP Operations Agent. A remote user can execute arbitrary code on the target system

  4. U-026: Cisco Small Business SRP500 Series Bug Lets Remote Users Inject Commands

    Broader source: Energy.gov [DOE]

    A remote user can create a URL that, when loaded by the target authenticated administrative user, will execute arbitrary commands on the target system.

  5. T-663: Cisco Content Services Gateway ICMP Processing Flaw Lets Remote Users Deny Service

    Broader source: Energy.gov [DOE]

    The Cisco Content Services Gateway: Second Generation provides intelligent network capabilities such as flexible policy management and billing based on deep-packet inspection, as well as subscriber and application awareness capabilities that enable mobile operators to quickly and easily offer value-added, differentiated services over their mobile data networks. A DoS vulnerability exists in the Cisco Content Services Gateway: Second Generation could allow an unauthenticated attacker to cause a device reload by sending crafted ICMP messages to the affected device. Note: The Cisco Gateway GPRS Support Node (GGSN), the Cisco Mobile Wireless Home Agent (HA), the Cisco Wireless Security Gateway (WSG), the Cisco Broadband Wireless Gateway and Cisco IP Transfer Point (ITP), and the Cisco Long Term Evolution (LTE) Gateway are not affected. This vulnerability is documented in Cisco bug ID CSCtl79577 ( registered customers only) and has been assigned CVE ID CVE-2011-2064.

  6. U-136: Adobe Flash Player Lets Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Two vulnerabilities were reported in Adobe Flash Player. A remote user can cause arbitrary code to be executed on the target user's system.

  7. T-718:Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.

  8. U-064: Adobe Acrobat/Reader PRC Memory Corruption Error Lets Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in Adobe Acrobat/Reader, this vulnerability is being actively exploited against Windows-based systems.

  9. U-079: Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.

  10. T-591: VMware vmrun Utility Lets Local Users Gain Elevated Privileges...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    the target system. PLATFORM: VMware Workstation 6.5.5 and 7.1.3 and prior; VIX API for Linux 1.10.2 and prior ABSTRACT: The VMware vmrun utility is susceptible to a local...

  11. T-601: Windows Kernel win32k.sys Lets Local Users Gain Elevated Privileges

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities were reported in the Windows Kernel. A local user can obtain elevated privileges on the target system. A local user can trigger a use-after free or null pointer dereference to execute arbitrary commands on the target system with kernel level privileges.

  12. U-112: PostgreSQL Bugs Let Remote Authenticated Users Gain Elevated...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    in certain cases. reference LINKS: Vendor Advisory Security Tracker ID 1026744 CVE-2012-0866 IMPACT ASSESSMENT: Medium Discussion: For trigger functions marked SECURITY...

  13. U-244: McAfee Email Gateway Lets Remote Users Bypass Authentication...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    McAfee Security Bulletin ID: SB10026 SecurityTracker Alert ID: 1027444 Bugtraq ID: 55184 CVE-2012-4595, CVE-2012-4596, CVE-2012-4597 IMPACT ASSESSMENT: Medium Discussion A remote...

  14. U-121: Apple iOS Bugs Let Remote Users Execute Arbitrary Code...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    ID: 1026774 Apple Security Updates About the security content of iOS 5.1 Software Update CVE-2012-0641, CVE-2012-0642, CVE-2012-0643, CVE-2011-3453, CVE-2012-0644, CVE-2012-0585,...

  15. U-110: Samba Bug Lets Remote Users Execute Arbitrary Code | Department...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    code on the target system. reference LINKS: Vendor Advisory Security Tracker ID 1026739 CVE-2012-0870 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Samba....

  16. T-648: Avaya IP Office Manager TFTP Server Lets Remote Users Traverse the Directory

    Broader source: Energy.gov [DOE]

    The software does not properly validate user-supplied input. A remote user can supply a specially crafted request to view files on target system running the IP Office Manager software.

  17. U-092: Sudo Format String Bug Lets Local Users Gain Elevated Privileges

    Broader source: Energy.gov [DOE]

    A local user can supply a specially crafted command line argument to trigger a format string flaw and execute arbitrary commands on the target system with root privileges.

  18. U-205: RSA Access Manager Session Replay Flaw Lets Remote Users Access the System

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in RSA Access Manager. A remote user can gain access to the target system.

  19. U-166: Adobe Shockwave Player Memory Corruption Flaws Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities were reported in Adobe Shockwave Player. A remote user can cause arbitrary code to be executed on the target user's system.

  20. U-168: EMC Documentum Information Rights Management Server Bugs Let Remote Authenticated Users Deny Service

    Broader source: Energy.gov [DOE]

    Two vulnerabilities were reported in EMC Documentum Information Rights Management Server. A remote authenticated user can cause denial of service conditions.

  1. U-140: HP-UX Unspecified Flaw in DCE Lets Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    A remote user can execute arbitrary code on the target system. A remote user can send specially crafted data to execute arbitrary code on the target system. The code will run with the privileges of the target service.

  2. U-159: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users Bypass Authentication

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in Red Hat Enterprise MRG Messaging. A remote user can access cluster messages and view the internal configuration.

  3. U-068:Linux Kernel SG_IO ioctl Bug Lets Local Users Gain Elevated Privileges

    Broader source: Energy.gov [DOE]

    Vulnerability was reported in FreeBSD Telnet. A remote user can execute arbitrary code on the target system.

  4. T-574: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact while others can be exploited by malicious people bypass certain security restrictions, disclose system information, and compromise a user's system.

  5. U-165: Apple iOS Bugs Let Remote Users Execute Arbitrary Code...

    Energy Savers [EERE]

    iOS. A remote user can cause arbitrary code to be executed on the target user's system. ... A remote user can create a specially crafted file that, when loaded by the target user, ...

  6. U-170: Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities were reported in Apple QuickTime. A remote user can cause arbitrary code to be executed on the target user's system.

  7. T-654: Apple QuickTime Multiple Bugs Let Remote Users Execute Arbitrary

    Broader source: Energy.gov [DOE]

    A remote user can create a specially crafted file that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.

  8. U-036: Apple iOS Bugs Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    A remote user can create content that, when loaded by the target user, will execute arbitrary code on or obtain potentially sensitive information from the target user's system.

  9. V-006: CA ARCserve Backup Flaws Let Remote Users Execute Arbitrary Code and Deny Service

    Broader source: Energy.gov [DOE]

    Two vulnerabilities were reported in CA ARCserve Backup. A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions.

  10. U-153: EMC Data Protection Advisor Server and Collector Bugs Let Remote Users Deny Service

    Broader source: Energy.gov [DOE]

    Two vulnerabilities were reported in EMC Data Protection Advisor. A remote user can cause denial of service conditions.

  11. U-096: IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny Service

    Broader source: Energy.gov [DOE]

    A remote user can send a series of specially crafted TCP packets to trigger a kernel panic on the target system.

  12. U-094: EMC Documentum Content Server Lets Local Administrative Users Gain Elevated Privileges

    Broader source: Energy.gov [DOE]

    EMC Documentum Content Server contains a privilege elevation vulnerability that may allow an unauthorized user to obtain highest administrative privileges on the system.

  13. T-541: Citrix Provisioning Services Unspecified Flaw Let's Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    A vulnerability has been identified in Citrix Provisioning Services that could result in arbitrary code execution. This vulnerability can be triggered by an attacker sending a specially crafted packet to the Provisioning Services server. This vulnerability is present in all supported versions of Citrix Provisioning Services up to and including version 5.6.

  14. T-652: Mozilla Thunderbird Bugs Let Remote Users Obtain Cookies and Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities were reported in Mozilla Thunderbird. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can obtain cookies from another domain in certain cases.

  15. U-055: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Two vulnerabilities exploited by the Intevydis vd_adobe_fp module in VulnDisco Step Ahead were reported in Adobe Flash Player.

  16. U-118: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information

    Broader source: Energy.gov [DOE]

    Two vulnerabilities were reported in Adobe Flash Player. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can obtain potentially information.

  17. U-134: Apache Traffic Server Host Header Processing Flaw Lets Remote Users Deny Service

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in Apache Traffic Server. A remote user can cause denial of service conditions.

  18. U-231: Cisco ASA SIP and WebVPN Bugs Let Remote Users Deny Service

    Broader source: Energy.gov [DOE]

    Two vulnerabilities were reported in Cisco ASA. A remote or remote authenticated user can cause denial of service conditions.

  19. U-210: Linux Kernel epoll_ctl() Bug Lets Local Users Deny Service

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in the Linux Kernel. A local user can cause denial of service conditions.

  20. T-591: VMware vmrun Utility Lets Local Users Gain Elevated Privileges

    Broader source: Energy.gov [DOE]

    The VMware vmrun utility is susceptible to a local privilege escalation in non-standard configurations.

  1. V-171: Apple Safari Bugs Let Remote Users Execute Arbitrary Code...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    specially crafted HTML that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary code on the target system CVE-2013-1009,...

  2. V-164: Apple QuickTime Multiple Flaws Let Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1) An unspecified error when handling TeXML files can be exploited to cause memory corruption. 2) A boundary error when handling H.263 encoded movie files can be exploited to...

  3. T-673: Apple Safari Multiple Flaws Let Remote Users Execute Arbitrary...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    specially crafted HTML that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary code on the target system - CVE-2010-1823,...

  4. U-222: Apple Safari Bugs Let Remote Users Execute Arbitrary Code...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    specially crafted HTML that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary code on the target system CVE-2011-3016, CVE-2011-3021,...

  5. U-232: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny...

    Broader source: Energy.gov (indexed) [DOE]

    unavailable and may cause the domain 0 kernel to panic. There is no requirement for memory sharing to be in use. Impact: A guest kernel can cause the host to become unresponsive...

  6. U-088: Symantec pcAnywhere Bugs Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Two vulnerabilities were reported in Symantec pcAnywhere. A remote user can execute arbitrary code on the target system. A local user can obtain elevated privileges on the target system.

  7. T-653: Linux Kernel sigqueueinfo() Process Lets Local Users Send Spoofed Signals

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in the Linux Kernel. A local user can send spoofed signals to other processes in certain cases.

  8. T-538: HP OpenView Storage Data Protector Bug Lets Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in HP OpenView Storage Data Protector. A remote user can execute arbitrary code on the target system.

  9. V-199: Solaris Bugs Let Local Users Gain Root Privileges, Remote...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    recommends applying July Critical Patch Update Addthis Related Articles V-181: Oracle Java SE Critical Patch Update Advisory - June 2013 V-051: Oracle Solaris Java Multiple...

  10. U-201: HP System Management Homepage Bugs Let Remote Users Deny Service

    Broader source: Energy.gov [DOE]

    The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code.