Powered by Deep Web Technologies
Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


1

T-700:Red Hat: kernel security, bug fix, and enhancement update |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

700:Red Hat: kernel security, bug fix, and enhancement update 700:Red Hat: kernel security, bug fix, and enhancement update T-700:Red Hat: kernel security, bug fix, and enhancement update August 24, 2011 - 3:45pm Addthis PROBLEM: Updated kernel packages that fix several security issues, various bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. PLATFORM: Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat Enterprise Linux Server (v. 6) Red Hat Enterprise Linux Server EUS (v. 6.1.z) Red Hat Enterprise Linux Workstation (v. 6) ABSTRACT: Red Hat: kernel security, bug fix, and enhancement update. reference LINKS: RHSA-2011: 1189-1 Secunia Advisory: SA45746 Red Hat Download CVE-2011-1182 , CVE-2011-1576 CVE-2011-1593 , CVE-2011-1776 CVE-2011-1898 , CVE-2011-2183

2

T-667: Red Hat Enterprise Linux kernel security and bug fix update |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Red Hat Enterprise Linux kernel security and bug fix update 7: Red Hat Enterprise Linux kernel security and bug fix update T-667: Red Hat Enterprise Linux kernel security and bug fix update July 13, 2011 - 7:24am Addthis PROBLEM: Red Hat Enterprise Linux kernel security and bug fix update PLATFORM: Vulnerable Linux Kernels; Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux HPC Node (v. 6), Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Server EUS (v. 6.1.z), Red Hat Enterprise Linux Workstation (v. 6) ABSTRACT: It was found that the receive hook in the ipip_init() function in the ipip module, and in the ipgre_init() function in the ip_gre module, could be called before network namespaces setup is complete. If packets were received at the time the ipip or ip_gre module was still being loaded into

3

V-098: Linux Kernel Extended Verification Module Bug Lets Local Users Deny  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Linux Kernel Extended Verification Module Bug Lets Local 8: Linux Kernel Extended Verification Module Bug Lets Local Users Deny Service V-098: Linux Kernel Extended Verification Module Bug Lets Local Users Deny Service February 25, 2013 - 12:12am Addthis PROBLEM: Linux Kernel Extended Verification Module Bug Lets Local Users Deny Service PLATFORM: The Linux Kernel prior to 3.7.5 ABSTRACT: A vulnerability was reported in the Linux Kernel. REFERENCE LINKS: The Linux Kernel Archives Linux Kernel Red Hat Bugzilla - Bug 913266 SecurityTracker Alert ID: 1028196 CVE-2013-0313 IMPACT ASSESSMENT: Medium DISCUSSION: A local user can exploit a null pointer dereference in the evm_update_evmxattr() function in 'security/integrity/evm/evm_crypto.c' to cause the target system to crash. IMPACT: A local user can cause denial of service conditions.

4

U-068:Linux Kernel SG_IO ioctl Bug Lets Local Users Gain Elevated  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8:Linux Kernel SG_IO ioctl Bug Lets Local Users Gain Elevated 8:Linux Kernel SG_IO ioctl Bug Lets Local Users Gain Elevated Privileges U-068:Linux Kernel SG_IO ioctl Bug Lets Local Users Gain Elevated Privileges December 23, 2011 - 8:45am Addthis PROBLEM: Linux Kernel SG_IO ioctl Bug Lets Local Users Gain Elevated Privileges PLATFORM: Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat Enterprise Linux Server (v. 6) Red Hat Enterprise Linux Server AUS (v. 6.2) Red Hat Enterprise Linux Server EUS (v. 6.2.z) Red Hat Enterprise Linux Workstation (v. 6) ABSTRACT: A local privileged user on the guest operating system can obtain elevated privileges on the target system. reference LINKS: Red Hat kernel security and bug fix update SecurityTracker Alert ID: 1026453 SecurityTracker Alert ID: 1026454

5

U-210: Linux Kernel epoll_ctl() Bug Lets Local Users Deny Service |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

10: Linux Kernel epoll_ctl() Bug Lets Local Users Deny Service 10: Linux Kernel epoll_ctl() Bug Lets Local Users Deny Service U-210: Linux Kernel epoll_ctl() Bug Lets Local Users Deny Service July 11, 2012 - 7:00am Addthis PROBLEM: Linux Kernel epoll_ctl() Bug Lets Local Users Deny Service PLATFORM: Version(s): 2.6.x ABSTRACT: A vulnerability was reported in the Linux Kernel. A local user can cause denial of service conditions. reference LINKS: The Vendor's Advisory SecurityTracker Alert ID: 1027237 SecurityTracker Alert ID: 1027240 Red Hat advisory CVE-2012-3375 IMPACT ASSESSMENT: Medium Discussion: The Linux kernel's Event Poll (epoll) subsystem does not properly handle resource clean up when an ELOOP error code is returned. A local user can exploit this to cause the target system to crash. Impact: A local user can cause the target system to crash.

6

An Evaluation Framework for Kernel-Mode Security Modules  

Science Conference Proceedings (OSTI)

Kernel-mode security enhancement technologies are widely used to improve the efficiency of data processing and the security of data and operating systems in recent years. However, the security modules have been implemented without consolidated standards, ... Keywords: evaluation, Kernel-mode, Security Module, interface

Hui Zhang; Shenghong Chen; Yuqin Sun; Xiamu Niu

2008-08-01T23:59:59.000Z

7

V-040: Apache Tomcat Bug Lets Remote Users Bypass Security Constraints |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Apache Tomcat Bug Lets Remote Users Bypass Security 0: Apache Tomcat Bug Lets Remote Users Bypass Security Constraints V-040: Apache Tomcat Bug Lets Remote Users Bypass Security Constraints December 5, 2012 - 1:00am Addthis PROBLEM: Apache Tomcat Bug Lets Remote Users Bypass Security Constraints PLATFORM: Version(s): 6.0.0 - 6.0.35, 7.0.0 - 7.0.29 ABSTRACT: A vulnerability was reported in Apache Tomcat. REFERENCE LINKS: Apache Tomcat Red Hat Bugzilla - Bug 883634 SecurityTracker Alert ID: 1027833 CVE-2012-3546 IMPACT ASSESSMENT: High DISCUSSION: When using FORM authentication it was possible to bypass the security constraint checks in the FORM authenticator by appending /j_security_check to the end of the URL if some other component (such as the Single-Sign-On valve) had called request.setUserPrincipal() before the call to

8

T-712: Red Hat Enterprise MRG Grid 2.0 security, bug fix and enhancement  

NLE Websites -- All DOE Office Websites (Extended Search)

712: Red Hat Enterprise MRG Grid 2.0 security, bug fix and 712: Red Hat Enterprise MRG Grid 2.0 security, bug fix and enhancement update T-712: Red Hat Enterprise MRG Grid 2.0 security, bug fix and enhancement update September 8, 2011 - 10:30am Addthis PROBLEM: A flaw was discovered in Cumin where it would log broker authentication credentials to the Cumin log file. A vulnerability was reported in Red Hat Enterprise MRG Grid. A local user can access the broker password. PLATFORM: Red Hat Enterprise MRG v2 for Red Hat Enterprise Linux (version 5) ABSTRACT: Red Hat Enterprise MRG Grid 2.0 security, bug fix and enhancement update. reference LINKS: RHSA-2011:1249-1 SecurityTracker Alert ID: 1026021 CVE-2011-2925 IMPACT ASSESSMENT: Medium Discussion: A local user exploiting this flaw could connect to the broker outside of Cumin's control and perform certain operations such as scheduling jobs,

9

V-141: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to 1: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other Operating Systems V-141: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other Operating Systems April 24, 2013 - 1:06am Addthis PROBLEM: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other Operating Systems PLATFORM: HP ElitePad 900 with BIOS version vF.00 ABSTRACT: A vulnerability was reported in HP ElitePad 900 REFERENCE LINKS: HP Document ID: c03727435 SecurityTracker Alert ID: 1028461 CVE-2012-5218 IMPACT ASSESSMENT: Medium DISCUSSION: The BIOS secure boot feature of the BIOS may not be enabled. A local user may be able to bypass the secure boot feature and boot an alternate operating system. IMPACT: A local user can may be able to boot to an alternate operating system. SOLUTION:

10

V-141: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to 1: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other Operating Systems V-141: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other Operating Systems April 24, 2013 - 1:06am Addthis PROBLEM: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other Operating Systems PLATFORM: HP ElitePad 900 with BIOS version vF.00 ABSTRACT: A vulnerability was reported in HP ElitePad 900 REFERENCE LINKS: HP Document ID: c03727435 SecurityTracker Alert ID: 1028461 CVE-2012-5218 IMPACT ASSESSMENT: Medium DISCUSSION: The BIOS secure boot feature of the BIOS may not be enabled. A local user may be able to bypass the secure boot feature and boot an alternate operating system. IMPACT: A local user can may be able to boot to an alternate operating system. SOLUTION:

11

V-015: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Local Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, 5: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Local Users Bypass the Screen Lock, and Applications Obtain Kernel Address Information V-015: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Local Users Bypass the Screen Lock, and Applications Obtain Kernel Address Information November 2, 2012 - 6:00am Addthis PROBLEM: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Local Users Bypass the Screen Lock, and Applications Obtain Kernel Address Information PLATFORM: Apple iOS prior to 6.0.1 ABSTRACT: Three vulnerabilities were reported in Apple iOS. REFERENCE LINKS: Apple Article: HT5567 SecurityTracker Alert ID: 1027716 Bugtraq ID: 56363 CVE-2012-3748 CVE-2012-3749 CVE-2012-3750 IMPACT ASSESSMENT: High DISCUSSION: A remote user can create specially crafted HTML that, when loaded by the

12

U-096: IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny Service |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny 6: IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny Service U-096: IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny Service February 6, 2012 - 7:00am Addthis PROBLEM: Vulnerability in AIX TCP stack PLATFORM: Version(s): 5.3, 6.1, 7.1 ABSTRACT: A remote user can send a series of specially crafted TCP packets to trigger a kernel panic on the target system. reference LINKS: SecurityTracker Alert ID: 1026640 IBM Security Advisory CVE-2012-0194 IMPACT ASSESSMENT: Medium Discussion: AIX could allow a remote attacker to cause a denial of service, caused by an error when the TCP large send offload option is enabled on a network interface. By sending a specially-crafted sequence of packets, an attacker could exploit this vulnerability to cause a kernel panic.

13

A security enforcement kernel for OpenFlow networks  

Science Conference Proceedings (OSTI)

Software-defined networks facilitate rapid and open innovation at the network control layer by providing a programmable network infrastructure for computing flow policies on demand. However, the dynamism of programmable networks also introduces new security ... Keywords: openflow, policy enforcement, security

Philip Porras; Seungwon Shin; Vinod Yegneswaran; Martin Fong; Mabry Tyson; Guofei Gu

2012-08-01T23:59:59.000Z

14

Advanced Development of Certified OS Kernels  

E-Print Network (OSTI)

Operating System (OS) kernels form the bedrock of all system softwarethey can have the greatest impact on the resilience, extensibility, and security of todays computing hosts. A single kernel bug can easily wreck the entire systems integrity and protection. We propose to apply new advances in certified software [86] to the development of a novel OS kernel. Our certified kernel will offer safe and application-specific extensibility [8], provable security properties with information flow control, and accountability and recovery from hardware or application failures. Our certified kernel builds on proof-carrying code concepts [74], where a binary executable includes a rigorous machine-checkable proof that the software is free of bugs with respect to specific requirements. Unlike traditional verification systems, our certified software approach uses an expressive general-purpose meta-logic and machine-checkable proofs to support modular reasoning about sophisticated invariants. The rich meta-logic enables us to verify all kinds of low-level

Zhong Shao (pi; Bryan Ford (co-pi

2010-01-01T23:59:59.000Z

15

U-045: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny Service  

NLE Websites -- All DOE Office Websites (Extended Search)

5: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny 5: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny Service U-045: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny Service November 25, 2011 - 9:00am Addthis PROBLEM: A vulnerability was reported in the Windows Kernel. A local user can cause denial of service conditions. PLATFORM: Windows Win32k.sys ABSTRACT: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny reference LINKS: SecurityTracker Alert ID: 1026347 Secunia ID: SA46919 IMPACT ASSESSMENT: Low Discussion: A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an indexing error in the win32k.sys driver when loading a keyboard layout file. This can be exploited to access

16

V-128: Xen Event Channel Tracking Pointer Bug Local Privilege Escalation |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Xen Event Channel Tracking Pointer Bug Local Privilege 8: Xen Event Channel Tracking Pointer Bug Local Privilege Escalation V-128: Xen Event Channel Tracking Pointer Bug Local Privilege Escalation April 8, 2013 - 12:28am Addthis PLATFORM: Version(s): 3.2 and later ABSTRACT: A vulnerability was reported in Xen. REFERENCE LINKS: SecurityTracker Alert ID: 1028388 CVE-2013-1920 IMPACT ASSESSMENT: Medium DISCUSSION: A local user with kernel level privileges on the guest operating system can exploit a memory pointer error when the hypervisor is under memory pressure and Xen Security Module (XSM) is enabled to execute arbitrary code on the target host system IMPACT: A local user on the guest operating system can obtain elevated privileges on the target host system. SOLUTION: The vendor has issued a fix (xsa47-4.1.patch, xsa47-4.2-unstable.patch).

17

U-080: Linux Kernel XFS Heap Overflow May Let Remote Users Execute  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

80: Linux Kernel XFS Heap Overflow May Let Remote Users Execute 80: Linux Kernel XFS Heap Overflow May Let Remote Users Execute Arbitrary Code U-080: Linux Kernel XFS Heap Overflow May Let Remote Users Execute Arbitrary Code January 12, 2012 - 9:00am Addthis PROBLEM: Linux Kernel XFS Heap Overflow May Let Remote Users Execute Arbitrary Code PLATFORM: Linux ABSTRACT: A vulnerability was reported in the Linux Kernel. A remote user can cause arbitrary code to be executed on the target user's system. reference LINKS: Linux Kernel Update SecurityTracker Alert ID: 1026512 CVE-2012-0038 Red Hat Bugzilla Bug 773280 IMPACT ASSESSMENT: Medium Discussion: A remote user can create a filesystem that, when mounted by the target user, will execute arbitrary code on the target user's system. Impact: A remote user can create a specially crafted filesystem that, when mounted

18

Water Bugs  

NLE Websites -- All DOE Office Websites (Extended Search)

Bugs Bugs Nature Bulletin No. 221-A March 12, 1966 Forest Preserve District of Cook County Seymour Simon, President Roland F. Eisenbeis, Supt. of Conservation WATER BUGS It is fascinating to lie in a boat or on a log at the edge of the water and watch the drama that unfolds among the small water animals. Among the star performers in small streams and ponds are the Water Bugs. These are aquatic members of that large group of insects called the "true bugs", most of which live on land. Moreover, unlike many other types of water insects, they do not have gills but get their oxygen directly from the air. Those that do go beneath the surface usually carry an oxygen supply with them in the form of a shiny glistening sheath of air imprisoned among a covering of fine waterproof hairs. The common water insect known to small boys at the "Whirligig Bug" is not a water bug but a beetle.

19

V-115: Apple iOS Bugs Let Local Users Gain Elevated Privileges | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Apple iOS Bugs Let Local Users Gain Elevated Privileges 5: Apple iOS Bugs Let Local Users Gain Elevated Privileges V-115: Apple iOS Bugs Let Local Users Gain Elevated Privileges March 20, 2013 - 12:08am Addthis PROBLEM: Apple iOS Bugs Let Local Users Gain Elevated Privileges PLATFORM: Version(s): prior to 6.1.3 ABSTRACT: Several vulnerabilities were reported in Apple iOS REFERENCE LINKS: Apple security Article: HT1222 SecurityTracker Alert ID: 1028314 CVE-2013-0977 CVE-2013-0978 CVE-2013-0979 CVE-2013-0981 IMPACT ASSESSMENT: High DISCUSSION: A local user can exploit a flaw in the handling of Mach-O executable files with overlapping segments to execute unsigned code on the target system [CVE-2013-0977]. A local user can exploit a flaw in the ARM prefetch abort handling to determine the address of structures in the kernel [CVE-2013-0978].

20

The Design and Specification of a Security Kernel for the PDP ...  

Science Conference Proceedings (OSTI)

... security requirements), and provides a basis for testing a subsequent ... Seg.ne:nts . rii"e ... intuition and ad hoc techniques,' and 'tested ~:to the point ...

2013-04-15T23:59:59.000Z

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


21

V-026: RSA Data Protection Manager Bugs Permit Cross-Site Scripting...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

26: RSA Data Protection Manager Bugs Permit Cross-Site Scripting Attacks and Let Local Users Bypass Security Restrictions V-026: RSA Data Protection Manager Bugs Permit Cross-Site...

22

Mining Bug Databases for Unidentified Software Vulnerabilities  

SciTech Connect

Identifying software vulnerabilities is becoming more important as critical and sensitive systems increasingly rely on complex software systems. It has been suggested in previous work that some bugs are only identified as vulnerabilities long after the bug has been made public. These vulnerabilities are known as hidden impact vulnerabilities. This paper discusses the feasibility and necessity to mine common publicly available bug databases for vulnerabilities that are yet to be identified. We present bug database analysis of two well known and frequently used software packages, namely Linux kernel and MySQL. It is shown that for both Linux and MySQL, a significant portion of vulnerabilities that were discovered for the time period from January 2006 to April 2011 were hidden impact vulnerabilities. It is also shown that the percentage of hidden impact vulnerabilities has increased in the last two years, for both software packages. We then propose an improved hidden impact vulnerability identification methodology based on text mining bug databases, and conclude by discussing a few potential problems faced by such a classifier.

Dumidu Wijayasekara; Milos Manic; Jason Wright; Miles McQueen

2012-06-01T23:59:59.000Z

23

Bug Wars: a competitive exercise to find bugs in code  

Science Conference Proceedings (OSTI)

Software bugs are a common problem that students encounter in any Computer Science program. "Bug Wars" is a fun and competitive class exercise for student teams to identify bugs in code. To prepare for the competition, the instructor provides several ...

Renee Bryce

2011-12-01T23:59:59.000Z

24

U-061: RSA Adaptive Authentication Bugs Let Remote Users Bypass Certain  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: RSA Adaptive Authentication Bugs Let Remote Users Bypass 1: RSA Adaptive Authentication Bugs Let Remote Users Bypass Certain Security Controls U-061: RSA Adaptive Authentication Bugs Let Remote Users Bypass Certain Security Controls December 14, 2011 - 8:17am Addthis PROBLEM: RSA Adaptive Authentication Bugs Let Remote Users Bypass Certain Security Controls. PLATFORM: 6.0.2.1 SP1 Patch 2 and SP1 Patch 3 6.0.2.1 SP2 and SP2 Patch 1 6.0.2.1 SP3 ABSTRACT: A remote user may be able to bypass certain security controls. reference LINKS: SecurityTracker Alert ID: 1026420 Security Focus: ESA-2011-036 IMPACT ASSESSMENT: Medium Discussion: Two vulnerabilities were reported in RSA Adaptive Authentication (On-Premise). A remote user may be able to bypass certain security controls. A remote user can send specially crafted data elements to affect the Device

25

Massive June Bug Emergence  

NLE Websites -- All DOE Office Websites (Extended Search)

Massive June Bug Emergence Massive June Bug Emergence Name: Cordell Location: N/A Country: N/A Date: N/A Question: We are infested with june bugs next to the street light near the end of my driveway. They have burrowed into the ground and underneath my driveway. Yesterday we shoveled 2/3 of a 33-gallon trash bag of just bugs. What can we spray or do to kill these june bugs? Replies: Not knowing which part of the country you are from and I could be wrong because of this fact buy this does not sound like June Bugs. This has to be a Circadia outbreak which are relatives to the June Bug. They run in 13, 17 or other year cycles and this depends upon the part of the country you are from. Ask a local garden center or naturalist and you'll probably see that this won't happen again for a number of years to come.

26

Trendy Bugs Topic Trends in the Android Bug Reports  

E-Print Network (OSTI)

Trendy Bugs Topic Trends in the Android Bug Reports Lee Martie, Vijay Krishna Palepu, Hitesh {lmartie, vpalepu, hsajnani, lopes}@ics.uci.edu Abstract--Studying vast volumes of bug and issue public issue tracker. This informs us of the features or parts of the project that are more problematic

Jones, James A.

27

U-141: Sourcefire Defense Center Bugs | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Sourcefire Defense Center Bugs 1: Sourcefire Defense Center Bugs U-141: Sourcefire Defense Center Bugs April 5, 2012 - 8:30am Addthis PROBLEM: Sourcefire Defense Center Bugs Let Remote Users Traverse the Directory, Access the Database, and Conduct Cross-Site Scripting Attacks PLATFORM: Version(s): prior to 4.10.2.3 ABSTRACT: Several vulnerabilities were reported in Sourcefire Defense Center. A remote user can conduct cross-site scripting attacks. A remote user can access the database. A remote user can view files on the target system reference LINKS: Original Advisory Security Tracker ID 1026890 Secunia Advisory 48667 IMPACT ASSESSMENT: Medium Discussion: A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the Sourcefire Defense

28

U-141: Sourcefire Defense Center Bugs | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Sourcefire Defense Center Bugs 1: Sourcefire Defense Center Bugs U-141: Sourcefire Defense Center Bugs April 5, 2012 - 8:30am Addthis PROBLEM: Sourcefire Defense Center Bugs Let Remote Users Traverse the Directory, Access the Database, and Conduct Cross-Site Scripting Attacks PLATFORM: Version(s): prior to 4.10.2.3 ABSTRACT: Several vulnerabilities were reported in Sourcefire Defense Center. A remote user can conduct cross-site scripting attacks. A remote user can access the database. A remote user can view files on the target system reference LINKS: Original Advisory Security Tracker ID 1026890 Secunia Advisory 48667 IMPACT ASSESSMENT: Medium Discussion: A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the Sourcefire Defense

29

Mining succinct predicated bug signatures  

Science Conference Proceedings (OSTI)

A bug signature is a set of program elements highlighting the cause or effect of a bug, and provides contextual information for debugging. In order to mine a signature for a buggy program, two sets of execution profiles of the program, one capturing ... Keywords: bug signature, feature selection, statistical debugging

Chengnian Sun; Siau-Cheng Khoo

2013-08-01T23:59:59.000Z

30

U-027: RSA Key Manager Appliance Session Logout Bug Fails to Terminate  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: RSA Key Manager Appliance Session Logout Bug Fails to 7: RSA Key Manager Appliance Session Logout Bug Fails to Terminate Sessions U-027: RSA Key Manager Appliance Session Logout Bug Fails to Terminate Sessions November 4, 2011 - 8:00am Addthis PROBLEM: RSA Key Manager Appliance Session Logout Bug Fails to Terminate Sessions. PLATFORM: RSA Key Manager Appliance 2.7 Service Pack 1 ABSTRACT: A remote authenticated user session may not terminate properly. reference LINKS: SecurityTracker Alert ID: 1026276 SecurityFocus Bug Traq Seclists: ESA-2011-035 CVE-2011-2740 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in RSA Key Manager Appliance. A remote authenticated user session may not terminate properly. When using Firefox 4 and 5, an authenticated user session is not terminated properly when logging out.

31

V-026: RSA Data Protection Manager Bugs Permit Cross-Site Scripting Attacks  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: RSA Data Protection Manager Bugs Permit Cross-Site Scripting 6: RSA Data Protection Manager Bugs Permit Cross-Site Scripting Attacks and Let Local Users Bypass Security Restrictions V-026: RSA Data Protection Manager Bugs Permit Cross-Site Scripting Attacks and Let Local Users Bypass Security Restrictions November 16, 2012 - 6:00am Addthis PROBLEM: RSA Data Protection Manager Bugs Permit Cross-Site Scripting Attacks and Let Local Users Bypass Security Restrictions. PLATFORM: RSA Data Protection Manager Appliance versions 2.7.x and 3.x ABSTRACT: Two vulnerabilities were reported in RSA Data Protection Manager. REFERENCE LINKS: SecurityTracker Alert ID: 1027781 EMC Identifier: ESA-2012-055 RSA Worldwide Customer Support CVE-2012-4612 CVE-2012-4613 IMPACT ASSESSMENT: Medium DISCUSSION: Two vulnerabilities were reported in RSA Data Protection Manager. A remote

32

Security  

Science Conference Proceedings (OSTI)

... Security. Organizations need standards, guidelines, and ... to support health IT implementations. HIPAA Security Rule Toolkit. ...

2011-12-05T23:59:59.000Z

33

V-169: Linux Kernel "iscsi_add_notunderstood_response()" Buffer Overflow  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Linux Kernel "iscsi_add_notunderstood_response()" Buffer 9: Linux Kernel "iscsi_add_notunderstood_response()" Buffer Overflow Vulnerability V-169: Linux Kernel "iscsi_add_notunderstood_response()" Buffer Overflow Vulnerability June 3, 2013 - 12:01am Addthis PROBLEM: Linux Kernel "iscsi_add_notunderstood_response()" Buffer Overflow Vulnerability PLATFORM: Linux Kernel 3.0.x Linux Kernel 3.2.x Linux Kernel 3.4.x Linux Kernel 3.9.x ABSTRACT: A vulnerability has been reported in Linux Kernel. REFERENCE LINKS: Secunia Advisory SA53670 Red Hat Bugzilla - Bug 968036 CVE-2013-2850 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to a boundary error within the "iscsi_add_notunderstood_response()" function (drivers/target/iscsi/iscsi_target_parameters.c) when parsing keys and can

34

V-078: WordPress Bugs Permit Cross-Site Scripting and Port Scanning Attacks  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: WordPress Bugs Permit Cross-Site Scripting and Port Scanning 8: WordPress Bugs Permit Cross-Site Scripting and Port Scanning Attacks V-078: WordPress Bugs Permit Cross-Site Scripting and Port Scanning Attacks January 28, 2013 - 12:32am Addthis PROBLEM: WordPress Bugs Permit Cross-Site Scripting and Port Scanning Attacks PLATFORM: WordPress all versions are affected prior to 3.5.1 ABSTRACT: WordPress 3.5.1 Maintenance and Security Release REFERENCE LINKS: WordPress News SecurityTracker Alert ID: 1028045 Secunia Advisory SA51967 IMPACT ASSESSMENT: Medium DISCUSSION: Several scripts do not properly filter HTML code from user-supplied input before displaying the input. A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the site running the WordPress software and will run in the security

35

U-257: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

57: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny 57: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service U-257: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service September 12, 2012 - 6:00am Addthis PROBLEM: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service PLATFORM: ColdFusion 10, 9.0.2, 9.0.1, 9.0, 8.0.1, and 8.0 for Windows, Macintosh and UNIX ABSTRACT: Adobe ColdFusion is prone to a remote denial-of-service vulnerability. reference LINKS: Adobe Security bulletins and advisories Adobe Vulnerability identifier: APSB12-21 SecurityTracker Alert ID: 1027516 Bugtraq ID: 55499 CVE-2012-2048 IMPACT ASSESSMENT: Medium Discussion: Adobe has released a security hotfix for ColdFusion 10 and earlier versions for Windows, Macintosh and UNIX. This update resolves a vulnerability which

36

U-121: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Conduct  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

21: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, 21: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information U-121: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information March 9, 2012 - 7:00am Addthis PROBLEM: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information PLATFORM: Apple iOS Version(s): prior to 5.1 ABSTRACT: Multiple vulnerabilities were reported in Apple iOS. reference LINKS: SecurityTracker Alert ID: 1026774 Apple Security Updates About the security content of iOS 5.1 Software Update CVE-2012-0641, CVE-2012-0642, CVE-2012-0643, CVE-2011-3453, CVE-2012-0644,

37

U-233: Oracle Database INDEXTYPE CTXSYS.CONTEXT Bug Lets Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Oracle Database INDEXTYPE CTXSYS.CONTEXT Bug Lets Remote 3: Oracle Database INDEXTYPE CTXSYS.CONTEXT Bug Lets Remote Authenticated Users Gain Elevated Privileges U-233: Oracle Database INDEXTYPE CTXSYS.CONTEXT Bug Lets Remote Authenticated Users Gain Elevated Privileges August 13, 2012 - 7:00am Addthis PROBLEM: Oracle Database INDEXTYPE CTXSYS.CONTEXT Bug Lets Remote Authenticated Users Gain Elevated Privileges PLATFORM: Oracle Database Server versions 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3 ABSTRACT: A remote authenticated user with 'Create Table' privileges can gain 'SYS' privileges on the target system. Reference LINKS: Oracle Security Alert Oracle Security Alert - CVE-2012-3132 Risk Matrices SecurityTracker Alert ID: 1027367 CVE-2012-3132 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Oracle Database. This vulnerability is not

38

V-135: Cisco ASA Multiple Bugs Let Remote Users Deny Service | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Cisco ASA Multiple Bugs Let Remote Users Deny Service 5: Cisco ASA Multiple Bugs Let Remote Users Deny Service V-135: Cisco ASA Multiple Bugs Let Remote Users Deny Service April 16, 2013 - 12:21am Addthis PROBLEM: Cisco ASA Multiple Bugs Let Remote Users Deny Service PLATFORM: Cisco ASA Software for Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, and Cisco ASA 1000V Cloud Firewall are affected by multiple vulnerabilities. Affected versions of Cisco ASA Software will vary depending on the specific vulnerability. ABSTRACT: Several vulnerabilities were reported in Cisco ASA. REFERENCE LINKS: Cisco Security Advisory Secunia Advisory SA52989 SecurityTracker Alert ID: 1028415 CVE-2013-1149 CVE-2013-1150 CVE-2013-1151 CVE-2013-1152

39

U-257: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny 7: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service U-257: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service September 12, 2012 - 6:00am Addthis PROBLEM: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service PLATFORM: ColdFusion 10, 9.0.2, 9.0.1, 9.0, 8.0.1, and 8.0 for Windows, Macintosh and UNIX ABSTRACT: Adobe ColdFusion is prone to a remote denial-of-service vulnerability. reference LINKS: Adobe Security bulletins and advisories Adobe Vulnerability identifier: APSB12-21 SecurityTracker Alert ID: 1027516 Bugtraq ID: 55499 CVE-2012-2048 IMPACT ASSESSMENT: Medium Discussion: Adobe has released a security hotfix for ColdFusion 10 and earlier versions for Windows, Macintosh and UNIX. This update resolves a vulnerability which

40

V-012: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Mozilla Firefox 'window.location' Bugs Permit Cross-Site 2: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting Attacks and May Let Remote Users Execute Arbitrary Code V-012: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting Attacks and May Let Remote Users Execute Arbitrary Code October 29, 2012 - 6:00am Addthis PROBLEM: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting Attacks and May Let Remote Users Execute Arbitrary Code PLATFORM: Firefox, Thunderbird, SeaMonkey ABSTRACT: Three vulnerabilities were reported in Mozilla Firefox. REFERENCE LINKS: Mozilla Foundation Security Advisory 2012-90 SecurityTracker Alert ID: 1027701 SecurityTracker Alert ID: 1027702 Advisory: RHSA-2012:1407-1 CVE-2012-4194 CVE-2012-4195 CVE-2012-4196 IMPACT ASSESSMENT: High DISCUSSION: A remote user can exploit the valueOf() method of window.location to, in

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


41

T-538: HP OpenView Storage Data Protector Bug Lets Remote Users Execute  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

T-538: HP OpenView Storage Data Protector Bug Lets Remote Users T-538: HP OpenView Storage Data Protector Bug Lets Remote Users Execute Arbitrary Code T-538: HP OpenView Storage Data Protector Bug Lets Remote Users Execute Arbitrary Code January 20, 2011 - 6:39am Addthis PROBLEM: HP OpenView Storage Data Protector Bug Lets Remote Users Execute Arbitrary Code. PLATFORM: HP OpenView Storage Data Protector v6.11 ABSTRACT: A vulnerability was reported in HP OpenView Storage Data Protector. A remote user can execute arbitrary code on the target system. reference LINKS: HP Security Bulletin SecurityTracker Alert ID: 1024983 CVE-2011-0273 IMPACT ASSESSMENT: High Discussion: A potential security vulnerability has been identified with HP OpenView Storage Data Protector. The vulnerability could be remotely exploited to execute arbitrary code.

42

V-012: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Mozilla Firefox 'window.location' Bugs Permit Cross-Site 2: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting Attacks and May Let Remote Users Execute Arbitrary Code V-012: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting Attacks and May Let Remote Users Execute Arbitrary Code October 29, 2012 - 6:00am Addthis PROBLEM: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting Attacks and May Let Remote Users Execute Arbitrary Code PLATFORM: Firefox, Thunderbird, SeaMonkey ABSTRACT: Three vulnerabilities were reported in Mozilla Firefox. REFERENCE LINKS: Mozilla Foundation Security Advisory 2012-90 SecurityTracker Alert ID: 1027701 SecurityTracker Alert ID: 1027702 Advisory: RHSA-2012:1407-1 CVE-2012-4194 CVE-2012-4195 CVE-2012-4196 IMPACT ASSESSMENT: High DISCUSSION: A remote user can exploit the valueOf() method of window.location to, in

43

U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability January 23, 2012 - 9:00am Addthis PROBLEM: Linux Kernel "/proc//mem" Privilege Escalation Vulnerability. PLATFORM: Linux Kernel 2.6.x ABSTRACT: A vulnerability has been discovered in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges reference LINKS: Linux Kernel Update CVE-2012-0056 Red Hat Bugzilla Bug 782642 IMPACT ASSESSMENT: Medium Discussion: The vulnerability is caused due to the kernel not properly restricting access to "/proc//mem" file, which can be exploited to gain escalated privileges by e.g. writing into the memory of a privileged process.

44

Efficient concurrency-bug detection across inputs  

Science Conference Proceedings (OSTI)

In the multi-core era, it is critical to efficiently test multi-threaded software and expose concurrency bugs before software release. Previous work has made significant progress in detecting and validating concurrency bugs under a given input. Unfortunately, ... Keywords: bug detection, concurrency bugs, multi-threaded software, software testing

Dongdong Deng, Wei Zhang, Shan Lu

2013-10-01T23:59:59.000Z

45

U-137: HP Performance Manager Unspecified Bug Lets Remote Users Execute  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: HP Performance Manager Unspecified Bug Lets Remote Users 7: HP Performance Manager Unspecified Bug Lets Remote Users Execute Arbitrary Codes U-137: HP Performance Manager Unspecified Bug Lets Remote Users Execute Arbitrary Codes March 30, 2012 - 9:15am Addthis PROBLEM: HP Performance Manager Unspecified Bug Lets Remote Users Execute Arbitrary Codes PLATFORM: HP-UX B.11.31 HP-UX B.11.23 ABSTRACT: A remote user can execute arbitrary code on the target system. REFERENCE LINKS: HP Support Document ID: c03255321 SecurityTracker Alert ID: 1026869 CVE-2012-0127 IMPACT ASSESSMENT: High Discussion: A potential security vulnerability has been identified with HP Performance Manager running on HP-UX, Linux, Solaris, and Windows. The vulnerability could be exploited remotely to execute arbitrary code and to create a Denial of Service (DoS).

46

V-063: Adobe ColdFusion Bugs Let Remote Users Gain Access and Obtain  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Adobe ColdFusion Bugs Let Remote Users Gain Access and 3: Adobe ColdFusion Bugs Let Remote Users Gain Access and Obtain Information V-063: Adobe ColdFusion Bugs Let Remote Users Gain Access and Obtain Information January 7, 2013 - 1:00am Addthis PROBLEM: Adobe ColdFusion Bugs Let Remote Users Gain Access and Obtain Information PLATFORM: ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX ABSTRACT: Adobe has identified three vulnerabilities affecting ColdFusion for Windows, Macintosh and UNIX REFERENCE LINKS: Adobe Security Bulletin APSA13-01 SecurityTracker Alert ID: 1027938 CVE-2013-0625 CVE-2013-0629 CVE-2013-0631 IMPACT ASSESSMENT: High DISCUSSION: A remote user can bypass authentication and take control of the target system [CVE-2013-0625]. Systems with password protection disabled or with no password set are affected.

47

U-269: Cisco IOS Intrusion Prevention System DNS Processing Bug Lets Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Cisco IOS Intrusion Prevention System DNS Processing Bug 9: Cisco IOS Intrusion Prevention System DNS Processing Bug Lets Remote Users Deny Service U-269: Cisco IOS Intrusion Prevention System DNS Processing Bug Lets Remote Users Deny Service September 27, 2012 - 4:07am Addthis PROBLEM: Cisco IOS Intrusion Prevention System DNS Processing Bug Lets Remote Users Deny Service PLATFORM: Devices configured with Cisco IOS IPS are affected ABSTRACT: A vulnerability was reported in Cisco IOS. reference LINKS: SecurityTracker Alert ID: 1027580 Cisco Security Advisory CVE-2012-3950 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Cisco IOS. A remote user can cause denial of service conditions. A remote user can send specially crafted (but legitimate) DNS packets through the target device to cause the device to

48

T-707: Apache Tomcat AJP Protocol Processing Bug Lets Remote Users Bypass  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Apache Tomcat AJP Protocol Processing Bug Lets Remote Users 7: Apache Tomcat AJP Protocol Processing Bug Lets Remote Users Bypass Authentication or Obtain Information T-707: Apache Tomcat AJP Protocol Processing Bug Lets Remote Users Bypass Authentication or Obtain Information August 31, 2011 - 12:00pm Addthis PROBLEM: A vulnerability was reported in Apache Tomcat. A remote user can bypass authentication or obtain potentially sensitive information. PLATFORM: Apache Tomcat 5.5.0 to 5.5.33, 6.0.0 to 6.0.33, 7.0.0 to 7.0.20 ABSTRACT: Apache Tomcat AJP protocol processing bug lets remote users bypass authentication or obtain information. reference LINKS: SecurityTracker Alert ID: 1025993 CVE-2011-3190 (under review) Apache Tomcat Security Updates IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Apache Tomcat. A remote user can bypass

49

U-008: Symantec Data Loss Prevention Bugs in KeyView Filter Lets Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

08: Symantec Data Loss Prevention Bugs in KeyView Filter Lets 08: Symantec Data Loss Prevention Bugs in KeyView Filter Lets Remote Users Deny Service U-008: Symantec Data Loss Prevention Bugs in KeyView Filter Lets Remote Users Deny Service October 11, 2011 - 8:00am Addthis PROBLEM: Symantec Data Loss Prevention Bugs in KeyView Filter Lets Remote Users Deny Service PLATFORM: Symantec Data Loss Prevention Enforce/Detection Servers for Windows 10.x, 11.x ABSTRACT: A remote user can create a file that, when processed by the target filter, will cause partial denial of service conditions. reference LINKS: Symantec Security Advisory SYM11-013 SecurityTracker Alert ID: 1026157 IMPACT ASSESSMENT: Medium Discussion: Multiple vulnerabilities were reported in Symantec Data Loss Prevention. A remote user can cause denial of service conditions on the target system.A

50

U-079: Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

79: Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute 79: Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code U-079: Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code January 11, 2012 - 8:00am Addthis PROBLEM: Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code. PLATFORM: Adobe Acrobat/Reader Version(s): 9.x prior to 9.5, 10.x prior to 10.1.2 ABSTRACT: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system. reference LINKS: SecurityTracker Alert ID: 1026496 Adobe Security Bulletin APSB12-01 CVE-2011-2462, CVE-2011-4369, CVE-2011-4370, CVE-2011-4371, CVE-2011-4372, CVE-2011-4373. IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in Adobe Acrobat/Reader. A remote

51

V-037: Wireshark Multiple Bugs Let Remote Users Deny Service | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Wireshark Multiple Bugs Let Remote Users Deny Service 7: Wireshark Multiple Bugs Let Remote Users Deny Service V-037: Wireshark Multiple Bugs Let Remote Users Deny Service November 30, 2012 - 3:30am Addthis PROBLEM: Wireshark Multiple Bugs Let Remote Users Deny Service PLATFORM: Version(s): prior to 1.6.12, 1.8.4 ABSTRACT: Several vulnerabilities were reported in Wireshark. REFERENCE LINKS: Wireshark Security Advisories Secunia Advisory SA51422 Seclists SecurityTracker Alert ID: 1027822 CVE-2012-5592 CVE-2012-5593 CVE-2012-5594 CVE-2012-5595 CVE-2012-5596 CVE-2012-5597 CVE-2012-5598 CVE-2012-5599 CVE-2012-5600 CVE-2012-5601 CVE-2012-5602 IMPACT ASSESSMENT: Medium DISCUSSION: Several vulnerabilities were reported in Wireshark. A remote user can cause denial of service conditions. A user can obtain potentially sensitive information.

52

U-076: OpenSSL Bugs Let Remote Users Deny Service, Obtain Information, and  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

76: OpenSSL Bugs Let Remote Users Deny Service, Obtain 76: OpenSSL Bugs Let Remote Users Deny Service, Obtain Information, and Potentially Execute Arbitrary Code U-076: OpenSSL Bugs Let Remote Users Deny Service, Obtain Information, and Potentially Execute Arbitrary Code January 6, 2012 - 8:15am Addthis PROBLEM: OpenSSL Bugs Let Remote Users Deny Service, Obtain Information, and Potentially Execute Arbitrary Code PLATFORM: OpenSSL prior to 0.9.8s; 1.x prior to 1.0.0f ABSTRACT: A remote user may be able to execute arbitrary code on the target system. reference LINKS: SecurityTracker Alert ID: 1026485 OpenSSL Security Advisory IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in OpenSSL. A remote user can cause denial of service conditions. A remote user can obtain sensitive information. A remote user may be able to execute arbitrary code on the

53

T-708:Pidgin Bugs Let Remote Users Deny Service and Potentially Execute  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

T-708:Pidgin Bugs Let Remote Users Deny Service and Potentially T-708:Pidgin Bugs Let Remote Users Deny Service and Potentially Execute Arbitrary Code T-708:Pidgin Bugs Let Remote Users Deny Service and Potentially Execute Arbitrary Code September 1, 2011 - 12:00pm Addthis PROBLEM: gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbitrary programs via a file: URL in a message. PLATFORM: Pidgin before 2.10.0 on Windows ABSTRACT: Pidgin bugs let remote users deny service and potentially execute arbitrary code. reference LINKS: CVE-2011-3185 CVE-2011-2943 CVE-2011-3184 SecurityTracker Alert ID: 1025961 Pidgin Security Advisories IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in Pidgin. A remote user can cause denial of service conditions. A remote user can cause arbitrary code to be

54

V-113: Apple Safari Bugs Let Remote Users Execute Arbitrary Code |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Apple Safari Bugs Let Remote Users Execute Arbitrary Code 3: Apple Safari Bugs Let Remote Users Execute Arbitrary Code V-113: Apple Safari Bugs Let Remote Users Execute Arbitrary Code March 18, 2013 - 1:53am Addthis PROBLEM: Apple Safari Bugs Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): prior to 6.0.3 ABSTRACT: Two vulnerabilities were reported in Apple Safari. REFERENCE LINKS: Apple security update, Article: HT1222 SecurityTracker Alert ID: 1028292 CVE-2013-0960 CVE-2013-0961 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can create specially crafted HTML that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. IMPACT: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.

55

U-053: Linux kexec Bugs Let Local and Remote Users Obtain Potentially  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

53: Linux kexec Bugs Let Local and Remote Users Obtain 53: Linux kexec Bugs Let Local and Remote Users Obtain Potentially Sensitive Information U-053: Linux kexec Bugs Let Local and Remote Users Obtain Potentially Sensitive Information December 7, 2011 - 7:30am Addthis PROBLEM: Linux kexec Bugs Let Local and Remote Users Obtain Potentially Sensitive Information . PLATFORM: Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat Enterprise Linux Server (v. 6) Red Hat Enterprise Linux Workstation (v. 6) ABSTRACT: Several vulnerabilities were reported in Linux kexec. A remote or local user can obtain potentially sensitive information. reference LINKS: Red Hat Security Advisory: RHSA-2011:1532-3 SecurityTracker Alert ID: 1026375 IMPACT ASSESSMENT: Medium Discussion: Kdump uses the SSH "StrictHostKeyChecking=no" option when dumping to SSH

56

U-208: HP Operations Agent Bugs Let Remote Users Execute Arbitrary Code |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

208: HP Operations Agent Bugs Let Remote Users Execute Arbitrary 208: HP Operations Agent Bugs Let Remote Users Execute Arbitrary Code U-208: HP Operations Agent Bugs Let Remote Users Execute Arbitrary Code July 10, 2012 - 7:00am Addthis PROBLEM: HP Operations Agent Bugs Let Remote Users Execute Arbitrary Code PLATFORM: HP Operations Agent for AIX, HP-UX, Linux, Solaris, and Windows prior to v11.03.12. ABSTRACT: Two vulnerabilities were reported in HP Operations Agent. A remote user can execute arbitrary code on the target system reference LINKS: The Vendor's Advisory SecurityTracker Alert ID: 1027225 CVE-2012-2019 CVE-2012-2020 IMPACT ASSESSMENT: High Discussion: Potential security vulnerabilities have been identified with HP Operations Agent for AIX, HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in the execution of arbitrary code.

57

U-072:Apache Tomcat Hash Table Collision Bug Lets Remote Users Deny Service  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

72:Apache Tomcat Hash Table Collision Bug Lets Remote Users Deny 72:Apache Tomcat Hash Table Collision Bug Lets Remote Users Deny Service U-072:Apache Tomcat Hash Table Collision Bug Lets Remote Users Deny Service December 30, 2011 - 9:15am Addthis PROBLEM: Apache Tomcat Hash Table Collision Bug Lets Remote Users Deny Service PLATFORM: apache Tomcat 5.5.34, 6.0.34, 7.0.22; and prior versions aBSTRACT: A remote user can cause performance to degrade on the target server. reference LINKS: Apache Tomcat Security Alert SecurityTracker Alert ID: 1026477 nruns Advisory SA-2011.004 Secunia Advisory SA47411 CVE-2011-4084 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Apache Tomcat. A remote user can cause denial of service conditions. A remote user can send specially crafted POST request values to trigger hash collisions and cause significant performance

58

V-149: Microsoft Internet Explorer Object Access Bug Lets Remote Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Microsoft Internet Explorer Object Access Bug Lets Remote 9: Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary Code V-149: Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary Code May 6, 2013 - 12:07am Addthis PROBLEM: Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary Code PLATFORM: Internet Explorer 8 ABSTRACT: A vulnerability was reported in Microsoft Internet Explorer. REFERENCE LINKS: SecurityTracker Alert ID: 1028514 Microsoft Security Advisory (2847140) CVE-2013-1347 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can create specially crafted HTML that, when loaded by the target user, will access and object that has been deleted or not properly allocated and execute arbitrary code on the target system. The code will run with the privileges of the target user.

59

U-269: Cisco IOS Intrusion Prevention System DNS Processing Bug Lets Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Cisco IOS Intrusion Prevention System DNS Processing Bug 9: Cisco IOS Intrusion Prevention System DNS Processing Bug Lets Remote Users Deny Service U-269: Cisco IOS Intrusion Prevention System DNS Processing Bug Lets Remote Users Deny Service September 27, 2012 - 4:07am Addthis PROBLEM: Cisco IOS Intrusion Prevention System DNS Processing Bug Lets Remote Users Deny Service PLATFORM: Devices configured with Cisco IOS IPS are affected ABSTRACT: A vulnerability was reported in Cisco IOS. reference LINKS: SecurityTracker Alert ID: 1027580 Cisco Security Advisory CVE-2012-3950 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Cisco IOS. A remote user can cause denial of service conditions. A remote user can send specially crafted (but legitimate) DNS packets through the target device to cause the device to

60

V-113: Apple Safari Bugs Let Remote Users Execute Arbitrary Code |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Apple Safari Bugs Let Remote Users Execute Arbitrary Code 3: Apple Safari Bugs Let Remote Users Execute Arbitrary Code V-113: Apple Safari Bugs Let Remote Users Execute Arbitrary Code March 18, 2013 - 1:53am Addthis PROBLEM: Apple Safari Bugs Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): prior to 6.0.3 ABSTRACT: Two vulnerabilities were reported in Apple Safari. REFERENCE LINKS: Apple security update, Article: HT1222 SecurityTracker Alert ID: 1028292 CVE-2013-0960 CVE-2013-0961 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can create specially crafted HTML that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. IMPACT: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


61

T-654: Apple QuickTime Multiple Bugs Let Remote Users Execute Arbitrary |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Apple QuickTime Multiple Bugs Let Remote Users Execute 4: Apple QuickTime Multiple Bugs Let Remote Users Execute Arbitrary T-654: Apple QuickTime Multiple Bugs Let Remote Users Execute Arbitrary June 24, 2011 - 4:39am Addthis PROBLEM: A vulnerability was reported in QuickTime. A remote user can cause arbitrary code to be executed on the target user's system. PLATFORM: Version(s): prior to QuickTime 7.6.8 ABSTRACT: A remote user can create a specially crafted file that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. reference LINKS: SecurityTracker Alert ID: 1025705 Apple Security Article: HT4339 Apple Security Article: HT4723 Apple Security Article: HT1222 CVE-2011-0213 Secunia Advisory: SA45054 IMPACT ASSESSMENT High Discussion:

62

bug | OpenEI Community  

Open Energy Info (EERE)

bug bug Home Rmckeel's picture Submitted by Rmckeel(297) Contributor 20 July, 2012 - 07:55 Image upload with broken thumbnail image bug images wiki OpenEI users can upload images to the wiki by typing a new file name http://en.openei.org/wiki/File:My_new_file.jpg However, due to a caching timing issue, right after upload, the 120px-wide thumbnail has not yet been created by the time the fetier cache goes after it. Thus, the thumbnail appears broken. Is anyone up for debugging? For users uploading images, this can be fixed by forcing a reload of the page: Rmckeel's picture Submitted by Rmckeel(297) Contributor 19 June, 2012 - 08:04 "Ghost" entries bug utility rate There is an issue that Illinois State University has come across. From Nick B: Syndicate content 429 Throttled (bot load)

63

T-647: PHP File Upload Bug May Let Remote Users Overwrite Files on the  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: PHP File Upload Bug May Let Remote Users Overwrite Files on 7: PHP File Upload Bug May Let Remote Users Overwrite Files on the Target System T-647: PHP File Upload Bug May Let Remote Users Overwrite Files on the Target System June 15, 2011 - 3:45pm Addthis PROBLEM: A vulnerability was reported in PHP. A remote user may be able to overwrite files on the target system. PLATFORM: PHP prior to 5.3.7 ABSTRACT: PHP is prone to a security-bypass vulnerability.Successful exploits will allow an attacker to delete files from the root directory, which may aid in further attacks. PHP 5.3.6 is vulnerable; other versions may also be affected. reference LINKS: PHP Security Notice PHP CVE-2011-2202 SecurityTracker Alert ID: 1025659 Secunia Advisory: SA44874 CVE-2011-2202 IMPACT ASSESSMENT: High Discussion: The vulnerability lies in the 'SAPI_POST_HANDLER_FUNC()' function in

64

T-705: Linux Kernel Weakness in Sequence Number Generation Facilitates  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

05: Linux Kernel Weakness in Sequence Number Generation 05: Linux Kernel Weakness in Sequence Number Generation Facilitates Packet Injection Attacks T-705: Linux Kernel Weakness in Sequence Number Generation Facilitates Packet Injection Attacks August 30, 2011 - 3:46am Addthis PROBLEM: A remote user can conduct packet injection attacks. PLATFORM: Linux Kernel ABSTRACT: Linux Kernel Weakness in Sequence Number Generation Facilitates Packet Injection Attacks. reference LINKS: SecurityTracker Alert ID: 1025977 CVE-2011-3188 (under review) The Linux Kernel Archives IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in the Linux Kernel. A remote user can conduct packet injection attacks. The kernel's sequence number generation function uses partial MD4 with 24-bits unguessable. A remote user may be able to brute-force guess a valid sequence number to inject a packet into a

65

Team Bug Bag Biogas For Nicaragua  

E-Print Network (OSTI)

Team Bug Bag Biogas For Nicaragua Project Recap The task for Team Bug Bag was to create for under $100 (USD), and be able to produce biogas that could boil water for a thirty minute time period

Demirel, Melik C.

66

U-142: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

42: HP Onboard Administrator Bugs Let Remote Users Gain Access, 42: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks U-142: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks April 6, 2012 - 7:00am Addthis PROBLEM: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks PLATFORM: HP Onboard Administrator (OA) up to and including v3.32 ABSTRACT: A remote user can obtain potentially sensitive information. reference LINKS: HP Support Document ID: c03263573 SecurityTracker Alert ID: 1026889 CVE-2012-0128, CVE-2012-0129, CVE-2012-0130 IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in HP Onboard Administrator. A remote

67

V-189: Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users Deny  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users 9: Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users Deny Service on the Target Host V-189: Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users Deny Service on the Target Host July 1, 2013 - 12:48am Addthis PROBLEM: Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users Deny Service on the Target Host PLATFORM: VirtualBox 4.2.12 ABSTRACT: A vulnerability was reported in Oracle VirtualBox. REFERENCE LINKS: VirtualBox ticket: 11863 SecurityTracker Alert ID: 1028712 IMPACT ASSESSMENT: Medium DISCUSSION: A local user on the guest operating system can issue a 'tracepath' command to cause the network on the target host system to become unavailable. IMPACT: A local user on a guest operating system can cause denial of service conditions on the target host system.

68

U-142: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: HP Onboard Administrator Bugs Let Remote Users Gain Access, 2: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks U-142: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks April 6, 2012 - 7:00am Addthis PROBLEM: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks PLATFORM: HP Onboard Administrator (OA) up to and including v3.32 ABSTRACT: A remote user can obtain potentially sensitive information. reference LINKS: HP Support Document ID: c03263573 SecurityTracker Alert ID: 1026889 CVE-2012-0128, CVE-2012-0129, CVE-2012-0130 IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in HP Onboard Administrator. A remote

69

U-129: RSA enVision Bugs Permit Cross-Site Scripting, SQL Injection, and  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: RSA enVision Bugs Permit Cross-Site Scripting, SQL 9: RSA enVision Bugs Permit Cross-Site Scripting, SQL Injection, and Directory Traversal Attacks U-129: RSA enVision Bugs Permit Cross-Site Scripting, SQL Injection, and Directory Traversal Attacks March 20, 2012 - 7:00am Addthis PROBLEM: RSA enVision Bugs Permit Cross-Site Scripting, SQL Injection, and Directory Traversal Attacks PLATFORM: 4.x, prior to 4.1 Patch 4 ABSTRACT: Several vulnerabilities were reported in RSA enVision. A remote user can access the system. A remote authenticated user can conduct cross-site scripting attacks. A remote authenticated user can inject SQL commands. A remote authenticated user can view files on the target system. Reference LINKS: SecurityTracker Alert ID: 1026819 CVE-2012-0403 IMPACT ASSESSMENT: High Discussion: The system does not properly filter HTML code from user-supplied input

70

U-203: HP Photosmart Bug Lets Remote Users Deny Service | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

03: HP Photosmart Bug Lets Remote Users Deny Service 03: HP Photosmart Bug Lets Remote Users Deny Service U-203: HP Photosmart Bug Lets Remote Users Deny Service July 2, 2012 - 8:00am Addthis PROBLEM: HP Photosmart Bug Lets Remote Users Deny Service PLATFORM: HP Photosmart Wireless e-All-in-One Printer series - B110 HP Photosmart e-All-in-One Printer series - D110 HP Photosmart Plus e-All-in-One Printer series - B210 HP Photosmart eStation All-in-One Printer series - C510 HP Photosmart Ink Advantage e-All-in-One Printer series - K510 HP Photosmart Premium Fax e-All-in-One Printer series - C410 ABSTRACT: A vulnerability was reported in HP Photosmart. A remote user can cause denial of service conditions. Reference LINKS: The Vendor's Advisory SecurityTracker Alert ID: 1027213 CVE-2012-2017 IMPACT ASSESSMENT: High Discussion:

71

U-231: Cisco ASA SIP and WebVPN Bugs Let Remote Users Deny Service |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

31: Cisco ASA SIP and WebVPN Bugs Let Remote Users Deny Service 31: Cisco ASA SIP and WebVPN Bugs Let Remote Users Deny Service U-231: Cisco ASA SIP and WebVPN Bugs Let Remote Users Deny Service August 9, 2012 - 7:00am Addthis PROBLEM: Cisco ASA SIP and WebVPN Bugs Let Remote Users Deny Service PLATFORM: Version(s): ASA 5500 Series; 8.2 - 8.4 ABSTRACT: Two vulnerabilities were reported in Cisco ASA. A remote or remote authenticated user can cause denial of service conditions. reference LINKS: Release Notes for the Cisco ASA 5500 Series, 8.4(x) SecurityTracker Alert ID: 1027355 CVE-2012-2472 CVE-2012-2474 IMPACT ASSESSMENT: Medium Discussion: Two vulnerabilities were reported in Cisco ASA. 1. On systems with SIP inspection enabled, a remote user can send specially crafted SIP traffic to cause the target device to create many identical

72

U-222: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, 2: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information U-222: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information July 27, 2012 - 7:00am Addthis PROBLEM: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information PLATFORM: Version(s):Apple Safari prior to 6.0 ABSTRACT: Multiple vulnerabilities were reported in Apple Safari. reference LINKS: The Vendor's Advisory Bugtraq ID: 54683 SecurityTracker Alert ID: 1027307 IMPACT ASSESSMENT:

73

V-140: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site 0: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information V-140: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information April 23, 2013 - 12:26am Addthis PROBLEM: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information PLATFORM: Apache ActiveMQ versions prior to 5.8.0 ABSTRACT: Several vulnerabilities were reported in Apache ActiveMQ. REFERENCE LINKS: Apache ActiveMQ SecurityTracker Alert ID: 1028457 CVE-2012-6092 CVE-2012-6551 CVE-2013-3060 IMPACT ASSESSMENT: High DISCUSSION: Several web demos do not properly filter HTML code from user-supplied input

74

T-589: Citrix XenApp and Citrix Presentation Server Bug | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

89: Citrix XenApp and Citrix Presentation Server Bug 89: Citrix XenApp and Citrix Presentation Server Bug T-589: Citrix XenApp and Citrix Presentation Server Bug March 28, 2011 - 3:05pm Addthis PROBLEM: Citrix XenApp and Citrix Presentation Server Bug in ActiveSync Lets Remote Users Execute Arbitrary Code. PLATFORM: Citrix XenApp Presentation versions 4.5, 5 ABSTRACT: A vulnerability was reported in Citrix XenApp (Presentation Server). A remote user can execute arbitrary code on the target system. -------------------------------------------------------------------------------- LINKS: DOE-CIRC BULLETIN: http://www.doecirc.energy.gov/bulletins/t-589.shtml OTHER LINKS: Citrix Document: CTX128366 SecurityTracker Alert ID: 1025254 Citrix Support Technical Support Downloads --------------------------------------------------------------------------------

75

U-055: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary 5: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code U-055: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code December 8, 2011 - 8:30am Addthis PROBLEM: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code . PLATFORM: Adobe Flash Player 11.1.102.55 on Windows and Mac OS X and prior versions ABSTRACT: Two vulnerabilities exploited by the Intevydis vd_adobe_fp module in VulnDisco Step Ahead were reported in Adobe Flash Player. reference LINKS: Secunia Advisory: SA47161 SecurityTracker Alert ID: 1026392 CVE-2011-4693 CVE-2011-4694 IMPACT ASSESSMENT: High Discussion: A remote or local user can obtain potentially sensitive information. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create a specially crafted SWF file that, when

76

U-025: HP OpenView Network Node Manager Bugs Let Remote Users Execute  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U-025: HP OpenView Network Node Manager Bugs Let Remote Users U-025: HP OpenView Network Node Manager Bugs Let Remote Users Execute Arbitrary Code U-025: HP OpenView Network Node Manager Bugs Let Remote Users Execute Arbitrary Code November 2, 2011 - 8:00am Addthis PROBLEM: HP OpenView Network Node Manager Bugs Let Remote Users Execute Arbitrary Code. PLATFORM: HP OpenView Network Node Manager (OV NNM) v7.51, v7.53 running on HP-UX, Linux, Solaris, and Windows ABSTRACT: A remote user can execute arbitrary code on the target system. reference LINKS: HP Support Center Document ID: c03054052 SecurityTracker Alert ID: 1026260 CVE-2011-1365 CVE-2011-1366 CVE-2011-1367 IMPACT ASSESSMENT: Medium Discussion: Several vulnerabilities were reported in HP OpenView Network Node Manager. A remote user can execute arbitrary code on the target system.

77

U-071:HP Database Archiving Software Bugs Let Remote Users Execute  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1:HP Database Archiving Software Bugs Let Remote Users Execute 1:HP Database Archiving Software Bugs Let Remote Users Execute Arbitrary Code U-071:HP Database Archiving Software Bugs Let Remote Users Execute Arbitrary Code December 29, 2011 - 8:15am Addthis PROBLEM: HP Database Archiving Software Bugs Let Remote Users Execute Arbitrary Code PLATFORM: HP Database Archiving Software v6.31 ABSTRACT: A remote user can execute arbitrary code on the target system. reference LINKS: HP Database Document ID: c03128302 SecurityTracker Alert ID: 1026467 CVE-2011-4163 CVE-2011-4164 CVE-2011-4165 IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in HP Database Archiving Software. A remote user can execute arbitrary code on the target system. Impact: A remote user can execute arbitrary code on the target system. Solution:

78

U-217: Red Hat Certificate System Bugs Let Remote Users Conduct Cross-Site  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Red Hat Certificate System Bugs Let Remote Users Conduct 7: Red Hat Certificate System Bugs Let Remote Users Conduct Cross-Site Scripting and Denial of Service Attacks U-217: Red Hat Certificate System Bugs Let Remote Users Conduct Cross-Site Scripting and Denial of Service Attacks July 20, 2012 - 7:00am Addthis PROBLEM: Red Hat Certificate System Bugs Let Remote Users Conduct Cross-Site Scripting and Denial of Service Attacks PLATFORM: Red Hat Certificate System v8 ABSTRACT: Two vulnerabilities were reported in Red Hat Certificate System. A remote user can conduct cross-site scripting attacks. A remote authenticated user can revoke the CA certificate. reference LINKS: Advisory: RHSA-2012:1103-1 SecurityTracker Alert ID: 1027284 CVE-2012-2662 CVE-2012-3367 IMPACT ASSESSMENT: Medium Discussion: The Agent and End Entity pages do not properly filter HTML code from

79

U-168: EMC Documentum Information Rights Management Server Bugs Let Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

168: EMC Documentum Information Rights Management Server Bugs Let 168: EMC Documentum Information Rights Management Server Bugs Let Remote Authenticated Users Deny Service U-168: EMC Documentum Information Rights Management Server Bugs Let Remote Authenticated Users Deny Service May 14, 2012 - 7:00am Addthis PROBLEM: EMC Documentum Information Rights Management Server Bugs Let Remote Authenticated Users Deny Service PLATFORM: Information Rights Management Server 4.x, 5.x ABSTRACT: Two vulnerabilities were reported in EMC Documentum Information Rights Management Server. A remote authenticated user can cause denial of service conditions. Reference links: SecurityTracker Alert ID: 1027058 CVE-2012-2276 CVE-2012-2277 IMPACT ASSESSMENT: High Discussion: A remote authenticated user can send specially crafted data to trigger a NULL pointer dereference and cause the target service to crash. A remote

80

U-130: JBoss Operations Network LDAP Authentication Bug Lets Remote Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: JBoss Operations Network LDAP Authentication Bug Lets Remote 0: JBoss Operations Network LDAP Authentication Bug Lets Remote Users Bypass Authentication U-130: JBoss Operations Network LDAP Authentication Bug Lets Remote Users Bypass Authentication March 21, 2012 - 7:00am Addthis PROBLEM: JBoss Operations Network LDAP Authentication Bug Lets Remote Users Bypass Authentication PLATFORM: JBoss Operations Network 2.x ABSTRACT: A vulnerability was reported in JBoss Operations Network. A remote user can login with an arbitrary password in certain cases. reference LINKS: SecurityTracker Alert ID: 1026826 Secunia Advisory SA48471 CVE-2012-1100 IMPACT ASSESSMENT: Medium Discussion: The vulnerability is caused due to an error within the Lightweight Directory Access Protocol (LDAP) authentication when handling invalid bind account credentials, which can be exploited to log-in to LDAP-based

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


81

V-110: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

10: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary 10: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code V-110: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code March 13, 2013 - 12:04am Addthis PROBLEM: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): 1.6.602.171 and prior for Windows/Mac; other versions on other platforms ABSTRACT: Several vulnerabilities were reported in Adobe Flash Player. REFERENCE LINKS: Adobe Vulnerability identifier: APSB13-09 SecurityTracker Alert ID: 1028277 CVE-2013-0646 CVE-2013-0650 CVE-2013-1371 CVE-2013-1375 IMPACT ASSESSMENT: High DISCUSSION: A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target user's system. The code will run with the privileges of the target user.

82

U-159: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain 9: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users Bypass Authentication U-159: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users Bypass Authentication May 1, 2012 - 7:00am Addthis PROBLEM: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users Bypass Authentication PLATFORM: Red Hat Enterprise MRG v2 for Red Hat Enterprise Linux (version 6) ABSTRACT: A vulnerability was reported in Red Hat Enterprise MRG Messaging. A remote user can access cluster messages and view the internal configuration. reference LINKS: SecurityTracker Alert ID: 1026990 CVE-2011-3620 Red Hat advisory IMPACT ASSESSMENT: High Discussion: Qpid may accept arbitrary passwords and SASL mechanims. A remote user on the local private interconnect network with knowledge of a valid cluster

83

V-016: HP Performance Insight Bugs with Sybase Database Let Remote Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: HP Performance Insight Bugs with Sybase Database Let Remote 6: HP Performance Insight Bugs with Sybase Database Let Remote Users Deny Service and Take Full Control of the Target System V-016: HP Performance Insight Bugs with Sybase Database Let Remote Users Deny Service and Take Full Control of the Target System November 5, 2012 - 6:00am Addthis PROBLEM: HP Performance Insight Bugs with Sybase Database Let Remote Users Deny Service and Take Full Control of the Target System PLATFORM: HP Performance Insight v5.31, v5.40 and v5.41 running on HP-UX, Solaris, Linux, and Windows and using Sybase as the database ABSTRACT: Two vulnerabilities were reported in HP Performance Insight. REFERENCE LINKS: HP Support Document ID: c03555488 SecurityTracker Alert ID: 1027719 CVE-2012-3269 CVE-2012-3270 IMPACT ASSESSMENT: High DISCUSSION:

84

V-146: HP Service Manager Bugs Permit Cross-Site Scripting and Information  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: HP Service Manager Bugs Permit Cross-Site Scripting and 6: HP Service Manager Bugs Permit Cross-Site Scripting and Information Disclosure Attacks V-146: HP Service Manager Bugs Permit Cross-Site Scripting and Information Disclosure Attacks May 1, 2013 - 12:43am Addthis PROBLEM: HP Service Manager Bugs Permit Cross-Site Scripting and Information Disclosure Attacks PLATFORM: Service Manager v9.31 Web Tier ABSTRACT: Two vulnerabilities were reported in HP Service Manager REFERENCE LINKS: HP Document ID: c03748875 SecurityTracker Alert ID: 1028496 CVE-2012-5222 CVE-2013-2321 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can obtain potentially sensitive information [CVE-2012-5222]. Service Manager Web Tier does not properly filter HTML code from user-supplied input before displaying the input [CVE-2013-2321]. A remote

85

U-026: Cisco Small Business SRP500 Series Bug Lets Remote Users Inject  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Cisco Small Business SRP500 Series Bug Lets Remote Users 6: Cisco Small Business SRP500 Series Bug Lets Remote Users Inject Commands U-026: Cisco Small Business SRP500 Series Bug Lets Remote Users Inject Commands November 3, 2011 - 8:15am Addthis PROBLEM: Cisco Small Business SRP500 Series Bug Lets Remote Users Inject Commands. PLATFORM: The following models are affected when running firmware prior to version 1.1.24: Cisco SRP521W Cisco SRP526W Cisco SRP527W The following models are affected when running firmware prior to version 1.2.1: Cisco SRP541W Cisco SRP546W Cisco SRP547W ABSTRACT: A remote user can create a URL that, when loaded by the target authenticated administrative user, will execute arbitrary commands on the target system. reference LINKS: Advisory ID: cisco-sa-20111102-srp500 SecurityTracker Alert ID: 1026266

86

U-155: WebCalendar Access Control and File Inclusion Bugs Let Remote Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: WebCalendar Access Control and File Inclusion Bugs Let 5: WebCalendar Access Control and File Inclusion Bugs Let Remote Users Potentially Execute Arbitrary Code U-155: WebCalendar Access Control and File Inclusion Bugs Let Remote Users Potentially Execute Arbitrary Code April 25, 2012 - 7:00am Addthis PROBLEM: WebCalendar Access Control and File Inclusion Bugs Let Remote Users Potentially Execute Arbitrary Code PLATFORM: 1.2.4 and prior versions ABSTRACT: Two vulnerabilities were reported in WebCalendar. A remote user may be able to execute arbitrary PHP code on the target system. reference links: SecurityTracker Alert ID: 1026966 CVE-2012-1495 CVE-2012-1496 IMPACT ASSESSMENT: Medium Discussion: A remote user can access '/install/index.php' to potentially modify '/includes/settings/' with arbitrary values or PHP code. A remote

87

T-723:Adobe Flash Player Multiple Bugs Let Remote Users Obtain Information,  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3:Adobe Flash Player Multiple Bugs Let Remote Users Obtain 3:Adobe Flash Player Multiple Bugs Let Remote Users Obtain Information, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary Code T-723:Adobe Flash Player Multiple Bugs Let Remote Users Obtain Information, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary Code September 22, 2011 - 8:00am Addthis PROBLEM: Adobe Flash Player Multiple Bugs Let Remote Users Obtain Information, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary Code. PLATFORM: Adobe Flash Player 10.3.183.7 and earlier versions for Windows, Macintosh, Linux and Solaris. Adobe Flash Player 10.3.186.6 and earlier versions for Android. ABSTRACT: An attacker can exploit this issue by enticing an unsuspecting victim into visiting a malicious website. reference LINKS: Adobe Security Bulletin

88

U-163: PHP Command Parameter Bug Lets Remote Users Obtain Potentially  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: PHP Command Parameter Bug Lets Remote Users Obtain 3: PHP Command Parameter Bug Lets Remote Users Obtain Potentially Sensitive Information and Execute Arbitrary Code U-163: PHP Command Parameter Bug Lets Remote Users Obtain Potentially Sensitive Information and Execute Arbitrary Code May 7, 2012 - 7:00am Addthis PROBLEM: PHP Command Parameter Bug Lets Remote Users Obtain Potentially Sensitive Information and Execute Arbitrary Code PLATFORM: Prior to 5.3.12 and 5.4.2 ABSTRACT: A vulnerability was reported in PHP. A remote user can obtain potentially sensitive information. A remote user can execute arbitrary code on the target system. reference LINKS: SecurityTracker Alert ID: 1027022 CVE-2012-1823 CVE-2012-2311 IMPACT ASSESSMENT: High Discussion: A remote user can submit a specially crafted request containing a command

89

V-171: Apple Safari Bugs Let Remote Users Execute Arbitrary Code and  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Apple Safari Bugs Let Remote Users Execute Arbitrary Code 1: Apple Safari Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks V-171: Apple Safari Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks June 5, 2013 - 1:05am Addthis PROBLEM: Apple Safari Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks PLATFORM: Apple Safari prior to 6.0.5 ABSTRACT: Several vulnerabilities were reported in Apple Safari. REFERENCE LINKS: Apple Article: HT5785 SecurityTracker Alert ID: 1028627 CVE-2013-0926 CVE-2013-1009 CVE-2013-1012 CVE-2013-1013 CVE-2013-1023 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary

90

V-140: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site 0: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information V-140: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information April 23, 2013 - 12:26am Addthis PROBLEM: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information PLATFORM: Apache ActiveMQ versions prior to 5.8.0 ABSTRACT: Several vulnerabilities were reported in Apache ActiveMQ. REFERENCE LINKS: Apache ActiveMQ SecurityTracker Alert ID: 1028457 CVE-2012-6092 CVE-2012-6551 CVE-2013-3060 IMPACT ASSESSMENT: High DISCUSSION: Several web demos do not properly filter HTML code from user-supplied input

91

T-589: Citrix XenApp and Citrix Presentation Server Bug | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Citrix XenApp and Citrix Presentation Server Bug 9: Citrix XenApp and Citrix Presentation Server Bug T-589: Citrix XenApp and Citrix Presentation Server Bug March 28, 2011 - 3:05pm Addthis PROBLEM: Citrix XenApp and Citrix Presentation Server Bug in ActiveSync Lets Remote Users Execute Arbitrary Code. PLATFORM: Citrix XenApp Presentation versions 4.5, 5 ABSTRACT: A vulnerability was reported in Citrix XenApp (Presentation Server). A remote user can execute arbitrary code on the target system. -------------------------------------------------------------------------------- LINKS: DOE-CIRC BULLETIN: http://www.doecirc.energy.gov/bulletins/t-589.shtml OTHER LINKS: Citrix Document: CTX128366 SecurityTracker Alert ID: 1025254 Citrix Support Technical Support Downloads --------------------------------------------------------------------------------

92

V-046: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

46: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary 46: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code V-046: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code December 13, 2012 - 3:30am Addthis PROBLEM: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): 11.5.502.110 and prior for Windows/Mac; 11.2.202.251 and prior for Linux ABSTRACT: Several vulnerabilities were reported in Adobe Flash Player. REFERENCE LINKS: Adobe Vulnerability identifier: APSB12-27 SecurityTracker Alert ID: 1027854 Secunia Advisory SA51560 RHSA-2012:1569-1 CVE-2012-5676 CVE-2012-5677 CVE-2012-5678 IMPACT ASSESSMENT: High DISCUSSION: A buffer overflow can trigger code execution [CVE-2012-5676]. An integer overflow can trigger code execution [CVE-2012-5677]. A memory corruption flaw can trigger code execution [CVE-2012-5678].

93

V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote  

NLE Websites -- All DOE Office Websites (Extended Search)

71: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets 71: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service January 17, 2013 - 12:00am Addthis PROBLEM: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service PLATFORM: The vulnerability is reported in versions 8.7.1 and 8.7.1.1. ABSTRACT: A vulnerability has been reported in Cisco ASA 1000V Cloud Firewall REFERENCE LINKS: Cisco Advisory ID: cisco-sa-20130116-asa1000v SecurityTracker Alert ID: 1028005 Secunia Advisory SA51897 CVE-2012-5419 IMPACT ASSESSMENT: Medium DISCUSSION: A vulnerability has been reported in Cisco ASA 1000V Cloud Firewall, which can be exploited by malicious people to cause a DoS (Denial of Service).

94

U-047: Siemens Automation License Manager Bugs Let Remote Users Deny  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Siemens Automation License Manager Bugs Let Remote Users 7: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code U-047: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code November 29, 2011 - 9:00am Addthis PROBLEM: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code. PLATFORM: Siemens Automation License Manager 500.0.122.1 ABSTRACT: Several vulnerabilities were reported in Siemens Automation License Manager. reference LINKS: SecurityTracker Alert ID: 1026354 Bugtraq Siemens Advisory Services IMPACT ASSESSMENT: Medium Discussion: A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions. A remote user can send specially crafted *_licensekey commands to trigger a

95

U-075: Apache Struts Bug Lets Remote Users Overwrite Files and Execute  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

075: Apache Struts Bug Lets Remote Users Overwrite Files and 075: Apache Struts Bug Lets Remote Users Overwrite Files and Execute Arbitrary Code U-075: Apache Struts Bug Lets Remote Users Overwrite Files and Execute Arbitrary Code January 5, 2012 - 8:15am Addthis PROBLEM: Apache Struts Bug Lets Remote Users Overwrite Files and Execute Arbitrary Code PLATFORM: Version(s): 2.1.0 - 2.3.1 ABSTRACT: A remote user can execute arbitrary Java code on the target system. reference LINKS: SecurityTracker Alert ID: 1026484 Secunia Advisory SA47393 Bugtraq ID: 51257 Apache Struts 2 Documentation S2-008 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Apache Struts. A remote user can execute arbitrary Java code on the target system. A remote user can overwrite arbitrary files on the target system. A remote user can send specially

96

V-030: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

30: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny 30: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service V-030: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service November 21, 2012 - 3:00am Addthis PROBLEM: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service PLATFORM: ColdFusion 10 Update 1 and above for Windows ABSTRACT: Adobe ColdFusion Denial of Service Vulnerability REFERENCE LINKS: Adobe Vulnerability identifier: APSB12-25 SecurityTracker Alert ID: 1027787 Secunia Advisory SA51335 CVE-2012-5674 IMPACT ASSESSMENT: High DISCUSSION: A vulnerability was reported in Adobe ColdFusion. A remote user can cause denial of service conditions. A remote user can send specially crafted data to cause unspecified denial of service conditions on the target ColdFusion service on Windows Internet

97

U-222: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, 2: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information U-222: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information July 27, 2012 - 7:00am Addthis PROBLEM: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information PLATFORM: Version(s):Apple Safari prior to 6.0 ABSTRACT: Multiple vulnerabilities were reported in Apple Safari. reference LINKS: The Vendor's Advisory Bugtraq ID: 54683 SecurityTracker Alert ID: 1027307 IMPACT ASSESSMENT:

98

U-279: Cisco Firewall Services Module Bugs Let Remote Users Execute  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Cisco Firewall Services Module Bugs Let Remote Users Execute 9: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service U-279: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service October 11, 2012 - 6:00am Addthis PROBLEM: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service PLATFORM: Version(s): prior to 4.1(9) ABSTRACT: Several vulnerabilities were reported in Cisco Firewall Services Module. reference LINKS: Cisco Advisory ID: cisco-sa-20121010-fwsm SecurityTracker Alert ID: 1027640 CVE-2012-4661 CVE-2012-4662 CVE-2012-4663 IMPACT ASSESSMENT: High Discussion: A remote user can send specially crafted DCERPC data through the target device to trigger a stack overflow in the DCERPC inspection engine and execute arbitrary code on the target device or cause the target device to

99

V-160: Wireshark Multiple Bugs Let Remote Users Deny Service | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

60: Wireshark Multiple Bugs Let Remote Users Deny Service 60: Wireshark Multiple Bugs Let Remote Users Deny Service V-160: Wireshark Multiple Bugs Let Remote Users Deny Service May 21, 2013 - 12:09am Addthis PROBLEM: Wireshark Multiple Bugs Let Remote Users Deny Service PLATFORM: Versions 1.8.0 to 1.8.6 ABSTRACT: Multiple vulnerabilities have been reported in Wireshark REFERENCE LINKS: Wireshark Docid: wnpa-sec-2013-23 Secunia Advisory SA53425 SecurityTracker Alert ID: 1028582 CVE-2013-2486 CVE-2013-2487 IMPACT ASSESSMENT: Medium DISCUSSION: Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error in the RELOAD dissector (dissectors/packet-reload.c) can be exploited to trigger infinite loops and consume CPU resources via specially

100

U-005: Apache mod_proxy Pattern Matching Bug Lets Remote Users Access  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Apache mod_proxy Pattern Matching Bug Lets Remote Users 5: Apache mod_proxy Pattern Matching Bug Lets Remote Users Access Internal Servers U-005: Apache mod_proxy Pattern Matching Bug Lets Remote Users Access Internal Servers October 6, 2011 - 9:30am Addthis PROBLEM: Apache mod_proxy Pattern Matching Bug Lets Remote Users Access Internal Servers. PLATFORM: Apache HTTP Server 1.3.x, 2.2.21 and prior versions ABSTRACT: A remote user can access internal servers. reference LINKS: The Apache HTTP Server Project SecurityTracker Alert ID: 1026144 CVE-2011-3368 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Apache mod_proxy. A remote user can access internal servers. When this system is configured in reverse proxy mode and uses the RewriteRule or ProxyPassMatch directives with a pattern match, a remote user can send a specially crafted request to access internal

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


101

V-110: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary 0: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code V-110: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code March 13, 2013 - 12:04am Addthis PROBLEM: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): 1.6.602.171 and prior for Windows/Mac; other versions on other platforms ABSTRACT: Several vulnerabilities were reported in Adobe Flash Player. REFERENCE LINKS: Adobe Vulnerability identifier: APSB13-09 SecurityTracker Alert ID: 1028277 CVE-2013-0646 CVE-2013-0650 CVE-2013-1371 CVE-2013-1375 IMPACT ASSESSMENT: High DISCUSSION: A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target user's system. The code will run with the privileges of the target user.

102

U-012: BlackBerry Enterprise Server Collaboration Service Bug Lets Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

12: BlackBerry Enterprise Server Collaboration Service Bug Lets 12: BlackBerry Enterprise Server Collaboration Service Bug Lets Remote Users Impersonate Intra-organization Messages U-012: BlackBerry Enterprise Server Collaboration Service Bug Lets Remote Users Impersonate Intra-organization Messages October 17, 2011 - 9:45am Addthis PROBLEM: BlackBerry Enterprise Server Collaboration Service Bug Lets Remote Users Impersonate Intra-organization Messages. PLATFORM: Exchange and Domino 5.0.3 through 5.0.3 MR4 BlackBerry Client for use with Microsoft Office Communications Server 2007 R2 BlackBerry Client for use with Microsoft Lync Server 2010 ABSTRACT: A vulnerability was reported in BlackBerry Enterprise Server. A remote user can impersonate another messaging user within the same organization. reference LINKS: BlackBerry Security Advisory ID: KB28524

103

U-071:HP Database Archiving Software Bugs Let Remote Users Execute  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1:HP Database Archiving Software Bugs Let Remote Users Execute 1:HP Database Archiving Software Bugs Let Remote Users Execute Arbitrary Code U-071:HP Database Archiving Software Bugs Let Remote Users Execute Arbitrary Code December 29, 2011 - 8:15am Addthis PROBLEM: HP Database Archiving Software Bugs Let Remote Users Execute Arbitrary Code PLATFORM: HP Database Archiving Software v6.31 ABSTRACT: A remote user can execute arbitrary code on the target system. reference LINKS: HP Database Document ID: c03128302 SecurityTracker Alert ID: 1026467 CVE-2011-4163 CVE-2011-4164 CVE-2011-4165 IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in HP Database Archiving Software. A remote user can execute arbitrary code on the target system. Impact: A remote user can execute arbitrary code on the target system. Solution:

104

U-112: PostgreSQL Bugs Let Remote Authenticated Users Gain Elevated  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: PostgreSQL Bugs Let Remote Authenticated Users Gain Elevated 2: PostgreSQL Bugs Let Remote Authenticated Users Gain Elevated Privileges, Inject SQL Commands, and Spoof Certificates U-112: PostgreSQL Bugs Let Remote Authenticated Users Gain Elevated Privileges, Inject SQL Commands, and Spoof Certificates February 28, 2012 - 8:45am Addthis PROBLEM: A vulnerability was reported in PostgreSQL. PLATFORM: Version(s): prior to 8.3.18, 8.4.11, 9.0.7, 9.1.3 ABSTRACT: A remote authenticated user can gain elevated privileges. A remote authenticated user can inject SQL commands. A remote user can spoof connections in certain cases. reference LINKS: Vendor Advisory Security Tracker ID 1026744 CVE-2012-0866 IMPACT ASSESSMENT: Medium Discussion: For trigger functions marked SECURITY DEFINER, a remote authenticated user can execute a trigger function and gain elevated privileges CVE-2012-0866.

105

V-203: HP LoadRunner Multiple Bugs Let Remote Users Deny Service and  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: HP LoadRunner Multiple Bugs Let Remote Users Deny Service 3: HP LoadRunner Multiple Bugs Let Remote Users Deny Service and Execute Arbitrary Code V-203: HP LoadRunner Multiple Bugs Let Remote Users Deny Service and Execute Arbitrary Code July 26, 2013 - 3:31am Addthis PROBLEM: A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions. PLATFORM: HP LoadRunner prior to 11.52 ABSTRACT: Multiple vulnerabilities were reported in HP LoadRunner. REFERENCE LINKS: Security Tracker Alert ID: 1028833 CVE-2013-2368 CVE-2013-2369 CVE-2013-2370 CVE-2013-4797 CVE-2013-4798 CVE-2013-4799 CVE-2013-4800 CVE-2013-4801 IMPACT ASSESSMENT: Medium DISCUSSION: Potential security vulnerabilities have been identified with HP LoadRunner. The vulnerabilities could be remotely exploited to allow execution of code

106

V-127: Samba Bug Lets Remote Authenticated Users Modify Files | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Samba Bug Lets Remote Authenticated Users Modify Files 7: Samba Bug Lets Remote Authenticated Users Modify Files V-127: Samba Bug Lets Remote Authenticated Users Modify Files April 5, 2013 - 6:00am Addthis PROBLEM: A vulnerability was reported in Samba. PLATFORM: The vulnerabilities are reported in version(s): 3.6.0 - 3.6.5 ABSTRACT: A remote authenticated user can modify files on the target share REFERENCE LINKS: SecurityTracker Alert ID: 1028389 Samba Security Announcement CVE-2013-0454 IMPACT ASSESSMENT: Medium DISCUSSION: A remote authenticated user can perform operations on the target CIFS export that are not permitted by the CIFS share access control settings. This may include writing to read-only shares. IMPACT: Modification of user information SOLUTION: Update to 3.6.6 and higher or apply the following patch Addthis

107

V-127: Samba Bug Lets Remote Authenticated Users Modify Files | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Samba Bug Lets Remote Authenticated Users Modify Files 7: Samba Bug Lets Remote Authenticated Users Modify Files V-127: Samba Bug Lets Remote Authenticated Users Modify Files April 5, 2013 - 6:00am Addthis PROBLEM: A vulnerability was reported in Samba. PLATFORM: The vulnerabilities are reported in version(s): 3.6.0 - 3.6.5 ABSTRACT: A remote authenticated user can modify files on the target share REFERENCE LINKS: SecurityTracker Alert ID: 1028389 Samba Security Announcement CVE-2013-0454 IMPACT ASSESSMENT: Medium DISCUSSION: A remote authenticated user can perform operations on the target CIFS export that are not permitted by the CIFS share access control settings. This may include writing to read-only shares. IMPACT: Modification of user information SOLUTION: Update to 3.6.6 and higher or apply the following patch Addthis

108

Nonextensive entropic kernels  

Science Conference Proceedings (OSTI)

Positive definite kernels on probability measures have been recently applied in structured data classification problems. Some of these kernels are related to classic information theoretic quantities, such as mutual information and the Jensen-Shannon ...

Andr F. T. Martins; Mrio A. T. Figueiredo; Pedro M. Q. Aguiar; Noah A. Smith; Eric P. Xing

2008-07-01T23:59:59.000Z

109

V-202: Cisco Video Surveillance Manager Bugs Let Remote Users...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Cisco Video Surveillance Manager Bugs Let Remote Users Obtain Potentially Sensitive Information V-202: Cisco Video Surveillance Manager Bugs Let Remote Users Obtain Potentially...

110

V-149: Microsoft Internet Explorer Object Access Bug Lets Remote...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary Code V-149: Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary...

111

Scale Insects and Mealy Bugs  

NLE Websites -- All DOE Office Websites (Extended Search)

Scale Insects and Mealy Bugs Scale Insects and Mealy Bugs Nature Bulletin No. 404-A January 30, 1971 Forest Preserve District of Cook County George W. Dunne, President Roland F. Eisenbeis, Supt. of Conservation SCALE INSECTS AND MEALY BUGS The insect world contains an enormous number and variety of species but, of them all, the Scale Insects and Mealy Bugs come nearest to being vegetables. Most insects are active animals that fly, hop, scamper, crawl or burrow, but these queer creatures spend most of their lives merely sitting in one spot, sucking plant juices from a branch, twig, leaf, or fruit. Some of our most destructive pests are included among the several hundred kinds of these highly specialized insects. They are so small that the average person seldom realizes that they are responsible for the sickly or dying condition of a tree or shrub. Adult scale insects are extremely variable in shape, and range in size from that of a pinhead up to forms which are a quarter of an inch long. Each hides under a hard protective shell, or scale, of wax secreted by pores on its body, and are frequently so numerous that they form a dense crust. The females molt a few times, and usually discard their legs and wings, before they mature. She lays eggs under the scale and then dies. These hatch into young (called "crawlers") which move around for a period varying from a few hours to a day or two before they settle down and build scales. Unlike the female, the male -always the smaller of the two -- goes through a cocoon stage from which he emerges with a pair of wings but with no means of taking food. He merely mates and dies. Males are scarce In most kinds and in many species have never been seen.

112

U-085: OpenSSL DTLS Bug Lets Remote Users Deny Service | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: OpenSSL DTLS Bug Lets Remote Users Deny Service 5: OpenSSL DTLS Bug Lets Remote Users Deny Service U-085: OpenSSL DTLS Bug Lets Remote Users Deny Service January 20, 2012 - 9:15am Addthis PROBLEM: OpenSSL DTLS Bug Lets Remote Users Deny Service PLATFORM: Only DTLS applications using OpenSSL 1.0.0f and 0.9.8s are affected. ABSTRACT: A flaw in the fix to CVE-2011-4108 can be exploited in a denial of service attack. REFERNCE LINKS: CVE-2012-0050 SecurityTracker Alert ID: 1026548 OpenSSL Security Advisory [18 Jan 2011] OpenSSL News IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in OpenSSL. The fix to correct the Datagram Transport Layer Security (DTLS) vulnerability referenced by CVE-2011-4108 introduced a flaw. A remote user can send specially crafted data to cause denial of service conditions on the target system.

113

U-036: Apple iOS Bugs Let Remote Users Execute Arbitrary Code | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Apple iOS Bugs Let Remote Users Execute Arbitrary Code 6: Apple iOS Bugs Let Remote Users Execute Arbitrary Code U-036: Apple iOS Bugs Let Remote Users Execute Arbitrary Code November 15, 2011 - 8:00am Addthis PROBLEM: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Obtain Information and Let Local Users Bypass Authentication. PLATFORM: iOS 3.0 through 5.0 for iPhone 3GS iPhone 4 and iPhone 4S iOS 3.1 through 5.0 for iPod touch (3rd generation) and later iOS 3.2 through 5.0 for iPad, iOS 4.3 through 5.0 for iPad 2 ABSTRACT: A remote user can create content that, when loaded by the target user, will execute arbitrary code on or obtain potentially sensitive information from the target user's system. reference LINKS: Apple Security Article: HT5052 Apple Product Security SecurityTracker Alert ID: 1026311 IMPACT ASSESSMENT:

114

V-202: Cisco Video Surveillance Manager Bugs Let Remote Users Obtain  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Cisco Video Surveillance Manager Bugs Let Remote Users 2: Cisco Video Surveillance Manager Bugs Let Remote Users Obtain Potentially Sensitive Information V-202: Cisco Video Surveillance Manager Bugs Let Remote Users Obtain Potentially Sensitive Information July 25, 2013 - 2:52am Addthis PROBLEM: A remote user can obtain potentially sensitive information and modify some configuration settings. A remote user can exploit this to create, modify, and remove camera feeds, archives, logs, and users. PLATFORM: Cisco Video Surveillance Manager 7.1, 7.5 ABSTRACT: Two vulnerabilities were reported in Cisco Video Surveillance Manager REFERENCE LINKS: Security Tracker Alert ID: 1028827 CVE-2013-3429 CVE-2013-3430 CVE-2013-3431 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is due to an access control error that occurred. The

115

U-192: VMware Workstation/Player VM Remote Device Bug Lets Local or Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

92: VMware Workstation/Player VM Remote Device Bug Lets Local or 92: VMware Workstation/Player VM Remote Device Bug Lets Local or Remote Users Deny Service U-192: VMware Workstation/Player VM Remote Device Bug Lets Local or Remote Users Deny Service June 15, 2012 - 7:00am Addthis PROBLEM: A vulnerability was reported in VMware Workstation/Player. PLATFORM: Version(s): Workstation 8.x, Player 4.x aBSTRACT: A local or remote user can cause denial of service conditions on the target virtual system. reference LINKS: Vendor Advisory Security Tracker ID 1027173 CVE-2012-3289 IMPACT ASSESSMENT: High Discussion: A user with the ability to modify communications data between a remote virtual device (e.g., CD-ROM, keyboard) located on a physically separate system and the target virtual machine can cause the target virtual machine to crash.

116

U-092: Sudo Format String Bug Lets Local Users Gain Elevated Privileges |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Sudo Format String Bug Lets Local Users Gain Elevated 2: Sudo Format String Bug Lets Local Users Gain Elevated Privileges U-092: Sudo Format String Bug Lets Local Users Gain Elevated Privileges January 31, 2012 - 5:45am Addthis PROBLEM: A vulnerability was reported in Sudo. A local user can obtain elevated privileges on the target system. PLATFORM: Linux (Any) Version(s): 1.8.0 - 1.8.3p1 ABSTRACT: A local user can supply a specially crafted command line argument to trigger a format string flaw and execute arbitrary commands on the target system with root privileges. reference LINKS: CVE-2012-0809 SecurityTracker Alert ID: 1026600 Vendor Site IMPACT ASSESSMENT: Medium Discussion: The vulnerability resides in the sudo_debug() function in 'src/sudo.c'. This can be exploited by local users, regardless of whether they are listed

117

U-110: Samba Bug Lets Remote Users Execute Arbitrary Code | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Samba Bug Lets Remote Users Execute Arbitrary Code 0: Samba Bug Lets Remote Users Execute Arbitrary Code U-110: Samba Bug Lets Remote Users Execute Arbitrary Code February 24, 2012 - 7:30am Addthis PROBLEM: A vulnerability was reported in Samba. PLATFORM: Version(s): prior to 3.4.0 ABSTRACT: A remote user can send specially crafted data to the smbd service to trigger a flaw in chain_reply() and construct_reply() and execute arbitrary code on the target system. reference LINKS: Vendor Advisory Security Tracker ID 1026739 CVE-2012-0870 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Samba. A remote user can execute arbitrary code on the target system. A remote user can send specially crafted data to the smbd service to trigger a flaw in chain_reply() and construct_reply() and execute arbitrary code on the target system. The code will run with the

118

U-184: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U-184: Mozilla Firefox Multiple Bugs Let Remote Users Execute U-184: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code U-184: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code June 6, 2012 - 7:00am Addthis PROBLEM: Multiple vulnerabilities were reported in Mozilla Firefox. PLATFORM: Version(s): prior to 13.0 ABSTRACT: A remote user can cause arbitrary code to be executed on the target user's system. A remote user can conduct cross-site scripting attacks. A remote user can obtain potentially sensitive information. Reference Links: Security Tracker ID 1027120 CVE-2012-0441,CVE-2012-1937 Vendor URL IMPACT ASSESSMENT: High Discussion: A remote user can create specially crafted content that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary code on the target system [CVE-2012-1937 , CVE-2012-1938, CVE-2012-1939 ].

119

U-192 VMware Workstation/Player VM Remote Device Bug Lets Local or Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

VMware Workstation/Player VM Remote Device Bug Lets Local or VMware Workstation/Player VM Remote Device Bug Lets Local or Remote Users Deny Service U-192 VMware Workstation/Player VM Remote Device Bug Lets Local or Remote Users Deny Service June 15, 2012 - 7:00am Addthis PROBLEM: A vulnerability was reported in VMware Workstation/Player. PLATFORM: Version(s): Workstation 8.x, Player 4.x ABSTRACT: A local or remote user can cause denial of service conditions on the target virtual system. reference LINKS: Vendor Advisory Security Tracker ID 1027173 CVE-2012-3289 IMPACT ASSESSMENT: High Discussion: A user with the ability to modify communications data between a remote virtual device (e.g., CD-ROM, keyboard) located on a physically separate system and the target virtual machine can cause the target virtual machine to crash. Impact:

120

V-077: Barracuda SSL VPN Bug Lets Remote Users Bypass Authentication |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Barracuda SSL VPN Bug Lets Remote Users Bypass 7: Barracuda SSL VPN Bug Lets Remote Users Bypass Authentication V-077: Barracuda SSL VPN Bug Lets Remote Users Bypass Authentication January 25, 2013 - 6:00am Addthis PROBLEM: A vulnerability was reported in Barracuda SSL VPN. PLATFORM: The vulnerability has been verified to exist in Barracuda SSL VPN version 2.2.2.203 ABSTRACT: A remote user can gain administrative access to the target system. REFERENCE LINKS: SecurityTracker Alert ID: 1028039 Barracuda Networks Advisory IMPACT ASSESSMENT: High DISCUSSION: A remote user can set a specially crafted Java system property (via 'setSysProp.jsp') to bypass access restrictions and gain access to the API functionality. This can be exploited to download configuration files, download database dumps, shutdown the system, and set new administrative

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


121

U-201: HP System Management Homepage Bugs Let Remote Users Deny Service |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: HP System Management Homepage Bugs Let Remote Users Deny 1: HP System Management Homepage Bugs Let Remote Users Deny Service U-201: HP System Management Homepage Bugs Let Remote Users Deny Service June 28, 2012 - 7:00am Addthis PROBLEM: A vulnerability was reported in HP System Management Homepage. PLATFORM: Version(s): prior to 7.1.1 ABSTRACT: The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. Reference links: Original Advisory Security Tracker ID 1027209 CVE-2012-2012, CVE-2012-2013, CVE-2012-2014 CVE-2012-2015, CVE-2012-2016 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in HP System Management Homepage. A remote authenticated user can gain elevated privileges. A remote authenticated

122

U-088: Symantec pcAnywhere Bugs Let Remote Users Execute Arbitrary Code |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Symantec pcAnywhere Bugs Let Remote Users Execute Arbitrary 8: Symantec pcAnywhere Bugs Let Remote Users Execute Arbitrary Code U-088: Symantec pcAnywhere Bugs Let Remote Users Execute Arbitrary Code January 25, 2012 - 6:00am Addthis PROBLEM: A remote user can execute arbitrary code on the target system. PLATFORM: Version(s): 12.5 SP3; pcAnywhere Solutions 7.1 GA, SP 1, and SP 2 ABSTRACT: Two vulnerabilities were reported in Symantec pcAnywhere. A remote user can execute arbitrary code on the target system. A local user can obtain elevated privileges on the target system. reference LINKS: Symantec Advisory Secunia Advisory SecurityTracker Alert ID:102576 IMPACT ASSESSMENT: Medium Discussion: A remote user can send specially crafted data to TCP port 5631 to trigger a but in the validation of authentication data and execute arbitrary code.

123

U-242: Linux Kernel Netlink SCM_CREDENTIALS Processing Flaw Lets Local  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Linux Kernel Netlink SCM_CREDENTIALS Processing Flaw Lets 2: Linux Kernel Netlink SCM_CREDENTIALS Processing Flaw Lets Local Users Gain Elevated Privileges U-242: Linux Kernel Netlink SCM_CREDENTIALS Processing Flaw Lets Local Users Gain Elevated Privileges August 23, 2012 - 7:00am Addthis PROBLEM: Linux Kernel Netlink SCM_CREDENTIALS Processing Flaw Lets Local Users Gain Elevated Privileges PLATFORM: Linux Kernel 3.2.x Linux Kernel 3.4.x Linux Kernel 3.5.x ABSTRACT: A vulnerability was reported in the Linux Kernel. reference LINKS: The Linux Kernel Archives SecurityTracker Alert ID: 1027434 Secunia Advisory SA50323 CVE-2012-3520 IMPACT ASSESSMENT: Medium Discussion: A local user can obtain elevated privileges on the target system. A local user may be able to send specially crafted Netlink messages to spoof SCM_CREDENTIALS and perform actions with elevated privileges.

124

Finding and understanding bugs in C compilers  

Science Conference Proceedings (OSTI)

Compilers should be correct. To improve the quality of C compilers, we created Csmith, a randomized test-case generation tool, and spent three years using it to find compiler bugs. During this period we reported more than 325 previously unknown bugs ... Keywords: automated testing, compiler defect, compiler testing, random program generation, random testing

Xuejun Yang; Yang Chen; Eric Eide; John Regehr

2011-06-01T23:59:59.000Z

125

Recent advances in kernel machines  

Science Conference Proceedings (OSTI)

This talk will review recent advances in the kernel methods focusing on support vector machines (SVM) for pattern recognition. Topics discussed include the kernel design issue through the multi kernel approach and the optimization issue with emphasis ...

Stphane Canu

2010-11-01T23:59:59.000Z

126

V-029: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

29: Mozilla Firefox Multiple Bugs Let Remote Users Execute 29: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks V-029: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks November 21, 2012 - 2:00am Addthis PROBLEM: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks PLATFORM: Version(s): prior to 17.0 ABSTRACT: Multiple vulnerabilities were reported in Mozilla Firefox REFERENCE LINKS: Mozilla Foundation Security Advisories Bugtraq ID: 55260 SecurityTracker Alert ID: 1027791 CVE-2012-4201, CVE-2012-4202, CVE-2012-4203, CVE-2012-4204, CVE-2012-4205, CVE-2012-4206, CVE-2012-4207,CVE-2012-4208, CVE-2012-4209, CVE-2012-4210, CVE-2012-4212, CVE-2012-4213, CVE-2012-4214, CVE-2012-4215, CVE-2012-4216,

127

V-031: IBM WebSphere DataPower XC10 Appliance Bugs Let Remote Authenticated  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: IBM WebSphere DataPower XC10 Appliance Bugs Let Remote 1: IBM WebSphere DataPower XC10 Appliance Bugs Let Remote Authenticated Users Gain Elevated Privileges and Remote Users Deny Service V-031: IBM WebSphere DataPower XC10 Appliance Bugs Let Remote Authenticated Users Gain Elevated Privileges and Remote Users Deny Service November 22, 2012 - 3:00am Addthis PROBLEM: IBM WebSphere DataPower XC10 Appliance Bugs Let Remote Authenticated Users Gain Elevated Privileges and Remote Users Deny Service PLATFORM: Version(s): XC10 2.0.0.0 - 2.0.0.3, 2.1.0.0 - 2.1.0.2 ABSTRACT: Several vulnerabilities were reported in IBM WebSphere DataPower. REFERENCE LINKS: IBM Security Bulletin SecurityTracker Alert ID: 1027798 CVE-2012-5758 CVE-2012-5759 CVE-2012-5756 IMPACT ASSESSMENT: High DISCUSSION: Several vulnerabilities were reported in IBM WebSphere DataPower. A remote

128

U-119: Blackberry PlayBook Unspecified WebKit Bug Lets Remote Users Execute  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Blackberry PlayBook Unspecified WebKit Bug Lets Remote Users 9: Blackberry PlayBook Unspecified WebKit Bug Lets Remote Users Execute Arbitrary Code U-119: Blackberry PlayBook Unspecified WebKit Bug Lets Remote Users Execute Arbitrary Code March 7, 2012 - 7:00am Addthis PROBLEM: Blackberry PlayBook Unspecified WebKit Bug Lets Remote Users Execute Arbitrary Code PLATFORM: BlackBerry 6, BlackBerry 7, BlackBerry 7.1, and BlackBerry PlayBook tablet software ABSTRACT: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system. reference LINKS: SecurityTracker Alert ID: 1026769 BlackBerry Security Notice Article ID: KB30152 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Blackberry PlayBook. A remote user can cause arbitrary code to be executed on the target user's system. A remote

129

U-037: Linux Kernel NFSv4 ACL Attribute Processing Error Lets Remote Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Linux Kernel NFSv4 ACL Attribute Processing Error Lets 7: Linux Kernel NFSv4 ACL Attribute Processing Error Lets Remote Users Execute Arbitrary Code U-037: Linux Kernel NFSv4 ACL Attribute Processing Error Lets Remote Users Execute Arbitrary Code November 16, 2011 - 7:43am Addthis PROBLEM: Linux Kernel NFSv4 ACL Attribute Processing Error Lets Remote Users Execute Arbitrary Code. PLATFORM: Kernel version 2.6.x ABSTRACT: A remote server can cause the target connected client to crash. reference LINKS: The Linux Kernel Archives CVE-2011-4131 SecurityTracker Alert ID: 1026324 Linux Kernel [PATCH 1/1] NFSv4 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in the Linux Kernel. A remote user can cause denial of service conditions. Impact: A remote server can return specially crafted data to the connected target

130

T-571: Linux Kernel dns_resolver Key Processing Error Lets Local Users Deny  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Linux Kernel dns_resolver Key Processing Error Lets Local 1: Linux Kernel dns_resolver Key Processing Error Lets Local Users Deny Services T-571: Linux Kernel dns_resolver Key Processing Error Lets Local Users Deny Services March 7, 2011 - 3:05pm Addthis PROBLEM: Linux Kernel dns_resolver Key Processing Error Lets Local Users Deny Services. PLATFORM: Linux Kernel 2.6.37 and prior versions ABSTRACT: A vulnerability was reported in the Linux Kernel. A local user can cause denial of service conditions. reference LINKS: SecurityTracker Alert ID:1025162 Latest Stable Kernel CVE-2011-1076 IMPACT ASSESSMENT: High Discussion: When a DNS resolver key is instantiated with an error indication, a local user can attempt to read the key to trigger a null pointer dereference and cause a kernel crash. A local user can cause the target system to crash.

131

Dynamically fighting bugs : prevention, detection and elimination  

E-Print Network (OSTI)

This dissertation presents three test-generation techniques that are used to improve software quality. Each of our techniques targets bugs that are found by different stake-holders: developers, testers, and maintainers. ...

Artzi, Shay

2009-01-01T23:59:59.000Z

132

Adaptive kernel principal component analysis  

Science Conference Proceedings (OSTI)

An adaptive kernel principal component analysis (AKPCA) method, which has the flexibility to accurately track the kernel principal components (KPC), is presented. The contribution of this paper may be divided into two parts. First, KPC are recursively ... Keywords: Adaptive method, Kernel principal component, Kernel principal component analysis, Non-stationary data, Recursive algorithm

Mingtao Ding; Zheng Tian; Haixia Xu

2010-05-01T23:59:59.000Z

133

U-165: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and 5: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs U-165: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs May 9, 2012 - 7:00am Addthis PROBLEM: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs PLATFORM: prior to 5.1.1; iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 ABSTRACT: Two vulnerabilities were reported in Apple iOS. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can spoof the address bar URL. reference LINKS: SecurityTracker Alert ID: 1027028 CVE-2012-0672 CVE-2012-0674 IMPACT ASSESSMENT: Medium Discussion: A remote user can create a specially crafted file that, when loaded by the

134

T-714:Wireshark OpenSafety and CSN.1 Dissector Bugs | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

714:Wireshark OpenSafety and CSN.1 Dissector Bugs 714:Wireshark OpenSafety and CSN.1 Dissector Bugs T-714:Wireshark OpenSafety and CSN.1 Dissector Bugs September 12, 2011 - 9:00am Addthis PROBLEM: Several vulnerabilities were reported in Wireshark. A remote user can cause denial of service conditions. PLATFORM: Version(s): 1.4.0 to 1.4.8, 1.6.0 to 1.6.1 ABSTRACT: Wireshark OpenSafety and CSN.1 Dissector Bugs Lets Remote Users Deny Service. reference LINKS: Wireshark 1.6.2 Release Notes Wireshark 1.4.9 Release Notes Docid: wnpa-sec-2011-12 Docid: wnpa-sec-2011-14 Docid: wnpa-sec-2011-15 Docid: wnpa-sec-2011-16 SecurityTracker Alert ID: 1026030 IMPACT ASSESSMENT: High Discussion: A remote user can cause arbitrary scripting code to be executed on the target user's system. A large loop in the OpenSafety dissector could cause a crash. A remote user

135

T-579: BlackBerry Device Software Bug in WebKit Lets Remote Users Execute  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: BlackBerry Device Software Bug in WebKit Lets Remote Users 9: BlackBerry Device Software Bug in WebKit Lets Remote Users Execute Code T-579: BlackBerry Device Software Bug in WebKit Lets Remote Users Execute Code March 15, 2011 - 5:05pm Addthis PROBLEM: A vulnerability was reported in BlackBerry Device Software. A remote user can cause arbitrary code to be executed on the target user's system. PLATFORM: BlackBerry Device Software version 6.0 and later. ABSTRACT: BlackBerry Device Software Bug in WebKit Lets Remote Users Execute Code. reference LINKS: BlackBerry Advisory: KB26132 CVE-2011-1290 BlackBerry Security Note BlackBerry Device Storage IMPACT ASSESSMENT: Moderate Discussion: A vulnerability exists in the open source WebKit browser engine provided in BlackBerry Device Software version 6.0 and later. The issue could result in

136

U-165: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and 5: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs U-165: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs May 9, 2012 - 7:00am Addthis PROBLEM: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs PLATFORM: prior to 5.1.1; iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 ABSTRACT: Two vulnerabilities were reported in Apple iOS. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can spoof the address bar URL. reference LINKS: SecurityTracker Alert ID: 1027028 CVE-2012-0672 CVE-2012-0674 IMPACT ASSESSMENT: Medium Discussion: A remote user can create a specially crafted file that, when loaded by the

137

U-176: Wireshark Multiple Bugs Let Remote Users Deny Service | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U-176: Wireshark Multiple Bugs Let Remote Users Deny Service U-176: Wireshark Multiple Bugs Let Remote Users Deny Service U-176: Wireshark Multiple Bugs Let Remote Users Deny Service May 24, 2012 - 7:00am Addthis PROBLEM: Wireshark Multiple Bugs Let Remote Users Deny Service PLATFORM: 1.4.0 to 1.4.12, 1.6.0 to 1.6.7 ABSTRACT: Several vulnerabilities were reported in Wireshark. A remote user can cause denial of service conditions. Reference Links: SecurityTracker Alert ID: 1027094 CVE-2012-2392 CVE-2012-2393 CVE-2012-2394 IMPACT ASSESSMENT: Medium Discussion: A remote user can send specially crafted ANSI MAP, ASF, BACapp, Bluetooth HCI, IEEE 802.11, IEEE 802.3, LTP, and R3 data to cause Wireshark to hang or enter an infinite loop. A remote user can cause the DIAMETER dissector to crash. A remote user can trigger a memory error on SPARC or Itanium processors and

138

U-153: EMC Data Protection Advisor Server and Collector Bugs...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: EMC Data Protection Advisor Server and Collector Bugs Let Remote Users Deny Service U-153: EMC Data Protection Advisor Server and Collector Bugs Let Remote Users Deny Service...

139

V-128: Xen Event Channel Tracking Pointer Bug Local Privilege...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Xen Event Channel Tracking Pointer Bug Local Privilege Escalation V-128: Xen Event Channel Tracking Pointer Bug Local Privilege Escalation April 8, 2013 - 12:28am Addthis...

140

Microsoft Windows Vista Kernel Mode Security Support ...  

Science Conference Proceedings (OSTI)

... Corporation on the issues discussed as ... 24 6 OPERATIONAL ENVIRONMENT ..... ... key is EOR'ed with ...

2012-09-07T23:59:59.000Z

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


141

V-156: Linux Kernel Array Bounds Checking Flaw Lets Local Users Gain  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Linux Kernel Array Bounds Checking Flaw Lets Local Users 6: Linux Kernel Array Bounds Checking Flaw Lets Local Users Gain Elevated Privileges V-156: Linux Kernel Array Bounds Checking Flaw Lets Local Users Gain Elevated Privileges May 15, 2013 - 12:19am Addthis PROBLEM: Linux Kernel Array Bounds Checking Flaw Lets Local Users Gain Elevated Privileges PLATFORM: Version(s): 2.6.37 to 3.8.9 ABSTRACT: A vulnerability was reported in the Linux Kernel. REFERENCE LINKS: Linux Kernel SecurityTracker Alert ID: 1028565 CVE-2013-2094 IMPACT ASSESSMENT: Medium DISCUSSION: On systems compiled with PERF_EVENTS support, a local user can supply a specially crafted perf_event_open() call to execute arbitrary code on the target system with root privileges. The vulnerability resides in the perf_swevent_init() function in 'kernel/events/core.c'.

142

U-056: Linux Kernel HFS Buffer Overflow Lets Local Users Gain Root  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Linux Kernel HFS Buffer Overflow Lets Local Users Gain Root 6: Linux Kernel HFS Buffer Overflow Lets Local Users Gain Root Privileges U-056: Linux Kernel HFS Buffer Overflow Lets Local Users Gain Root Privileges December 9, 2011 - 8:00am Addthis PROBLEM: Linux Kernel HFS Buffer Overflow Lets Local Users Gain Root Privileges. PLATFORM: Linux kernel ABSTRACT: A vulnerability was reported in the Linux Kernel. reference LINKS: The Linux Kernel Archives SecurityTracker Alert ID: 1026395 CVE-2011-4330 IMPACT ASSESSMENT: Medium Discussion: When a specially crafted Hierarchical File System (HFS) file system is mounted, a local user can to trigger a buffer overflow and execute arbitrary code on the target system with root privileges. The vulnerability resides in the hfs_mac2asc() function. Impact: A local user can obtain root privileges on the target system.

143

V-210: HP LaserJet Pro Printer Bug Lets Remote Users Access Data |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

V-210: HP LaserJet Pro Printer Bug Lets Remote Users Access Data V-210: HP LaserJet Pro Printer Bug Lets Remote Users Access Data V-210: HP LaserJet Pro Printer Bug Lets Remote Users Access Data August 3, 2013 - 2:37am Addthis PROBLEM: A vulnerability was reported in HP Printers. A remote user can obtain potentially sensitive information. PLATFORM: HP LaserJet Pro products ABSTRACT: A potential security vulnerability has been identified with certain HP LaserJet Pro printers. The vulnerability could be exploited remotely to gain unauthorized access to data. REFERENCE LINKS: SecurityTracker Alert ID 1028869 CVE-2013-4807 Vendor URL IMPACT ASSESSMENT: Medium DISCUSSION: The following models are affected: HP LaserJet Pro P1102w CE657A/CE658A HP LaserJet Pro P1606dn CE749A HP LaserJet Pro M1212nf MFP CE841A HP LaserJet Pro M1213nf MFP CE845A

144

T-633: BIND RRSIG RRsets Negative Caching Off-by-one Bug Lets Remote Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: BIND RRSIG RRsets Negative Caching Off-by-one Bug Lets 3: BIND RRSIG RRsets Negative Caching Off-by-one Bug Lets Remote Users Deny Service T-633: BIND RRSIG RRsets Negative Caching Off-by-one Bug Lets Remote Users Deny Service May 31, 2011 - 3:35pm Addthis PROBLEM: A vulnerability was reported in BIND. A remote user can cause denial of service conditions. PLATFORM: BIND Version(s): 9.4-ESV-R3 and later, 9.6-ESV-R2 and later, 9.6.3, 9.7.1 and later, 9.8.0 and later; prior to 9.4-ESV-R4-P1, 9.6-ESV-R4-P1, 9.7.3-P1, 9.8.0-P2 ABSTRACT: A remote DNS server can supply very large RRSIG RRsets in a negative response to trigger an off-by-one error in a buffer size check and cause the target requesting named process to crash. A remote user can cause named to crash. reference LINKS: SecurityTracker Alert ID: 1025575 SecurityTracker Alert ID: 1025572

145

U-232: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

32: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny 32: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the Host OS U-232: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the Host OS August 10, 2012 - 7:00am Addthis PROBLEM: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the Host OS PLATFORM: This vulnerability effects only Xen 4.0 and 4.1. Xen 3.4 and earlier and xen-unstable are not vulnerable. ABSTRACT: A vulnerability was reported in Xen. A local user on a guest operating system can cause denial of service conditions on the host. reference LINKS: Xen Security Announcements SecurityTracker Alert ID: 1027365 seclists.org CVE-2012-3433 IMPACT ASSESSMENT: Medium Discussion: An HVM guest is able to manipulate its physical address space such that tearing down the guest takes an extended period amount of time searching

146

U-265: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users 5: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain Information and Execute Arbitrary Code U-265: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain Information and Execute Arbitrary Code September 21, 2012 - 6:00am Addthis PROBLEM: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain Information and Execute Arbitrary Code PLATFORM: HP SiteScope v11.10, v11.11, v11.12 for Windows, Linux and Solaris ABSTRACT: A vulnerability was reported in HP SiteScope. reference LINKS: HP Security Bulletin Document ID: c03489683 SecurityTracker Alert ID: 1027547 CVE-2012-3259 CVE-2012-3260 CVE-2012-3261 CVE-2012-3262 CVE-2012-3263 CVE-2012-3264 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in HP SiteScope. A remote user can execute

147

U-265: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users 5: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain Information and Execute Arbitrary Code U-265: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain Information and Execute Arbitrary Code September 21, 2012 - 6:00am Addthis PROBLEM: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain Information and Execute Arbitrary Code PLATFORM: HP SiteScope v11.10, v11.11, v11.12 for Windows, Linux and Solaris ABSTRACT: A vulnerability was reported in HP SiteScope. reference LINKS: HP Security Bulletin Document ID: c03489683 SecurityTracker Alert ID: 1027547 CVE-2012-3259 CVE-2012-3260 CVE-2012-3261 CVE-2012-3262 CVE-2012-3263 CVE-2012-3264 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in HP SiteScope. A remote user can execute

148

U-232: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

32: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny 32: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the Host OS U-232: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the Host OS August 10, 2012 - 7:00am Addthis PROBLEM: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the Host OS PLATFORM: This vulnerability effects only Xen 4.0 and 4.1. Xen 3.4 and earlier and xen-unstable are not vulnerable. ABSTRACT: A vulnerability was reported in Xen. A local user on a guest operating system can cause denial of service conditions on the host. reference LINKS: Xen Security Announcements SecurityTracker Alert ID: 1027365 seclists.org CVE-2012-3433 IMPACT ASSESSMENT: Medium Discussion: An HVM guest is able to manipulate its physical address space such that tearing down the guest takes an extended period amount of time searching

149

What if you could actually trust your kernel?  

Science Conference Proceedings (OSTI)

The advent of formally verified OS kernels means that for the first time we have a truly trustworthy foundation for systems. In this paper we explore the design space this opens up. The obvious applications are in security, although not all of them are ...

Gernot Heiser; Leonid Ryzhyk; Michael Von Tessin; Aleksander Budzynowski

2011-05-01T23:59:59.000Z

150

T-567: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local 7: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users Gain Elevated Privileges T-567: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users Gain Elevated Privileges March 1, 2011 - 6:44pm Addthis PROBLEM: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users Gain Elevated Privileges . PLATFORM: Linux Kernel 2.4.x, 2.6.x ABSTRACT: A vulnerability was reported in the Linux Kernel. A local user may be able to obtain elevated privileges on the target system. A physically local user can connect a storage device with a specially crafted LDM partition table to trigger a buffer overflow in the ldm_frag_add() function in 'fs/partitions/ldm.c' and potentially execute arbitrary code with elevated privileges. reference LINKS: Security Tracker - Alert ID: 1025128

151

T-669: Linux Kernel GFS2 Allocation Error Lets Local Users Deny Service |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

69: Linux Kernel GFS2 Allocation Error Lets Local Users Deny 69: Linux Kernel GFS2 Allocation Error Lets Local Users Deny Service T-669: Linux Kernel GFS2 Allocation Error Lets Local Users Deny Service July 15, 2011 - 2:14am Addthis PROBLEM: A vulnerability was reported in the Linux Kernel. A local user can cause denial of service conditions. PLATFORM: 2.6.39 and prior versions ABSTRACT: Linux Kernel GFS2 Allocation Error Lets Local Users Deny Service. references LINKS: SecurityTracker Alert ID: 1025776 Linux Kernel Updates CVE-2011-2689 IMPACT ASSESSMENT: Medium Discussion: A local user can invoke the gfs2_fallocate() function in 'fs/gfs2/file.c' in certain cases to allocate a non-blksize aligned amount, resulting in an error in subsequent code that requires blksize aligned offsets. Impact: A local user can cause denial of service conditions on the target system.

152

T-567: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local 7: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users Gain Elevated Privileges T-567: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users Gain Elevated Privileges March 1, 2011 - 6:44pm Addthis PROBLEM: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users Gain Elevated Privileges . PLATFORM: Linux Kernel 2.4.x, 2.6.x ABSTRACT: A vulnerability was reported in the Linux Kernel. A local user may be able to obtain elevated privileges on the target system. A physically local user can connect a storage device with a specially crafted LDM partition table to trigger a buffer overflow in the ldm_frag_add() function in 'fs/partitions/ldm.c' and potentially execute arbitrary code with elevated privileges. reference LINKS: Security Tracker - Alert ID: 1025128

153

Kernel Optimizations in SORD  

NLE Websites -- All DOE Office Websites (Extended Search)

Kernel Optimizations in SORD Kernel Optimizations in SORD earthquake dynamic rupture code Geoffrey P. Ely Leadership Computing Facility Argonne National Laboratory MiraCon March 7, 2013 S C E C an NSF+USGS center Acknowledgements Tareq Malas King Abdullah Univ. of Science & Technology Vitali Morozov Argonne Leadership Computing Facility Karen Magerlein IBM Watson Research Center Simulation Scale Outer length scale: ~500km Inner length scale: ~50m Mesh points: ~10 12 Spatial Derivatives f (⇠) = n X ↵, , =0 N ↵ (⇠)f ↵ rf = @f @⇠ · J 1 x y z ⇠ ⌘ ⇣ Equations of Motion Viscoelastic Solid (Kelvin-Voigt Model) Free surface boundary condition ¨ u = 1 ⇢ r · g = r(u + ˙ u) = trace(g) + µ(g + g T ) ⇢ density , µ elastic moduli viscosity u displacement stress tensor ⌧ = · ˆ n = 0 ! Kernel with 12 Streams do l = 1, 400 do k = 1, 400

154

U-241: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information U-241: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information...

155

Multiple kernel learning with gaussianity measures  

Science Conference Proceedings (OSTI)

Kernel methods are known to be effective for nonlinear multivariate analysis. One of the main issues in the practical use of kernel methods is the selection of kernel. There have been a lot of studies on kernel selection and kernel learning. Multiple ...

Hideitsu Hino; Nima Reyhani; Noboru Murata

2012-07-01T23:59:59.000Z

156

Better bases for kernel spaces  

E-Print Network (OSTI)

In this article we investigate the feasibility of constructing stable, local bases for computing with kernels. In particular, we are interested in constructing families $(b_{\\xi})_{\\xi\\in\\Xi}$ that function as bases for kernel spaces $S(k,\\Xi)$ so that each basis function is constructed using very few kernels. In other words, each function $b_{\\zeta}(x) = \\sum_{\\xi\\in\\Xi} A_{\\zeta,\\xi} k(x,\\xi)$ is a linear combination of samples of the kernel with few nonzero coefficients $A_{\\zeta,\\xi}$. This is reminiscent of the construction of the B-spline basis from the family of truncated power functions. We demonstrate that for a large class of kernels (the Sobolev kernels as well as many kernels of polyharmonic and related type) such bases exist. In fact, the basis elements can be constructed using a combination of roughly $O(\\log N)^d$ kernels, where $d$ is the local dimension of the manifold and $N$ is the dimension of the kernel space (i.e. $N=#\\Xi$). Viewing this as a preprocessing step -- the construction of the...

Fuselier, E J; Narcowich, F J; Ward, J D; Wright, G B

2011-01-01T23:59:59.000Z

157

U-029: TCP/IP Services for OpenVMS POP/IMAP Service Bug Lets Remote Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

29: TCP/IP Services for OpenVMS POP/IMAP Service Bug Lets Remote 29: TCP/IP Services for OpenVMS POP/IMAP Service Bug Lets Remote Users Gain Unauthorized Access U-029: TCP/IP Services for OpenVMS POP/IMAP Service Bug Lets Remote Users Gain Unauthorized Access November 8, 2011 - 8:00am Addthis PROBLEM: TCP/IP Services for OpenVMS POP/IMAP Service Bug Lets Remote Users Gain Unauthorized Access. PLATFORM: HP TCP/IP Services for OpenVMS v5.6 and v5.7 on iTanium and ALPHA Servers. ABSTRACT: A remote user can gain unauthorized access reference LINKS: HP Support document ID: c01908983 SecurityTracker Alert ID: 1026279 CVE-2011-3168 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in TCP/IP Services for OpenVMS. A remote user can gain unauthorized access. On systems running POP or IMAP servers, a remote user can gain unauthorized access.

158

An approach to detecting duplicate bug reports using natural language and execution information  

Science Conference Proceedings (OSTI)

An open source project typically maintains an open bug repository so that bug reports from all over the world can be gathered. When a new bug report is submitted to the repository, a person, called a triager, examines whether it is a duplicate of an ... Keywords: duplicate bug report, execution information, information retrieval

Xiaoyin Wang; Lu Zhang; Tao Xie; John Anvik; Jiasu Sun

2008-05-01T23:59:59.000Z

159

Robotic intelligence kernel  

DOE Patents (OSTI)

A robot platform includes perceptors, locomotors, and a system controller. The system controller executes a robot intelligence kernel (RIK) that includes a multi-level architecture and a dynamic autonomy structure. The multi-level architecture includes a robot behavior level for defining robot behaviors, that incorporate robot attributes and a cognitive level for defining conduct modules that blend an adaptive interaction between predefined decision functions and the robot behaviors. The dynamic autonomy structure is configured for modifying a transaction capacity between an operator intervention and a robot initiative and may include multiple levels with at least a teleoperation mode configured to maximize the operator intervention and minimize the robot initiative and an autonomous mode configured to minimize the operator intervention and maximize the robot initiative. Within the RIK at least the cognitive level includes the dynamic autonomy structure.

Bruemmer, David J. (Idaho Falls, ID)

2009-11-17T23:59:59.000Z

160

Sparse RBF Networks with Multi-kernels  

Science Conference Proceedings (OSTI)

While the conventional standard radial basis function (RBF) networks are based on a single kernel, in practice, it is often desirable to base the networks on combinations of multiple kernels. In this paper, a multi-kernel function is introduced by combining ... Keywords: Multi-kernel, Neural networks, Nonlinear system identification, Radial function basis

Lihua Fu; Meng Zhang; Hongwei Li

2010-12-01T23:59:59.000Z

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


161

Heat kernel expansion: user's manual  

E-Print Network (OSTI)

The heat kernel expansion is a very convenient tool for studying one-loop divergences, anomalies and various asymptotics of the effective action. The aim of this report is to collect useful information on the heat kernel coefficients scattered in mathematical and physical literature. We present explicit expressions for these coefficients on manifolds with and without boundaries, subject to local and non-local boundary conditions, in the presence of various types of singularities (e.g., domain walls). In each case the heat kernel coefficients are given in terms of several geometric invariants. These invariants are derived for scalar and spinor theories with various interactions, Yang-Mills fields, gravity, and open bosonic strings. We discuss the relations between the heat kernel coefficients and quantum anomalies, corresponding anomalous actions, and covariant perturbation expansions of the effective action (both "low-" and "high-energy" ones).

D. V. Vassilevich

2003-06-15T23:59:59.000Z

162

Blind multiuser detection based on kernel approximation  

Science Conference Proceedings (OSTI)

A kernel based multiuser detection (MUD) scheme in code-division multiple-access (CDMA) system is proposed. In this scheme, the support vector (SV) under support vector (SVM) framework is obtained through a kernel sparsity approximation, which regulates ...

Tao Yang; Bo Hu

2006-05-01T23:59:59.000Z

163

T-653: Linux Kernel sigqueueinfo() Process Lets Local Users Send Spoofed  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

53: Linux Kernel sigqueueinfo() Process Lets Local Users Send 53: Linux Kernel sigqueueinfo() Process Lets Local Users Send Spoofed Signals T-653: Linux Kernel sigqueueinfo() Process Lets Local Users Send Spoofed Signals June 23, 2011 - 4:49am Addthis PROBLEM: Userland should be able to trust the pid and uid of the sender of a signal if the si_code is SI_TKILL. PLATFORM: Version(s): prior to 2.6.38 ABSTRACT: A vulnerability was reported in the Linux Kernel. A local user can send spoofed signals to other processes in certain cases. reference LINKS: OSVDB ID: 71652 SecurityTracker Alert ID: 1025690 Linux Update CVE-2011-1182 Linux Reference 1 Linux Reference 2 IMPACT ASSESSMENT: High Discussion: A local user with the ability to send signals to a process can spoof the uid and pid of the sending process via the sigqueueinfo() system call.

164

U-092: Sudo Format String Bug Lets Local Users Gain Elevated...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Sudo Format String Bug Lets Local Users Gain Elevated Privileges U-092: Sudo Format String Bug Lets Local Users Gain Elevated Privileges January 31, 2012 - 5:45am Addthis...

165

V-183: Cisco TelePresence TC and TE Bugs Let Remote Users Deny...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Cisco TelePresence TC and TE Bugs Let Remote Users Deny Service and Remote Adjacent Authenticated Users Gain Root Shell Access V-183: Cisco TelePresence TC and TE Bugs Let...

166

V-016: HP Performance Insight Bugs with Sybase Database Let Remote...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Performance Insight Bugs with Sybase Database Let Remote Users Deny Service and Take Full Control of the Target System V-016: HP Performance Insight Bugs with Sybase Database Let...

167

U-045: Windows Win32k.sys Keyboard Layout Bug Lets Local Users...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny Service U-045: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny Service November 25, 2011 - 9:00am...

168

T-568: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

68: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site Request Forgery Attacks and Execute Arbitrary Code T-568: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site...

169

Microsoft Word - BUGS_The Next Smart Grid Peak Resource Final...  

NLE Websites -- All DOE Office Websites (Extended Search)

April 15, 2010 DOENETL-20101406 Backup Generators (BUGS): The Next Smart Grid Peak Resource Backup Generators (BUGS): The Next Smart Grid Peak Resource v1.0 ii DISCLAIMER This...

170

Forecasting foreign exchange rates using kernel methods  

Science Conference Proceedings (OSTI)

First, the all-important no free lunch theorems are introduced. Next, kernel methods, support vector machines (SVMs), preprocessing, model selection, feature selection, SVM software and the Fisher kernel are introduced and discussed. A hidden Markov ... Keywords: Forecasting, Foreign exchange, Kernel methods

Martin Sewell; John Shawe-Taylor

2012-07-01T23:59:59.000Z

171

Structural Modelling with Sparse Kernels  

Science Conference Proceedings (OSTI)

A widely acknowledged drawback of many statistical modelling techniques, commonly used in machine learning, is that the resulting model is extremely difficult to interpret. A number of new concepts and algorithms have been introduced by researchers to ... Keywords: ANOVA, Kernel methods, model interpretability, sparse structure, transparency

S. R. Gunn; J. S. Kandola

2002-09-01T23:59:59.000Z

172

Adaptive wiener image restoration kernel  

DOE Patents (OSTI)

A method and device for restoration of electro-optical image data using an adaptive Wiener filter begins with constructing imaging system Optical Transfer Function, and the Fourier Transformations of the noise and the image. A spatial representation of the imaged object is restored by spatial convolution of the image using a Wiener restoration kernel.

Yuan, Ding (Henderson, NV)

2007-06-05T23:59:59.000Z

173

Bed bugs are blood-sucking insects in the family Cimicidae. Both nymphs  

E-Print Network (OSTI)

- trol this pest. IDENTIFICATION AND LIFE CYCLE Adult bed bugs (Figure 1) are oval, wing- less, about 1/5 inch long, and rusty red or mahogany. Their bodies are flattened, they have well-developed antennae, conenose bugs (also known as kissing bugs), by their smaller size, more rounded shape, and lack of wings

Hammock, Bruce D.

174

ConAir: featherweight concurrency bug recovery via single-threaded idempotent execution  

Science Conference Proceedings (OSTI)

Many concurrency bugs are hidden in deployed software and cause severe failures for end-users. When they finally manifest and become known by developers, they are difficult to fix correctly. To support end-users, we need techniques that ... Keywords: bug fixing, concurrency bugs, failure recovery, idempotency, static analysis

Wei Zhang; Marc de Kruijf; Ang Li; Shan Lu; Karthikeyan Sankaralingam

2013-04-01T23:59:59.000Z

175

Design of specific-to-problem kernels and use of kernel weighted K-nearest neighbours for time series modelling  

Science Conference Proceedings (OSTI)

Least squares support vector machines (LSSVM) with Gaussian kernel represent the most used of the kernel methods existing in the literature for regression and time series prediction. These models have a good behaviour for these types of problems due ... Keywords: Kernel methods, Kernel weighted K-Nearest Neighbours, Least squares support vector machines, Parallelization of kernel methods, Specific to problem kernels, Time series modelling

Gins Rubio; Luis Javier Herrera; Hctor Pomares; Ignacio Rojas; Alberto Guilln

2010-06-01T23:59:59.000Z

176

Security Perimeter  

NLE Websites -- All DOE Office Websites (Extended Search)

Security Perimeter Security Perimeter Protecting the Laboratory against threats and vulnerabilities. Contact Security Perimeter Coordinators Email The security perimeter helps to...

177

Microsoft Word - Final BUGS article final.docx  

NLE Websites -- All DOE Office Websites (Extended Search)

October 18, 2010 DOE/NETL-2010/1435 BUGS: The Next Smart Grid Peak Resource? BUGS: The Next Smart Grid Peak Resource? 2 Prepared by: Booz Allen Hamilton (BAH) Steve Pullins Horizon Energy Group DOE Contract number: DE-FE000400 BUGS: The Next Smart Grid Peak Resource? 3 Acknowledgements This report was prepared by Booz Allen Hamilton, Inc. (BAH) for the United States Department of Energy's National Energy Technology Laboratory. This work was completed under DOE NETL Contract Number DE-FE000400, and performed under BAH Task 430.04. The authors wish to acknowledge the excellent guidance, contributions, and cooperation of the NETL staff, particularly: Steven Bossart, Integrated Electric Power Systems Division Director Keith Dodrill, Integrated Electric Power Systems Division NETL Technical Monitor

178

Brown Marmorated The brown marmorated stink bug (BMSB), Halyomorpha  

E-Print Network (OSTI)

abdominal edge extending beyond wings MATURE NYMPH Banded antennae Spines in front of eyes and on shoulder edges Banded legs Dark bands on wing tips Blue-green metallic depressions on head and shoulder,UC JACKKELLYCLARK,UC RED SHOULDERED STINK BUG Edgeofabdomenconcealed;antennal bands, if present, are not white; less

Ishida, Yuko

179

Is this a bug or an obsolete test?  

Science Conference Proceedings (OSTI)

In software evolution, developers typically need to identify whether the failure of a test is due to a bug in the source code under test or the obsoleteness of the test code when they execute a test suite. Only after finding the cause of a failure can ...

Dan Hao, Tian Lan, Hongyu Zhang, Chao Guo, Lu Zhang

2013-07-01T23:59:59.000Z

180

Reproducing kernels of Sobolev spaces via a green kernel approach with differential operators and boundary operators  

Science Conference Proceedings (OSTI)

We introduce a vector differential operator P and a vector boundary operator B to derive a reproducing kernel along with its associated Hilbert space which is shown to be embedded in a ... Keywords: 41A30, 65D05, Boundary operator, Differential operator, Eigenfunction, Eigenvalue, Green kernel, Reproducing kernel

Gregory E. Fasshauer; Qi Ye

2013-05-01T23:59:59.000Z

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


181

Global Security  

NLE Websites -- All DOE Office Websites (Extended Search)

Global Security Global Security LANL's mission is to develop and apply science and technology to ensure the safety, security, and effectiveness of the U.S. nuclear deterrent;...

182

Object Oriented Verification Kernels for Secure Java Applications  

Science Conference Proceedings (OSTI)

This paper presents an approach to the verification of large Java programs. The focus lies on programs that implement a distributed communicating system e.g. in a Mor E-Commerce scenario. When trying to verify such programs, thousands of Java classes ...

Holger Grandy; Kurt Stenzel; Wolfgang Reif

2005-09-01T23:59:59.000Z

183

Microsoft Windows Server 2008 Kernel Mode Security Support ...  

Science Conference Proceedings (OSTI)

... Corporation on the issues discussed as ... 24 6 OPERATIONAL ENVIRONMENT ..... ... key is EOR'ed with ...

2012-09-07T23:59:59.000Z

184

LightWeight KerneL  

NLE Websites -- All DOE Office Websites (Extended Search)

Catamount n-Way LightWeight KerneL 1 R&D 100 Entry Catamount n-Way LightWeight KerneL 2 R&D 100 Entry Submitting organization Sandia National Laboratories PO Box 5800 Albuquerque,...

185

T-568: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site Request  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

68: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site 68: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site Request Forgery Attacks and Execute Arbitrary Code T-568: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site Request Forgery Attacks and Execute Arbitrary Code March 2, 2011 - 3:05pm Addthis PROBLEM: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site Request Forgery Attacks and Execute Arbitrary Code. PLATFORM: Firefox, Thunderbird, SeaMonkey ABSTRACT: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and Mozilla presume that with enough effort at least some of these could be exploited to run arbitrary code. reference LINKS:

186

Simulation Problem Analysis and Research Kernel | Open Energy...  

Open Energy Info (EERE)

Simulation Problem Analysis and Research Kernel Jump to: navigation, search Tool Summary Name: Simulation Problem Analysis and Research Kernel AgencyCompany Organization:...

187

Security Plans  

Science Conference Proceedings (OSTI)

... Appendix A Glossary - A glossary of security terms used within the security planning document. ... F, Glossary. None applicable.

2013-09-30T23:59:59.000Z

188

Metabolic engineering of microorganisms for biofuels production: from bugs to synthetic biology to fuels  

E-Print Network (OSTI)

DK, Weiss R: Synthetic biology: new engineering rules for anfrom bugs to synthetic biology to fuels Sung Kuk Lee, Howardengineering and synthetic biology will provide new tools for

Kuk Lee, Sung

2010-01-01T23:59:59.000Z

189

OpenEI/URDB Bug? | OpenEI Community  

Open Energy Info (EERE)

OpenEI/URDB Bug? OpenEI/URDB Bug? Home > Groups > Utility Rate Clarknd's picture Submitted by Clarknd(20) Member 26 November, 2012 - 07:39 I ran into a problem today on the Utility Rate Database (URDB). Every time I select the "Assume net metering (buy = sell)" box and go to save the page for some reason it doesn't save that change and reverts back to "No" rather than "Yes". Groups: Utility Rate Login to post comments Latest discussions Rmckeel New page curation tool Posted: 7 May 2013 - 08:16 by Rmckeel Rmckeel Considering removing "Show Preview" button on utility rate form edit Posted: 22 Apr 2013 - 13:55 by Rmckeel 5 comment(s) 1 of 10 ›› Groups Menu You must login in order to post into this group. Latest discussion comments NickL

190

DON'T LET THE BED BUGS BITE We've all heard the saying, "sleep tight, don't let the bed bugs bite." Most of us have never  

E-Print Network (OSTI)

and appear bright red after feeding. The wings of bed bugs are vestigial, so they cannot fly. Bed bugs can. Small, flat, or raised bumps on the skin are the most common sign; redness, swelling, and itching

Bertini, Robert L.

191

October 12, 2010  

NLE Websites -- All DOE Office Websites (Extended Search)

kernel bug. Were down for a day recently due to a security problem and there was also a power outage at OSF. Upcoming downtimes: Nothing in October. New hardware: End of fiscal...

192

Intel's Math Kernel Library (MKL) at NERSC  

NLE Websites -- All DOE Office Websites (Extended Search)

Kernel Library (MKL) Kernel Library (MKL) Math Kernel Library (MKL) Description The Intel Math Kernel Library (Intel MKL) contains highly optimized, extensively threaded math routines for science, engineering, and financial applications. Core math functions include BLAS, LAPACK, ScaLAPACK, Sparse Solvers, Fast Fourier Transforms, Vector Math, and more. NERSC provides MKL on the Carver system for all compilers. MKL is available on the Hopper system for Intel compiler only. How to Access MKL on Carver module load mkl How to Use MKL on Carver Linking Your Code with MKL on Carver Basic usage, with (default) PGI compiler: mpif90 my_code.f $MKL Using ScaLAPACK: mpif90 my_code.f $MKL -L$MKL_LIBDIR -lmkl_scalapack_lp64 -lmkl_blacs_openmpi_lp64 Basic usage, with (default) Intel or gcc compilers (after appropriate

193

Catch me if you can: performance bug detection in the wild  

Science Conference Proceedings (OSTI)

Profilers help developers to find and fix performance problems. But do they find performance bugs -- performance problems that real users actually notice? In this paper we argue that -- especially in the case of interactive applications -- traditional ... Keywords: latency bug, perceptible performance, profiling

Milan Jovic; Andrea Adamoli; Matthias Hauswirth

2011-10-01T23:59:59.000Z

194

WuKong: automatically detecting and localizing bugs that manifest at large system scales  

Science Conference Proceedings (OSTI)

A key challenge in developing large scale applications is finding bugs that are latent at the small scales of testing, but manifest themselves when the application is deployed at a large scale. Here, we ascribe a dual meaning to "large scale"---it could ... Keywords: feature reconstruction, program behavior prediction, scale-dependent bug

Bowen Zhou; Jonathan Too; Milind Kulkarni; Saurabh Bagchi

2013-06-01T23:59:59.000Z

195

Indefinite kernel fuzzy c-means clustering algorithms  

Science Conference Proceedings (OSTI)

This paper proposes two types of kernel fuzzy c-means algorithms with an indefinite kernel. Both algorithms are based on the fact that the relational fuzzy c-means algorithm is a special case of the kernel fuzzy c-means algorithm. ... Keywords: indefinite kernel, kernel fuzzy c-means, non-euclidean fuzzy relational clustering, non-euclidean relational fuzzy c-means

Yuchi Kanzawa; Yasunori Endo; Sadaaki Miyamoto

2010-10-01T23:59:59.000Z

196

Security | Y-12 National Security Complex  

NLE Websites -- All DOE Office Websites (Extended Search)

Security Security The Y-12 National Security Complex places the highest priority on maintaining and improving its security posture. We employ security police officers, cyber...

197

Active security  

Science Conference Proceedings (OSTI)

In this paper we introduce active security, a new methodology which introduces programmatic control within a novel feedback loop into the defense infrastructure. Active security implements a unified programming environment which provides interfaces ... Keywords: central management, digital forensics, network security

Ryan Hand, Michael Ton, Eric Keller

2013-11-01T23:59:59.000Z

198

V-008: Debian Security Advisory | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Debian Security Advisory 8: Debian Security Advisory V-008: Debian Security Advisory October 23, 2012 - 6:00am Addthis PROBLEM: Debian Security Advisory PLATFORM: Debian GNU/Linux 6.0 ABSTRACT: Debian update for bind9 REFERENCE LINKS: Debian Security Advisory DSA-2560-1 Debian bugtracking system: Bug 690118 ISC Reference Number: AA-00801 Secunia Advisory SA51054 CVE-2012-5166 IMPACT ASSESSMENT: Medium DISCUSSION: was discovered that BIND, a DNS server, hangs while constructing the additional section of a DNS reply, when certain combinations of resource records are present. This vulnerability affects both recursive and authoritative servers. For the stable distribution (squeeze), this problem has been fixed in version 1:9.7.3.dfsg-1~squeeze8. IMPACT: Debian has issued an update for bind9. This fixes a vulnerability, which

199

V-008: Debian Security Advisory | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

08: Debian Security Advisory 08: Debian Security Advisory V-008: Debian Security Advisory October 23, 2012 - 6:00am Addthis PROBLEM: Debian Security Advisory PLATFORM: Debian GNU/Linux 6.0 ABSTRACT: Debian update for bind9 REFERENCE LINKS: Debian Security Advisory DSA-2560-1 Debian bugtracking system: Bug 690118 ISC Reference Number: AA-00801 Secunia Advisory SA51054 CVE-2012-5166 IMPACT ASSESSMENT: Medium DISCUSSION: was discovered that BIND, a DNS server, hangs while constructing the additional section of a DNS reply, when certain combinations of resource records are present. This vulnerability affects both recursive and authoritative servers. For the stable distribution (squeeze), this problem has been fixed in version 1:9.7.3.dfsg-1~squeeze8. IMPACT: Debian has issued an update for bind9. This fixes a vulnerability, which

200

A Game Theoretical Approach to Communication Security  

E-Print Network (OSTI)

Security solutions . . . . . . . . . . . . . . . .Practical security solutions . . . . . . . . . . . . .Communication security

Gueye, Assane

2011-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


201

LightWeight KerneL  

NLE Websites -- All DOE Office Websites (Extended Search)

Catamount n-Way Catamount n-Way LightWeight KerneL 1 R&D 100 Entry Catamount n-Way LightWeight KerneL 2 R&D 100 Entry Submitting organization Sandia National Laboratories PO Box 5800 Albuquerque, NM 87185-1319 USA Ron Brightwell Phone: (505) 844-2099 Fax: (505) 845-7442 rbbrigh@sandia.gov AFFIRMATION: I affirm that all information submitted as a part of, or supplemental to, this entry is a fair and accurate representation of this product. _____________________________ Ron Brightwell Joint entry Operating Systems Research 1527 16th NW #5 Washington, DC 20036 USA Trammell Hudson Phone: (240) 283-1700 Fax: (843) 971-9774 hudson@osresearch.net ProduCt name Catamount N-Way (CNW) Lightweight Kernel brief deSCriPtion CNW is an operating system that exploits existing features of multi-core processors

202

Secure Facilities & Capabilities | National Security | ORNL  

NLE Websites -- All DOE Office Websites (Extended Search)

Facilities Events and Conferences Supporting Organizations National Security Home | Science & Discovery | National Security | Facilities SHARE Secure Facilities and Capabilities...

203

Fabrication of Uranium Oxycarbide Kernels for HTR Fuel  

Science Conference Proceedings (OSTI)

Babcock and Wilcox (B&W) has been producing high quality uranium oxycarbide (UCO) kernels for Advanced Gas Reactor (AGR) fuel tests at the Idaho National Laboratory. In 2005, 350-m, 19.7% 235U-enriched UCO kernels were produced for the AGR-1 test fuel. Following coating of these kernels and forming the coated-particles into compacts, this fuel was irradiated in the Advanced Test Reactor (ATR) from December 2006 until November 2009. B&W produced 425-m, 14% enriched UCO kernels in 2008, and these kernels were used to produce fuel for the AGR-2 experiment that was inserted in ATR in 2010. B&W also produced 500-m, 9.6% enriched UO2 kernels for the AGR-2 experiments. Kernels of the same size and enrichment as AGR-1 were also produced for the AGR-3/4 experiment. In addition to fabricating enriched UCO and UO2 kernels, B&W has produced more than 100 kg of natural uranium UCO kernels which are being used in coating development tests. Successive lots of kernels have demonstrated consistent high quality and also allowed for fabrication process improvements. Improvements in kernel forming were made subsequent to AGR-1 kernel production. Following fabrication of AGR-2 kernels, incremental increases in sintering furnace charge size have been demonstrated. Recently small scale sintering tests using a small development furnace equipped with a residual gas analyzer (RGA) has increased understanding of how kernel sintering parameters affect sintered kernel properties. The steps taken to increase throughput and process knowledge have reduced kernel production costs. Studies have been performed of additional modifications toward the goal of increasing capacity of the current fabrication line to use for production of first core fuel for the Next Generation Nuclear Plant (NGNP) and providing a basis for the design of a full scale fuel fabrication facility.

Charles Barnes; CLay Richardson; Scott Nagley; John Hunn; Eric Shaber

2010-10-01T23:59:59.000Z

204

U-052: HP Protect Tools Device Access Manager Unspecified Bug Lets Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: HP Protect Tools Device Access Manager Unspecified Bug Lets 2: HP Protect Tools Device Access Manager Unspecified Bug Lets Remote Users Deny Service and Execute Arbitrary Code U-052: HP Protect Tools Device Access Manager Unspecified Bug Lets Remote Users Deny Service and Execute Arbitrary Code December 6, 2011 - 7:00am Addthis PROBLEM: HP Protect Tools Device Access Manager Unspecified Bug Lets Remote Users Deny Service and Execute Arbitrary Code. PLATFORM: HP Protect Tools Device Access Manager for Windows earlier than v.6.1.0.1 running on the following HP PCs: HP EliteBook 2560p Notebook PC HP EliteBook 2760p Notebook PC HP EliteBook 8460p Notebook PC HP EliteBook 8460w Mobile Workstation HP EliteBook 8560p Notebook PC HP EliteBook 8560w Mobile Workstation HP EliteBook 8760w Mobile Workstation HP ProBook 4230s Notebook PC

205

U-241: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

41: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary 41: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information U-241: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information August 22, 2012 - 7:00am Addthis PROBLEM: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information PLATFORM: Adobe Flash Player 11.3.300.271 and earlier versions for Windows, Macintosh and Linux operating systems Adobe Flash Player 11.1.115.11 and earlier versions for Android 4.x Adobe Flash Player 11.1.111.10 and earlier versions for Android 3.x and 2.x Adobe AIR 3.3.0.3670 and earlier versions for Windows and Macintosh Adobe AIR 3.3.0.3690 SDK (includes AIR for iOS) and earlier versions Adobe AIR 3.3.0.3650 and earlier versions for Android ABSTRACT:

206

U-052: HP Protect Tools Device Access Manager Unspecified Bug Lets Remote  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: HP Protect Tools Device Access Manager Unspecified Bug Lets 2: HP Protect Tools Device Access Manager Unspecified Bug Lets Remote Users Deny Service and Execute Arbitrary Code U-052: HP Protect Tools Device Access Manager Unspecified Bug Lets Remote Users Deny Service and Execute Arbitrary Code December 6, 2011 - 7:00am Addthis PROBLEM: HP Protect Tools Device Access Manager Unspecified Bug Lets Remote Users Deny Service and Execute Arbitrary Code. PLATFORM: HP Protect Tools Device Access Manager for Windows earlier than v.6.1.0.1 running on the following HP PCs: HP EliteBook 2560p Notebook PC HP EliteBook 2760p Notebook PC HP EliteBook 8460p Notebook PC HP EliteBook 8460w Mobile Workstation HP EliteBook 8560p Notebook PC HP EliteBook 8560w Mobile Workstation HP EliteBook 8760w Mobile Workstation HP ProBook 4230s Notebook PC

207

U-118: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

18: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary 18: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information U-118: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information March 6, 2012 - 7:00am Addthis PROBLEM: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information PLATFORM: Adobe Flash Player 10.x, Adobe Flash Player 11.x ABSTRACT: Two vulnerabilities were reported in Adobe Flash Player. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can obtain potentially information. reference LINKS: Secunia Advisory SA48281 CVE-2012-0769 IMPACT ASSESSMENT: High Discussion: A remote user can create specially crafted content that, when loaded by the target user, will trigger a memory corruption error in Matrix3D and execute

208

U-074: Microsoft .NET Bugs Let Remote Users Execute Arbitrary Commands,  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Microsoft .NET Bugs Let Remote Users Execute Arbitrary 4: Microsoft .NET Bugs Let Remote Users Execute Arbitrary Commands, Access User Accounts, and Redirect Users U-074: Microsoft .NET Bugs Let Remote Users Execute Arbitrary Commands, Access User Accounts, and Redirect Users January 4, 2012 - 8:00am Addthis PROBLEM: Microsoft .NET Bugs Let Remote Users Execute Arbitrary Commands, Access User Accounts, and Redirect Users . PLATFORM: Windows XP Service Pack 3 Windows XP Professional x64 Edition Service Pack 2 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows Server 2003 with SP2 for Itanium-based Systems Windows Vista Service Pack 2 Windows Vista x64 Edition Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2

209

V-091: Adobe Acrobat/Reader Bug Lets Remote Users Execute Arbitrary Code |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Adobe Acrobat/Reader Bug Lets Remote Users Execute Arbitrary 1: Adobe Acrobat/Reader Bug Lets Remote Users Execute Arbitrary Code V-091: Adobe Acrobat/Reader Bug Lets Remote Users Execute Arbitrary Code February 14, 2013 - 12:22am Addthis PROBLEM: Adobe Acrobat/Reader Bug Lets Remote Users Execute Arbitrary Code PLATFORM: Adobe Reader XI (11.0.01 and earlier) for Windows and Macintosh Adobe Reader X (10.1.5 and earlier) for Windows and Macintosh Adobe Reader 9.5.3 and earlier 9.x versions for Windows and Macintosh Adobe Acrobat XI (11.0.01 and earlier) for Windows and Macintosh Adobe Acrobat X (10.1.5 and earlier) for Windows and Macintosh Adobe Acrobat 9.5.3 and earlier 9.x versions for Windows and Macintosh ABSTRACT: Adobe has identified critical vulnerabilities in Adobe Reader and Acrobat REFERENCE LINKS: Adobe Reader and Acrobat Vulnerability Report

210

T-563: Red Hat Directory Server Bugs Let Local Users Gain Elevated  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Red Hat Directory Server Bugs Let Local Users Gain Elevated 3: Red Hat Directory Server Bugs Let Local Users Gain Elevated Privileges and Remote and Local Users Deny Service T-563: Red Hat Directory Server Bugs Let Local Users Gain Elevated Privileges and Remote and Local Users Deny Service February 23, 2011 - 7:00am Addthis PROBLEM: Red Hat Directory Server Bugs Let Local Users Gain Elevated Privileges and Remote and Local Users Deny Service. PLATFORM: Red Hat Directory Server v8 EL4, Red Hat Directory Server v8 EL5 ABSTRACT: Several vulnerabilities were reported in Red Hat Directory Server. A local user can obtain elevated privileges on the target system. A remote user can cause denial of service conditions. A local user can cause denial of service conditions. A remote user can send multiple simple paged search requests to cause the

211

ConMem: detecting severe concurrency bugs through an effect-oriented approach  

Science Conference Proceedings (OSTI)

Multicore technology is making concurrent programs increasingly pervasive. Unfortunately, it is difficult to deliver reliable concurrent programs, because of the huge and non-deterministic interleaving space. In reality, without the resources to thoroughly ... Keywords: concurrency bugs, software testing

Wei Zhang; Chong Sun; Shan Lu

2010-03-01T23:59:59.000Z

212

U-201: HP System Management Homepage Bugs Let Remote Users Deny...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

WebSphere DataPower XC10 Appliance Bugs Let Remote Authenticated Users Gain Elevated Privileges and Remote Users Deny Service V-051: Oracle Solaris Java Multiple Vulnerabilities...

213

The Daemon Kernel of the Sun  

E-Print Network (OSTI)

The daemon-stimulated proton decay is capable of providing an appreciable part of the Sun luminosity as well as nonelectron flavor component in the solar neutrino flux. This follows (1) from our experiments on detection of negative daemons in Earth-crossing orbits, which give ~1 microsec for the decay time of a daemon-containing proton, and (2) from an estimate of the total number of daemons which could be captured by the Sun from the Galactic disk (up to \\~2.4E30). Because of their huge mass (~3E-5 g), the captured daemons form in the Sun's center a kernel a few cm in size. The protons diffuse into the kernel to decay there with a release of energy. Physically sound estimates of the parameters of the kernel can be obtained if it consists mainly of negative daemons. Proton decay maintains a high temperature of the daemon gas (up to \\~1E11-1E12 K), which makes it physically collisionless and prevents kernel collapse into a black hole.

E. M. Drobyshevski

2002-05-21T23:59:59.000Z

214

ARMORY: An automatic security testing tool for buffer overflow defect detection  

Science Conference Proceedings (OSTI)

Program Buffer Overflow Defects (PBODs) are the stepping stones of Buffer Overflow Attacks (BOAs), which are one of the most dangerous security threats to the Internet. In this paper, we propose a kernel-based security testing tool, named ARMORY, for ...

Li-Han Chen, Fu-Hau Hsu, Yanling Hwang, Mu-Chun Su, Wei-Shinn Ku, Chi-Hsuan Chang

2013-10-01T23:59:59.000Z

215

Security Cases  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

security-cases Office of Hearings and Appeals 1000 security-cases Office of Hearings and Appeals 1000 Independence Ave., SW Washington, DC, 20585 202-287-1566 en PSH-13-0103 - In the Matter of Personnel Security http://energy.gov/oha/downloads/psh-13-0103-matter-personnel-security security" class="title-link">PSH-13-0103 - In the Matter of Personnel Security

216

Security Policy  

Science Conference Proceedings (OSTI)

... M/S ACES Pvt. Ltd. Pakistan Page Security Policy ... 2013 M/S ACES Pvt. Ltd. Pakistan 5/27/2013 Page 2. [SECURITY POLICY] May 27, 2013 ...

2013-05-29T23:59:59.000Z

217

Spark Ignited Turbulent Flame Kernel Growth  

DOE Green Energy (OSTI)

An experimental study of the effects of spark power and of incomplete fuel-air mixing on spark-ignited flame kernel growth was conducted in turbulent propane-air mixtures at 1 atm, 300K conditions. The results showed that increased spark power resulted in an increased growth rate, where the effect of short duration breakdown sparks was found to persist for times of the order of milliseconds. The effectiveness of increased spark power was found to be less at high turbulence and high dilution conditions. Increased spark power had a greater effect on the 0-5 mm burn time than on the 5-13 mm burn time, in part because of the effect of breakdown energy on the initial size of the flame kernel. And finally, when spark power was increased by shortening the spark duration while keeping the effective energy the same there was a significant increase in the misfire rate, however when the spark power was further increased by increasing the breakdown energy the misfire rate dropped to zero. The results also showed that fluctuations in local mixture strength due to incomplete fuel-air mixing cause the flame kernel surface to become wrinkled and distorted; and that the amount of wrinkling increases as the degree of incomplete fuel-air mixing increases. Incomplete fuel-air mixing was also found to result in a significant increase in cyclic variations in the flame kernel growth. The average flame kernel growth rates for the premixed and the incompletely mixed cases were found to be within the experimental uncertainty except for the 33%-RMS-fluctuation case where the growth rate was significantly lower. The premixed and 6%-RMS-fluctuation cases had a 0% misfire rate. The misfire rates were 1% and 2% for the 13%-RMS-fluctuation and 24%-RMS-fluctuation cases, respectively; however, it drastically increased to 23% in the 33%-RMS-fluctuation case.

Santavicca, D.A.

1995-06-01T23:59:59.000Z

218

T-611: Cisco IOS OCSP Revoked Certificate Security Issue | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Cisco IOS OCSP Revoked Certificate Security Issue 1: Cisco IOS OCSP Revoked Certificate Security Issue T-611: Cisco IOS OCSP Revoked Certificate Security Issue April 27, 2011 - 2:07am Addthis PROBLEM: A security issue has been reported in Cisco IOS, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to an error in the OCSP functionality and can lead to a revoked certificate being successfully authenticated. PLATFORM: Cisco IOS 15.0, 15.1 Operating System ABSTRACT: The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent permanent caching of certain public keys, which allows remote attackers to bypass authentication and have unspecified other impact by leveraging an IKE peer relationship in which a key was previously valid but later revoked, aka Bug

219

Cyber Security | National Security | ORNL  

NLE Websites -- All DOE Office Websites (Extended Search)

National Security Home | Science & Discovery | National Security | Initiatives | Cyber Security SHARE Cyber Security Through Science A Science-Based Approach image ORNL uses a science-based approach that combines experimentation, theory, modeling, and high performance computing to solve some of the nation's cyber security grand challenges. Significant, 'game-changing' transformation requires a science-based approach that combines fundamental understanding with experimentation, theory, and modeling. The most successful scientific programs use peer review to maximize intellectual capital and prioritize research needs. The Department of Energy has applied this approach through programs such as the Scientific Discovery through Advanced Computing (SciDAC) and ASCI,

220

PERI Auto-tuning Memory Intensive Kernels  

NLE Websites -- All DOE Office Websites (Extended Search)

PERI PERI - Auto-tuning Memory Intensive Kernels for Multicore Samuel Williams † , Kaushik Datta † , Jonathan Carter , Leonid Oliker † , John Shalf , Katherine Yelick † , David Bailey CRD/NERSC, Lawrence Berkeley National Laboratory, Berkeley, CA 94720, USA † Computer Science Division, University of California at Berkeley, Berkeley, CA 94720, USA E-mail: SWWilliams@lbl.gov, kdatta@eecs.berkeley.edu, JTCarter@lbl.gov, LOliker@lbl.gov, JShalf@lbl.gov, KAYelick@lbl.gov, DHBailey@lbl.gov Abstract. We present an auto-tuning approach to optimize application performance on emerging multicore architectures. The methodology extends the idea of search-based performance optimizations, popular in linear algebra and FFT libraries, to application-specific computational kernels. Our work applies this strategy to Sparse Matrix Vector Multiplication

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


221

SecureBox: National Security Through Secure Cargo Team Members  

SecureBox: National Security Through Secure Cargo Team Members: Front Row (left to right): Howard Lowdermilk, Greg Dallum, Faranak Nekoogar, Vickie ...

222

History's Worst Software Bugs By Simson Garfinkel Story location: http://www.wired.com/news/technology/bugs/0,2924,69355,00.html  

E-Print Network (OSTI)

,000 of its Prius hybrid vehicles following reports of vehicle warning lights illuminating for no reason, the root of the Prius issue wasn't a hardware problem -- it was a programming error in the smart car's embedded code. The Prius had a software bug. With that recall, the Pruis joined the ranks of the buggy

Overstreet, C. Michael

223

Safety, Security  

NLE Websites -- All DOE Office Websites (Extended Search)

Safety, Security Safety, Security Safety, Security LANL's mission is to develop and apply science and technology to ensure the safety, security, and reliability of the U.S. nuclear deterrent; reduce global threats; and solve other emerging national security and energy challenges. Contact Operator Los Alamos National Laboratory (505) 667-5061 We do not compromise safety for personal, programmatic, or operational reasons. Safety: we integrate safety, security, and environmental concerns into every step of our work Our commitments We conduct our work safely and responsibly to achieve our mission. We ensure a safe and healthful environment for workers, contractors, visitors, and other on-site personnel. We protect the health, safety, and welfare of the general public. We do not compromise safety for personal, programmatic, or

224

Transportation Security  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

For Review Only 1 Transportation Security Draft Annotated Bibliography Review July 2007 Preliminary Draft - For Review Only 2 Work Plan Task * TEC STG Work Plan, dated 8206,...

225

Global Security  

NLE Websites -- All DOE Office Websites (Extended Search)

transparency, and security that are preconditions to the ultimate fulfillment of the Non-Proliferation Treaty's goals and ambitions. Open Source Center The Open Source Center...

226

Security Automation Conference & Workshop  

Science Conference Proceedings (OSTI)

... Security Automation Conference & Workshop. ... Richard Hale, DISA - Information Security & Security Automation in DoD (coming soon); ...

227

HIPAA Security Rule  

Science Conference Proceedings (OSTI)

Related ActivitiesHIPAA Security RuleHealth Information Exchange (HIE) Security Architecture. Related ... HIPAA Security Rule. NIST ...

2011-11-21T23:59:59.000Z

228

Security Enforcement Reporting Criteria  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Classified Information Security Noncompliance Reporting Criteria January 2012 MANDATORY SECURITY INCIDENT REPORTING Classified information security noncompliances are categorized...

229

Backup Generators (BUGS): The Next Smart Grid Peak Resource? | Open Energy  

Open Energy Info (EERE)

Backup Generators (BUGS): The Next Smart Grid Peak Resource? Backup Generators (BUGS): The Next Smart Grid Peak Resource? Jump to: navigation, search Tool Summary LAUNCH TOOL Name: Backup Generators (BUGS): The Next Smart Grid Peak Resource? Focus Area: Crosscutting Topics: Potentials & Scenarios Website: www.netl.doe.gov/smartgrid/referenceshelf/articles/10-18-2010_BUGS%20a Equivalent URI: cleanenergysolutions.org/content/backup-generators-bugs-next-smart-gri Language: English Policies: "Deployment Programs,Financial Incentives,Regulations" is not in the list of possible values (Deployment Programs, Financial Incentives, Regulations) for this property. DeploymentPrograms: Demonstration & Implementation Regulations: "Resource Integration Planning,Energy Standards" is not in the list of possible values (Agriculture Efficiency Requirements, Appliance & Equipment Standards and Required Labeling, Audit Requirements, Building Certification, Building Codes, Cost Recovery/Allocation, Emissions Mitigation Scheme, Emissions Standards, Enabling Legislation, Energy Standards, Feebates, Feed-in Tariffs, Fuel Efficiency Standards, Incandescent Phase-Out, Mandates/Targets, Net Metering & Interconnection, Resource Integration Planning, Safety Standards, Upgrade Requirements, Utility/Electricity Service Costs) for this property.

230

Lab announces security changes  

NLE Websites -- All DOE Office Websites (Extended Search)

Lab announces security changes Lab announces security changes The Laboratory is implementing several changes to its security procedures as the result of a recent security...

231

Efficient semantic kernel-based text classification using matching pursuit KFDA  

Science Conference Proceedings (OSTI)

A number of powerful kernel-based learning machines, such as support vector machines (SVMs), kernel Fisher discriminant analysis (KFDA), have been proposed with competitive performance. However, directly applying existing attractive kernel approaches ... Keywords: efficient text classification, kernel method, matching pursuit KFDA, semantic kernel

Qing Zhang; Jianwu Li; Zhiping Zhang

2011-11-01T23:59:59.000Z

232

Personnel Security Program | National Nuclear Security Administration  

NLE Websites -- All DOE Office Websites (Extended Search)

Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Personnel Security Program Home > About Us > Our Programs > Nuclear Security > Personnel Security...

233

Office of Headquarters Security Operations: Headquarters Security...  

NLE Websites -- All DOE Office Websites (Extended Search)

Headquarters Security Operations Home Sub Offices HQ Security Officers (HSO) Program Office of Information Security Office of Headquarters Personnel Office of...

234

U-184: Mozilla Firefox Multiple Bugs Let Remote Users Execute...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

file CVE-2012-1942. Version 12 on Windows is affected. The Content Security Policy's (CSP) inline-script blocking feature may not protect against some inline event handlers...

235

U-175: Linux Kernel KVM Memory Slot Management Flaw  

Energy.gov (U.S. Department of Energy (DOE))

A vulnerability was reported in the Linux Kernel. A local user on the guest operating system can cause denial of service conditions on the host operating system.

236

Energy Security  

NLE Websites -- All DOE Office Websites (Extended Search)

Energy Security Energy Security Energy Security LANL's mission is to develop and apply science and technology to ensure the safety, security, and effectiveness of the U.S. nuclear deterrent; reduce global threats; and solve other emerging national security and energy challenges. April 12, 2012 A closed photobioreactor system is essentially a series of plastic or glass containers for water and algae. A closed photobioreactor system is essentially a series of plastic or glass containers for water and algae. Proponents of such bioreactors (compared to open ponds) say the growth environment can be more easily controlled; they prevent evaporation; and light penetrates through all sides of the container, which increases cell density. However, bioreactors suffer high materials and energy costs as well as mixing and gas-exchange

237

T-531: The WebVPN implementation on Cisco Adaptive Security Appliances  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

T-531: The WebVPN implementation on Cisco Adaptive Security T-531: The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 T-531: The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 January 10, 2011 - 8:33pm Addthis PROBLEM: The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) PLATFORM: Listed Vunerable Platform Details ABSTRACT: The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) permits the viewing of CIFS shares even when CIFS file browsing has been disabled, which allows remote authenticated users to bypass intended access restrictions via CIFS requests, aka Bug ID CSCsz80777. reference LINKS: CVE Vulnerability Details: CVE-2010-4680 NIST Vulnerability Summary for CVE-2010-4680

238

V-076: Cisco Wireless LAN Controller Bugs Let Remote Users Deny Service and  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Cisco Wireless LAN Controller Bugs Let Remote Users Deny 6: Cisco Wireless LAN Controller Bugs Let Remote Users Deny Service and Remote Authenticated Users Modify the Configuration and Execute Arbitrary Code V-076: Cisco Wireless LAN Controller Bugs Let Remote Users Deny Service and Remote Authenticated Users Modify the Configuration and Execute Arbitrary Code January 24, 2013 - 6:00am Addthis PROBLEM: Several vulnerabilities were reported in Cisco Wireless LAN Controller. PLATFORM: The vulnerabilities are reported in: Cisco 2000 Series WLC Cisco 2100 Series WLC Cisco 2500 Series WLC Cisco 4100 Series WLC Cisco 4400 Series WLC Cisco 5500 Series WLC Cisco 7500 Series WLC Cisco 8500 Series WLC Cisco 500 Series Wireless Express Mobility Controllers Cisco Wireless Services Module (Cisco WiSM) Cisco Wireless Services Module version 2 (Cisco WiSM version 2)

239

T-652: Mozilla Thunderbird Bugs Let Remote Users Obtain Cookies and Execute  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Mozilla Thunderbird Bugs Let Remote Users Obtain Cookies and 2: Mozilla Thunderbird Bugs Let Remote Users Obtain Cookies and Execute Arbitrary Code T-652: Mozilla Thunderbird Bugs Let Remote Users Obtain Cookies and Execute Arbitrary Code June 22, 2011 - 2:55pm Addthis PROBLEM: Multiple vulnerabilities were reported in Mozilla Thunderbird. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can obtain cookies from another domain in certain cases. A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary code on the target system [CVE-2011-2364, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376]. The code will run with the privileges of the target user. PLATFORM: Mozilla Thunderbird prior to 3.1.11

240

V-183: Cisco TelePresence TC and TE Bugs Let Remote Users Deny Service and  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Cisco TelePresence TC and TE Bugs Let Remote Users Deny 3: Cisco TelePresence TC and TE Bugs Let Remote Users Deny Service and Remote Adjacent Authenticated Users Gain Root Shell Access V-183: Cisco TelePresence TC and TE Bugs Let Remote Users Deny Service and Remote Adjacent Authenticated Users Gain Root Shell Access June 21, 2013 - 6:00am Addthis PROBLEM: Three vulnerabilities were reported in Cisco TelePresence TC and TE PLATFORM: The following product models are affected by the vulnerabilities: Cisco TelePresence MX Series Cisco TelePresence System EX Series Cisco TelePresence Integrator C Series Cisco TelePresence Profiles Series running Cisco TelePresence Quick Set Series Cisco IP Video Phone E20 ABSTRACT: Cisco TelePresence TC and TE Software contain two vulnerabilities in the implementation of the Session Initiation Protocol (SIP) that could allow an

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


241

Efficient approximate leave-one-out cross-validation for kernel logistic regression  

Science Conference Proceedings (OSTI)

Kernel logistic regression (KLR) is the kernel learning method best suited to binary pattern recognition problems where estimates of a-posteriori probability of class membership are required. Such problems occur frequently ... Keywords: Kernel logistic regression, Model selection

Gavin C. Cawley; Nicola L. Talbot

2008-06-01T23:59:59.000Z

242

ENERGY SECURITY  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

national strategy for national strategy for ENERGY SECURITY recommendations to the nation on reducing u.s. oil dependence september 2008 a project of a project of a national strategy for energy security Recommendations to the Nation on Reducing U.S. Oil Dependence september 2008 Table of Contents 2 Energy Security Leadership Council 3 Statement of Purpose 4 Letter to the President, the Congress, and the American People 7 Outline of Main Body of Report 13 Introduction 21 Policy Recommendations: Summary 33 Part I · Diversify Energy Supplies for the Transportation Sector

243

Security | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Security Security Security Security program under Office of Health, Safety and Security developes security policy, provides security expertise to assist field elements in planning site protection strategies and coordinates with domestic authorities to provide safeguards and security technical assistance, technical systems support, and technology development and deployment opportunities. Departmental Personnel Security, also ensures that Departmental personnel security programs (included the National Nuclear Security Administration) are consistent and effectively implemented. Headquarters Facilities Master Security Plan The purpose of the Headquarters Facility Master Security Plan (HQFMSP) is to inform employees, contractors, and visitors of the security procedures

244

Induction of robust classifiers for web ontologies through kernel machines  

Science Conference Proceedings (OSTI)

The paper focuses on the task of approximate classification of semantically annotated individual resources in ontological knowledge bases. The method is based on classification models built through kernel methods, a well-known class of effective statistical ... Keywords: Individual classification, Inductive reasoning, Kernel methods, Ontology mining, Similarity, Support vector machines

Nicola Fanizzi; Claudia d'Amato; Floriana Esposito

2012-03-01T23:59:59.000Z

245

Locking in the multithreaded FreeBSD kernel  

Science Conference Proceedings (OSTI)

About a year ago, the FreeBSD Project embarked on the ambitious task of multithreading its kernel. The primary goal of this project is to improve performance on multiprocessor (MP) systems by allowing concurrent access to the kernel while not drastically ...

John H. Baldwin

2002-02-01T23:59:59.000Z

246

Commute-time convolution kernels for graph clustering  

Science Conference Proceedings (OSTI)

Commute time has proved to be a powerful attribute for clustering and characterising graph structure, and which is easily computed from the Laplacian spectrum. Moreover, commute time is robust to deletions of random edges and noisy edge weights. In this ... Keywords: commute times, convolution kernel, graph kernel, laplacian

Normawati A. Rahman; Edwin R. Hancock

2010-08-01T23:59:59.000Z

247

Fast computation of geometric moments using a symmetric kernel  

Science Conference Proceedings (OSTI)

This paper presents a novel set of geometric moments with symmetric kernel (SGM) obtained using an appropriate transformation of image coordinates. By using this image transformation, the computational complexity of geometric moments (GM) is reduced ... Keywords: Computation, Efficient representation, Fast computation, Geometric moments with symmetric kernel (SGM), Invariant properties, Numerical instability, Symmetrical property, Zernike moments

Chong-Yaw Wee; Raveendran Paramesran; R. Mukundan

2008-07-01T23:59:59.000Z

248

Training of support vector machines with Mahalanobis kernels  

Science Conference Proceedings (OSTI)

Radial basis function (RBF) kernels are widely used for support vector machines. But for model selection, we need to optimize the kernel parameter and the margin parameter by time-consuming cross validation. To solve this problem, in this paper we propose ...

Shigeo Abe

2005-09-01T23:59:59.000Z

249

Security Rulemaking  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2 NATIONAL TRANSPORTATION STAKEHOLDERS FORUM 2 NATIONAL TRANSPORTATION STAKEHOLDERS FORUM Knoxville, TN - May 16, 2012 2 NRC Actions Since September 11, 2001 * Interim solution - enhance existing regulations through Security Orders * Objectives of the Orders are enhanced control of material to - Prevent unauthorized access - Prevent malevolent use of material - Mitigate consequences * Orders were issued to NRC licensees that transport: - Spent Nuclear Fuel - IAEA Code of Conduct Category 1 and 2 quantities of radioactive material Security Rulemakings 3 NRC Ongoing Activities * Orders are an interim measure * Long-term approach is to enhance transport security through public rulemaking * Rulemaking process in progress for - SNF Transportation Security - Physical Protection of Category 1 and 2 material (both fixed

250

Enforcing Secure Object Initialization in Java  

E-Print Network (OSTI)

Sun and the CERT recommend for secure Java development to not allow partially initialized objects to be accessed. The CERT considers the severity of the risks taken by not following this recommendation as high. The solution currently used to enforce object initialization is to implement a coding pattern proposed by Sun, which is not formally checked. We propose a modular type system to formally specify the initialization policy of libraries or programs and a type checker to statically check at load time that all loaded classes respect the policy. This allows to prove the absence of bugs which have allowed some famous privilege escalations in Java. Our experimental results show that our safe default policy allows to prove 91% of classes of java.lang, java.security and javax.security safe without any annotation and by adding 57 simple annotations we proved all classes but four safe. The type system and its soundness theorem have been formalized and machine checked using Coq.

Hubert, Laurent; Monfort, Vincent; Pichardie, David

2010-01-01T23:59:59.000Z

251

Transportation Security | ornl.gov  

NLE Websites -- All DOE Office Websites (Extended Search)

Transportation Security SHARE Global Threat Reduction Initiative Transportation Security Cooperation Secure Transport Operations (STOP) Box Security of radioactive material while...

252

U-211: EMC Celerra/VNX/VNXe Access Control Bug Lets Remote Authenticated  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

11: EMC Celerra/VNX/VNXe Access Control Bug Lets Remote 11: EMC Celerra/VNX/VNXe Access Control Bug Lets Remote Authenticated Users Access Files/Directories U-211: EMC Celerra/VNX/VNXe Access Control Bug Lets Remote Authenticated Users Access Files/Directories July 12, 2012 - 7:00am Addthis PROBLEM: EMC Celerra/VNX/VNXe Access Control Bug Lets Remote Authenticated Users Access Files/Directories PLATFORM: EMC Celerra Network Server versions 6.0.36.4 through 6.0.60.2 EMC VNX versions 7.0.12.0 through 7.0.53.1 EMC VNXe 2.0 (including SP1, SP2, and SP3) EMC VNXe MR1 (including SP1, SP2, SP3, and SP3.1) EMC VNXe MR2 (including SP0.1) ABSTRACT: A vulnerability was reported in EMC Celerra/VNX/VNXe. A remote authenticated user can access files and directories on the target file system. reference LINKS: The Vendor's Advisory

253

T-718:Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8:Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute 8:Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code T-718:Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code September 15, 2011 - 8:45am Addthis PROBLEM: Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code. PLATFORM: Adobe Reader X (10.1) and earlier 10.x versions for Windows and Macintosh Adobe Reader 9.4.5 and earlier 9.x versions for Windows, Macintosh and UNIX Adobe Reader 8.3 and earlier 8.x versions for Windows and Macintosh Adobe Acrobat X (10.1) and earlier 10.x versions for Windows and Macintosh Adobe Acrobat 9.4.5 and earlier 9.x versions for Windows and Macintosh Adobe Acrobat 8.3 and earlier 8.x versions for Windows and Macintosh ABSTRACT: A remote user can create a file that, when loaded by the target user, will

254

National Security Technology Center | Y-12 National Security...  

NLE Websites -- All DOE Office Websites (Extended Search)

Global Security Security and Training National Security ... National Security Technology Center What kinds of security technologies are we talking about? See our capabilities...

255

Tag: security | Y-12 National Security Complex  

NLE Websites -- All DOE Office Websites (Extended Search)

security security Tag: security Displaying 1 - 5 of 5... Category: Security Security Y-12 places the highest priority on maintaining and improving its security posture. More... Category: News Johnson shares perspective on security Rod Johnson, B&W Y-12 deputy general manager of Security, recently discussed the security atmosphere since his arrival last August and what he sees as Y-12's security future. More... Category: News Y-12 to Install New Fence to Reduce Trespassing The National Nuclear Security Administration today announced plans to extend the boundary fence at the Y-12 National Security Complex along Scarboro Road. The new fence is expected to be in place by April 4. More... Category: News New institute promotes nuclear security Y-12 is partnering with the University of Tennessee and others to provide

256

Transportation Security  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

For Review Only 1 Transportation Security Draft Annotated Bibliography Review July 2007 Preliminary Draft - For Review Only 2 Work Plan Task * TEC STG Work Plan, dated 8/2/06, Product #16, stated: "Develop an annotated bibliography of publicly-available documents related to security of radioactive material transportation." * Earlier this year, a preliminary draft annotated bibliography on this topic was developed by T-REX , UNM, to initially address this STG Work Plan Task. Preliminary Draft - For Review Only 3 Considerations in Determining Release of Information * Some "Publicly-available" documents could potentially contain inappropriate information according to standards set by DOE information security policy and DOE Guides. - Such documents would not be freely

257

Message Security  

NLE Websites -- All DOE Office Websites (Extended Search)

Message Message Security Services Overview ECS Audio/Video Conferencing Fasterdata IPv6 Network Network Performance Tools (perfSONAR) ESnet OID Registry PGP Key Service Virtual Circuits (OSCARS) OSCARS Case Study Documentation User Manual FAQ Design Specifications Functional Specifications Notifications Publications Authorization Policy Default Attributes Message Security Clients For Developers Interfaces Links Hardware Requirements DOE Grids Service Transition Contact Us Technical Assistance: 1 800-33-ESnet (Inside the US) 1 800-333-7638 (Inside the US) 1 510-486-7600 (Globally) 1 510-486-7607 (Globally) Report Network Problems: trouble@es.net Provide Web Site Feedback: info@es.net Message Security Overview The OSCARS Web pages and Web Services are run within a Tomcat container which uses SSL connections to encrypt all messages. The OSCARS Web Service

258

Allied Security Scholarship ALLIED SECURITY SCHOLARSHIP 2013  

E-Print Network (OSTI)

Allied Security Scholarship ALLIED SECURITY SCHOLARSHIP 2013 BACKGROUND The Allied Security Scholarship was established by Allied Security to assist students to undertake full-time study at the University of Waikato. REGULATIONS 1. The Scholarship shall be known as the Allied Security Scholarship. 2

Waikato, University of

259

Physical Security Evaluations - Reports  

NLE Websites -- All DOE Office Websites (Extended Search)

Summary Report - Independent Oversight Inspection of Safeguards and Security and Cyber Security at the Y-12 Site Office and the Y-12 National Security Complex (U), January...

260

Security for grids  

E-Print Network (OSTI)

S. Kent, R. Atkinson. Security Architecture for the InternetTsudik, S. Tuecke. A Security Architecture for ComputationalComputer and Communications Security Conference, pp. 83-92,

Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

2005-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


261

Taxation and Social Security  

E-Print Network (OSTI)

Re: Taxation and Social Security Attached is draft chapter11 TAXATION AND SOCIAL SECURITY A substantial fraction ofaspects of social security schemes in a setting in which

Kaplow, Louis

2006-01-01T23:59:59.000Z

262

Security and Elections  

E-Print Network (OSTI)

World Conf. Information Security Education, 2007, pp. 1724;Security andElections IEEE Security & Privacy, 10(5):6467, Sept. -

Bishop, Matt; Peisert, Sean

2012-01-01T23:59:59.000Z

263

A novel ant-based clustering algorithm using the kernel method  

Science Conference Proceedings (OSTI)

A novel ant-based clustering algorithm integrated with the kernel (ACK) method is proposed. There are two aspects to the integration. First, kernel principal component analysis (KPCA) is applied to modify the random projection of objects when the algorithm ... Keywords: Ant-based clustering, Kernel, Kernel principal component analysis, Swarm intelligence

Lei Zhang; Qixin Cao

2011-10-01T23:59:59.000Z

264

Java Security  

Science Conference Proceedings (OSTI)

From the Publisher:With a market share of almost 70%, Java can be rightly called the programming language of the Web. Java security allows transmission of sensitive information, stores sensitive data, ensures that code is from a trusted source, and ensures ...

Madhushree Ganguli

2002-11-01T23:59:59.000Z

265

Page not found | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

21 - 20030 of 28,905 results. 21 - 20030 of 28,905 results. Article T-700:Red Hat: kernel security, bug fix, and enhancement update Red Hat: kernel security, bug fix, and enhancement update. http://energy.gov/cio/articles/t-700red-hat-kernel-security-bug-fix-and-enhancement-update Download TBU-0045- In the Matter of William Cor William Cor (the complainant or the employee), appeals the dismissal of his complaint of retaliation filed under 10 C.F.R. Part 708, the Department of Energy (DOE) Contractor Employee Protection... http://energy.gov/oha/downloads/tbu-0045-matter-william-cor Download FIA-13-0009- In the Matter of Sierra Club On March 18, 2013, the Department of Energy's (DOE) Office of Hearings and Appeals (OHA) denied a Freedom of Information Act (FOIA) Appeal filed by the Sierra Club (Appellant) of a determination...

266

Formalizing information security knowledge  

Science Conference Proceedings (OSTI)

Unified and formal knowledge models of the information security domain are fundamental requirements for supporting and enhancing existing risk management approaches. This paper describes a security ontology which provides an ontological structure for ... Keywords: information security, risk management, security ontology

Stefan Fenz; Andreas Ekelhart

2009-03-01T23:59:59.000Z

267

Physical Security Systems | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Physical Security Systems | National Nuclear Security Administration Physical Security Systems | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Physical Security Systems Home > About Us > Our Programs > Nuclear Security > Physical Security Systems Physical Security Systems After the 9/11 terrorist attacks, NNSA took steps to protect its critical

268

Security Forms | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Management & Safeguards System Security Forms Federal Information Processing Standards Publications (FIPS PUBS) FIPS-Associated Documents FIPS 140-2 Security Requirements...

269

Physical Security Systems | National Nuclear Security Administration  

NLE Websites -- All DOE Office Websites (Extended Search)

Physical Security Systems | National Nuclear Security Administration Physical Security Systems | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Physical Security Systems Home > About Us > Our Programs > Nuclear Security > Physical Security Systems Physical Security Systems After the 9/11 terrorist attacks, NNSA took steps to protect its critical

270

Information Security: Coordination of Federal Cyber Security...  

NLE Websites -- All DOE Office Websites (Extended Search)

a federal agenda for cyber security research. GAO also recommends that the Office of Management and Budget (OMB) issue guidance to agencies for providing cyber security research...

271

Security Forms | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Security Forms Home > About Us > Our Programs > Nuclear Security > Nuclear Materials...

272

The Diffusion Kernel Filter Applied to Lagrangian Data Assimilation  

Science Conference Proceedings (OSTI)

The diffusion kernel filter is a sequential particle-method approach to data assimilation of time series data and evolutionary models. The method is applicable to nonlinear/non-Gaussian problems. Within branches of prediction it parameterizes ...

Paul Krause; Juan M. Restrepo

2009-12-01T23:59:59.000Z

273

A linux kernel cryptographic framework: decoupling cryptographic keys from applications  

Science Conference Proceedings (OSTI)

This paper describes a cryptographic service framework for the Linux kernel. The framework enables user-space applications to perform operations with cryptographic keys, while at the same time ensuring that applications cannot directly access or extract ...

Nikos Mavrogiannopoulos; Miloslav Trma?; Bart Preneel

2012-03-01T23:59:59.000Z

274

A CCA-compliant nuclear power plant simulator kernel  

Science Conference Proceedings (OSTI)

This paper presents a parallel, component-oriented nuclear power plant simulator kernel. It is based on the high-performance computing oriented Common Component Architecture. The approach takes advantage of both the component paradigm and the parallel ...

Manuel Daz; Daniel Garrido; Sergio Romero; Bartolom Rubio; Enrique Soler; Jos M. Troya

2005-05-01T23:59:59.000Z

275

Green's kernels for transmission problems in bodies with small inclusions  

E-Print Network (OSTI)

The uniform asymptotic approximation of Green's kernel for the transmission problem of antiplane shear is obtained for domains with small inclusions. The remainder estimates are provided. Numerical simulations are presented to illustrate the effectiveness of the approach.

Vladimir Maz'ya; Alexander Movchan; Michael Nieves

2010-05-24T23:59:59.000Z

276

Cyber Security Evaluations Reports  

NLE Websites -- All DOE Office Websites (Extended Search)

Oversight Home Sub Offices Security Evaluations Cyber Security Evaluations Emergency Management Oversight Environment, Safety and Health Evaluations Mission &...

277

Global Security 2009  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Security *Intelligence *Hyper Innovation Global Security Weapons & Complex Integration NIF Office of Strategic Outcomes Operations & Business Lawrence Livermore National...

278

National Security Initiatives | ORNL  

NLE Websites -- All DOE Office Websites (Extended Search)

Bioinformatics Facilities Events and Conferences Supporting Organizations National Security Home | Science & Discovery | National Security | Initiatives SHARE National...

279

Safety and Security  

Science Conference Proceedings (OSTI)

*. Bookmark and Share. Safety and Security. ... National and International Standards for X-ray Security Screening Applications. ...

2013-07-29T23:59:59.000Z

280

Cryptographic and Security Testing  

Science Conference Proceedings (OSTI)

Directory of Accredited Laboratories. Cryptographic and Security Testing. ... TX. atsec information security corporation, Austin, TX [200658- 0] VA. ...

2013-12-27T23:59:59.000Z

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


281

Computer Security Division Homepage  

Science Conference Proceedings (OSTI)

Computer Security Division. ... The 2012 Computer Security Division Annual Report (Special Publication 800-165) is now available. ...

2013-09-12T23:59:59.000Z

282

Mobile Security and Forensics  

Science Conference Proceedings (OSTI)

Mobile Security and Forensics. Summary: The goal of the project is to improve the security of mobile devices and software. ...

2013-01-15T23:59:59.000Z

283

Capacities associated with scalar signed Riesz kernels, and analytic capacity  

E-Print Network (OSTI)

The real and imaginari parts of the Cauchy kernel in the plane are scalar Riesz kernels of homogeneity -1. One can associate with each of them a natural notion of capacity related to bounded potentials. The main result of the paper asserts that these capacities are comparable to classical analytic capacity, thus stressing the real variables nature of analytic capacity. Higher dimensional versions of this result are also considered.

Mateu, Joan; Verdera, Joan

2010-01-01T23:59:59.000Z

284

HAN System Security Requirements  

Science Conference Proceedings (OSTI)

This report, "Home Area Network (HAN) Security Requirements," identifies and discusses the key cyber security requirements for different interfaces of HAN-based systems. These cyber security requirements for HAN interfaces are derived from the Department of Homeland Security (DHS) "Catalog of Control Systems Security," which provides an excellent checklist of general security requirements.

2009-12-22T23:59:59.000Z

285

Security seal  

DOE Patents (OSTI)

Security for a package or verifying seal in plastic material is provided by a print seal with unique thermally produced imprints in the plastic. If tampering is attempted, the material is irreparably damaged and thus detectable. The pattern of the imprints, similar to "fingerprints" are recorded as a positive identification for the seal, and corresponding recordings made to allow comparison. The integrity of the seal is proved by the comparison of imprint identification records made by laser beam projection.

Gobeli, Garth W. (Albuquerque, NM)

1985-01-01T23:59:59.000Z

286

Microsoft Word - BUGS_The Next Smart Grid Peak Resource Final 4_19.docx  

NLE Websites -- All DOE Office Websites (Extended Search)

April 15, 2010 April 15, 2010 DOE/NETL-2010/1406 Backup Generators (BUGS): The Next Smart Grid Peak Resource Backup Generators (BUGS): The Next Smart Grid Peak Resource v1.0 ii DISCLAIMER This report was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor any agency thereof, nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference therein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or

287

INSTITUTE FOR CYBER SECURITY Security Models  

E-Print Network (OSTI)

INSTITUTE FOR CYBER SECURITY 1 Security Models: Past, Present and Future Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio July 2010 ravi.sandhu@utsa.edu www.profsandhu.com © Ravi Sandhu #12;INSTITUTE FOR CYBER SECURITY 2 THE BIG

Sandhu, Ravi

288

Security rules versus Security properties Mathieu Jaume  

E-Print Network (OSTI)

Security rules versus Security properties Mathieu Jaume SPI ­ LIP6 ­ University Pierre & Marie components of security policies can be expressed, and we identify their role in the de- scription of a policy, of a system and of a secure system. In this setting, we formally describe two approaches to define policies

Paris-Sud XI, Université de

289

INSTITUTE FOR CYBER SECURITY Security Models  

E-Print Network (OSTI)

INSTITUTE FOR CYBER SECURITY 1 Security Models: Past, Present and Future Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio July 2009 ravi.sandhu@utsa.edu www.profsandhu.com © Ravi Sandhu #12;INSTITUTE FOR CYBER SECURITY 2 THE BIG

Sandhu, Ravi

290

Security Procedures Caltech Campus Security Dispatch  

E-Print Network (OSTI)

Security Procedures Caltech Campus Security Dispatch: 5000 (from any Caltech phone) or (626) 395-5000 (from any phone) When emergencies arise, contact Caltech Campus Security MEDICAL If someone experiences a medical emergency: · Remain calm · Notify Campus Security Dispatch · Do NOT move victim EARTHQUAKE When

Goddard III, William A.

291

Obfuscation (IND-CPA Security Circular Security)  

E-Print Network (OSTI)

Obfuscation (IND-CPA Security Circular Security) (Draft Version, 24 October 2013) Antonio@cs.au.dk 2 Aarhus University, Denmark, orlandi@cs.au.dk Abstract Circular security is an important notion for public-key encryption schemes and is needed by several cryptographic protocols. In circular security

International Association for Cryptologic Research (IACR)

292

Nonproliferation & International Security | National Nuclear Security  

NLE Websites -- All DOE Office Websites (Extended Search)

Nonproliferation & International Security | National Nuclear Security Nonproliferation & International Security | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Nonproliferation & International Security Home > About Us > Our Programs > Nonproliferation > Nonproliferation & International Security Nonproliferation & International Security

293

Nonproliferation & International Security | National Nuclear Security  

National Nuclear Security Administration (NNSA)

Nonproliferation & International Security | National Nuclear Security Nonproliferation & International Security | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Nonproliferation & International Security Home > About Us > Our Programs > Nonproliferation > Nonproliferation & International Security Nonproliferation & International Security

294

U-226: Linux Kernel SFC Driver TCP MSS Option Handling Denial of Service  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Linux Kernel SFC Driver TCP MSS Option Handling Denial of 6: Linux Kernel SFC Driver TCP MSS Option Handling Denial of Service Vulnerability U-226: Linux Kernel SFC Driver TCP MSS Option Handling Denial of Service Vulnerability August 2, 2012 - 7:00am Addthis PROBLEM: Linux Kernel SFC Driver TCP MSS Option Handling Denial of Service Vulnerability PLATFORM: Linux Kernel 3.2.x ABSTRACT: The Linux kernel is prone to a remote denial-of-service vulnerability. reference LINKS: Secunia Advisory SA50081 Bugtraq ID: 54763 Vulnerability Report: Linux Kernel 3.2.x The Linux Kernel Archives Original Advisory CVE-2012-3412 IMPACT ASSESSMENT: Medium Discussion: A vulnerability has been reported in Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the Solarflare network

295

Cold-moderator scattering kernel methods  

SciTech Connect

An accurate representation of the scattering of neutrons by the materials used to build cold sources at neutron scattering facilities is important for the initial design and optimization of a cold source, and for the analysis of experimental results obtained using the cold source. In practice, this requires a good representation of the physics of scattering from the material, a method to convert this into observable quantities (such as scattering cross sections), and a method to use the results in a neutron transport code (such as the MCNP Monte Carlo code). At Los Alamos, the authors have been developing these capabilities over the last ten years. The final set of cold-moderator evaluations, together with evaluations for conventional moderator materials, was released in 1994. These materials have been processed into MCNP data files using the NJOY Nuclear Data Processing System. Over the course of this work, they were able to develop a new module for NJOY called LEAPR based on the LEAP + ADDELT code from the UK as modified by D.J. Picton for cold-moderator calculations. Much of the physics for methane came from Picton`s work. The liquid hydrogen work was originally based on a code using the Young-Koppel approach that went through a number of hands in Europe (including Rolf Neef and Guy Robert). It was generalized and extended for LEAPR, and depends strongly on work by Keinert and Sax of the University of Stuttgart. Thus, their collection of cold-moderator scattering kernels is truly an international effort, and they are glad to be able to return the enhanced evaluations and processing techniques to the international community. In this paper, they give sections on the major cold moderator materials (namely, solid methane, liquid methane, and liquid hydrogen) using each section to introduce the relevant physics for that material and to show typical results.

MacFarlane, R.E.

1998-08-01T23:59:59.000Z

296

NIST.gov - Computer Security Division - Computer Security ...  

Science Conference Proceedings (OSTI)

... approach to protect critical federal missions and business functions ... security areas such physical security, personnel security, continuity of operations ...

297

Using Operational Security (OPSEC) to Support a Cyber Security...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments Using Operational Security (OPSEC) to Support a Cyber Security Culture in...

298

T-592: Cisco Security Advisory: Cisco Secure Access Control System...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Cisco Security Advisory: Cisco Secure Access Control System Unauthorized Password Change Vulnerability T-592: Cisco Security Advisory: Cisco Secure Access Control System...

299

Cyber and Network Security Homepage  

Science Conference Proceedings (OSTI)

Cyber and Network Security. Cyber and network security is focused on ensuring three security objectives of information ...

2010-10-05T23:59:59.000Z

300

GAO Information Security Issues Update  

Science Conference Proceedings (OSTI)

... Critical IT Systems & Infrastructure - NNSA Supercomputers CP & Security - State Security System - Wireless Security - IRS e*File ...

2010-10-08T23:59:59.000Z

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


301

Bioinformatics Systems | National Security | ORNL  

NLE Websites -- All DOE Office Websites (Extended Search)

Initiatives Cyber Security Nuclear Forensics Bioinformatics Videos Workshops National Security Home | Science & Discovery | National Security | Initiatives | Bioinformatics SHARE...

302

Security Components and Mechanisms Group  

Science Conference Proceedings (OSTI)

Security Components and Mechanisms Group. Welcome. ... A security checklist is a document that contains instructions for securely configuring ...

2013-01-17T23:59:59.000Z

303

Information Security | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Information Security | National Nuclear Security Administration Information Security | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Information Security Home > About Us > Our Programs > Nuclear Security > Information Security Information Security Information security deals with requirements for the protection and control of information and matter required to be classified or controlled by

304

Border Security | ornl.gov  

NLE Websites -- All DOE Office Websites (Extended Search)

Border Security SHARE Border Security Testing of unmanned aerial surveillance equipment. ORNL performs border security research at the Security Sciences Field Laboratory (SSFL),...

305

Using gprof to Tune the 4.2BSD Kernel  

E-Print Network (OSTI)

This paper describes how the gprof profiler accounts for the running time of called routines in the running time of the routines that call them. It then explains how to configure a profiling kernel on the 4.2 Berkeley Software Distribution of UNIX for the VAX and discusses tradeoffs in techniques for collecting profile data. Gprof identifies problems that severely affects the overall performance of the kernel. Once a potential problem areas is identified benchmark programs are devised to highlight the bottleneck. These benchmarks verify that the problem exist and provide a metric against which to validate proposed solutions. Tw o caches are added to the kernel to alleviate the bottleneck and gprof is used to validates their effectiveness. VAX is a trademark of Digital Equipment Corporation.

Marshall Kirk Mckusick

1984-01-01T23:59:59.000Z

306

Energy, Climate & Infrastructure Security  

E-Print Network (OSTI)

Energy, Climate & Infrastructure Security EXCEPTIONAL SERVICE IN THE NATIONAL INTEREST Sandia Security Administration under contract DE-AC04-94AL85000. SAND 2012-1670P Thermal thermal environments different from regulatory standards. Packaging, Transport, Storage & Security

307

Designing security into software  

E-Print Network (OSTI)

When people talk about software security, they usually refer to security applications such as antivirus software, firewalls and intrusion detection systems. There is little emphasis on the security in the software itself. ...

Zhang, Chang Tony

2006-01-01T23:59:59.000Z

308

CAMPUS SECURITY CARD REQUISITION  

E-Print Network (OSTI)

CAMPUS SECURITY CARD REQUISITION DEPARTMENT LAST NAME GIVEN NAME(S) SFU ID NUMBER CARD NUMBER CAMPUS SECURITY OFFICE USE ONLY SERVICE CHARGE: ___________________________ DEPOSIT be reported or returned to Campus Security TC 050 (291-5448). CARDHOLDER SIGNATURE DATE: #12;

309

National Nuclear Security Administration  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

National Nuclear Security Administration National Nuclear Security Administration Ofice of Secure Transportation mKlK= Box RQMM= ^luquerqueI= kj= UTNUR= ;JAN 03 213 MEMORANDUM FOR GREGORY eK= WOODS GENERAL COUNSEL DEPARTMENT OF ENERGY FROM: SUBJECT: JEFFREY P. HARREL ASSIST ANT DEPU FOR SECURE 2013 ANNUAL PLANNING SUMMARY In response to your memorandum of December TI= 2012, the following information is provided for the National Nuclear Security Administration Ofice of Secure

310

Security guide for subcontractors  

Science Conference Proceedings (OSTI)

This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

Adams, R.C.

1991-01-01T23:59:59.000Z

311

Modeling the Distribution of Precipitation Forecasts from the Canadian Ensemble Prediction System Using Kernel Density Estimation  

Science Conference Proceedings (OSTI)

Kernel density estimation is employed to fit smooth probabilistic models to precipitation forecasts of the Canadian ensemble prediction system. An intuitive nonparametric technique, kernel density estimation has become a powerful tool widely used ...

Syd Peel; Laurence J. Wilson

2008-08-01T23:59:59.000Z

312

U-226: Linux Kernel SFC Driver TCP MSS Option Handling Denial...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

August 2, 2012 - 7:00am Addthis PROBLEM: Linux Kernel SFC Driver TCP MSS Option Handling Denial of Service Vulnerability PLATFORM: Linux Kernel 3.2.x ABSTRACT: The Linux...

313

Kernel Auto-Regressive Model with eXogenous Inputs for Nonlinear Time Series Prediction  

Science Conference Proceedings (OSTI)

In this paper we present a novel approach for nonlinear time series prediction using Kernel methods. The kernel methods such as Support Vector Machine(SVM) and Support Vector Regression(SVR) deal with nonlinear problems assuming independent and identically ...

Venkataramana B. Kini; C. Chandra Sekhar

2007-03-01T23:59:59.000Z

314

Dataflow-driven GPU performance projection for multi-kernel transformations  

Science Conference Proceedings (OSTI)

Applications often have a sequence of parallel operations to be offloaded to graphics processors; each operation can become an individual GPU kernel. Developers typically explore a variety of transformations for each kernel. Furthermore, it is well known ...

Jiayuan Meng; Vitali A. Morozov; Venkatram Vishwanath; Kalyan Kumaran

2012-11-01T23:59:59.000Z

315

T-583: Linux Kernel OSF Partition Table Buffer Overflow Lets Local Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

583: Linux Kernel OSF Partition Table Buffer Overflow Lets Local 583: Linux Kernel OSF Partition Table Buffer Overflow Lets Local Users Obtain Information T-583: Linux Kernel OSF Partition Table Buffer Overflow Lets Local Users Obtain Information March 18, 2011 - 5:15pm Addthis PROBLEM: A vulnerability was reported in the Linux Kernel. A local user can obtain information from kernel memory. PLATFORM: Version(s): 2.4.x, 2.6.x ABSTRACT: A local user can create a storage device with specially crafted OSF partition tables. When the kernel automatically evaluates the partition tables, a buffer overflow may occur and data from kernel heap space may leak to user-space. reference LINKS: http://www.securitytracker.com/id/1025225 CVE-2011-1163 http://www.kernel.org/ IMPACT ASSESSMENT: Moderate Discussion: A local user can create a storage device with specially crafted OSF

316

NIST, Computer Security Division, Computer Security ...  

Science Conference Proceedings (OSTI)

... Standards. ITL January 1999, Jan 1999, Secure Web-Based Access to High Performance Computing Resources. ITL November ...

317

NIST, Computer Security Division, Computer Security ...  

Science Conference Proceedings (OSTI)

... Security Strategies for the Smart Grid: Protecting the ... Overview: The Government Smart Card Interoperability ... Mar 2001, An Introduction to IPsec ...

318

Personnel Security Program | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure...

319

Radiological Security | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure...

320

Cyber Security Evaluations - Reports  

NLE Websites -- All DOE Office Websites (Extended Search)

Oversight Program Home Office of Security and Cyber Evaluations Office of Safety and Emergency Management Evaluations Guidance Documents Security and Cyber Evaluations ...

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


321

Cyber Security Module  

NLE Websites -- All DOE Office Websites (Extended Search)

Cyber Security Module Cyber security training is required for all facility users and must be submitted before or upon arrival at the GUV Center. System Requirements and Information...

322

Security - Problem Solved?  

Science Conference Proceedings (OSTI)

There are plenty of security problems that have solutions. Yet, our security problems don't seem to be going away. What's wrong here?

John Viega

2005-06-01T23:59:59.000Z

323

Office of Security  

NLE Websites -- All DOE Office Websites (Extended Search)

Security Security Home Sub Offices › Security Policy › Security Assistance › Departmental Personnel Security Mission & Functions › Security Policy › Security Assistance › Departmental Personnel Security Human Reliability Program (HRP) Guidance Documents Security Technology Information Archive (STIA) Related Links › DOE › DOE CIO › NNSA › DOE CFO › NTC › S&S PIR Contact Us HSS Logo Welcome to the Office of Security Mission and Functions The Office of Security (HS-50) developes security policy, provides security expertise to assist field elements in planning site protection strategies and coordinates with domestic authorities to provide safeguards and security technical assistance, technical systems support, and technology development and deployment opportunities. The Office of Security, through the Office of Departmental Personnel Security, also ensures that Departmental personnel security programs (included the National Nuclear Security Administration) are consistent and effectively implemented.

324

Security: A Coordinated Approach  

Science Conference Proceedings (OSTI)

... SIM / SEM Asset Management System AAA ICS/SCADA Security Physical Security ... Location-Awareness ICS/SCADA Smart Grid Mobile Devices ...

2012-10-26T23:59:59.000Z

325

JLab Security Banner  

NLE Websites -- All DOE Office Websites (Extended Search)

Computer Center | Jefferson Lab Home | Experiments | The Lab | News Privacy and Security Notice Security Notice This is a Federal computer system and is the property of the United...

326

NNSA orders security enhancements  

NLE Websites -- All DOE Office Websites (Extended Search)

orders security enhancements NNSA orders security enhancements Because of this government order, until further notice all vehicles entering government property will be required to...

327

NIST Cyber Security Framework  

Science Conference Proceedings (OSTI)

Page 1. NIST Cyber Security Framework ISA-62443-2-1 :2009 ISA-62443-2-1 (Ed. 2, D2E8 ... Page 2. Security NIST Cyber ...

2013-12-13T23:59:59.000Z

328

Office of Security Policy  

NLE Websites -- All DOE Office Websites (Extended Search)

Office of Security Policy Office of Security Policy Mission and Functions The Office of Security Policy develops and promulgates safeguards and security policy governing the protection of National Security and other critical assets entrusted to the Department. Director's Perspective Welcome to the Office of Security Policy Jack Cowden, Director The Office of Security Policy analyzes, develops and interprets safeguards and security policy governing national security functions and the protection of related critical assets entrusted to the Department. This includes the protection of DOE nuclear facilities, nuclear weapons components, special nuclear materials and classified information. Our broad topical areas are organized as: Program Planning and Management, Protection Program Operations (which includes both physical security and protective forces), Information Security and Material Control and Accountability.

329

Regression based D-optimality experimental design for sparse kernel density estimation  

Science Conference Proceedings (OSTI)

This paper derives an efficient algorithm for constructing sparse kernel density (SKD) estimates. The algorithm first selects a very small subset of significant kernels using an orthogonal forward regression (OFR) procedure based on the D-optimality ... Keywords: D-optimality, Optimal experimental design, Orthogonal forward regression, Parzen window estimate, Probability density function, Sparse kernel modelling

S. Chen; X. Hong; C. J. Harris

2010-01-01T23:59:59.000Z

330

Feasibility of impact-acoustic emissions for detection of damaged wheat kernels  

Science Conference Proceedings (OSTI)

A non-destructive, real time device was developed to detect insect damage, sprout damage, and scab damage in kernels of wheat. Kernels are impacted onto a steel plate and the resulting acoustic signal analyzed to detect damage. The acoustic signal was ... Keywords: Acoustic emissions, Insect damage kernels, Neural network, Sorting, Spectral analysis

Tom C. Pearson; A. Enis Cetin; Ahmed H. Tewfik; Ron P. Haff

2007-05-01T23:59:59.000Z

331

Computer vision algorithm for barley kernel identification, orientation estimation and surface structure assessment  

Science Conference Proceedings (OSTI)

This paper presents an algorithm for analyzing barley kernel images to evaluate cereal grain quality and perform grain classification. The input data comprised digital images of kernels obtained from an optical scanner. The algorithm identified individual ... Keywords: Automated kernel grading, Cereal grain classification, Digital image analysis

Piotr M. Szczypi?Ski; Piotr Zapotoczny

2012-09-01T23:59:59.000Z

332

Noise-robust edge detector combining isotropic and anisotropic Gaussian kernels  

Science Conference Proceedings (OSTI)

A new noise-robust edge detector is proposed, which combines a small-scaled isotropic Gaussian kernel and large-scaled anisotropic Gaussian kernels (ANGKs) to obtain edge maps of images. Its main advantage is that noise reduction is attained while maintaining ... Keywords: Anisotropic Gaussian kernels (ANGKs), Anisotropic directional derivatives, Edge detection, Edge resolution, Edge stretch effect

Peng-Lang Shui; Wei-Chuan Zhang

2012-02-01T23:59:59.000Z

333

A Bayesian approach to bandwidth selection for multivariate kernel density estimation  

Science Conference Proceedings (OSTI)

Kernel density estimation for multivariate data is an important technique that has a wide range of applications. However, it has received significantly less attention than its univariate counterpart. The lower level of interest in multivariate kernel ... Keywords: Cross-validation, Kullback-Leibler information, Mean integrated squared errors, Monte Carlo kernel likelihood, Sampling algorithms

Xibin Zhang; Maxwell L. King; Rob J. Hyndman

2006-07-01T23:59:59.000Z

334

CYBER SECURITY METRICS AND MEASURES  

Science Conference Proceedings (OSTI)

... CYBER SECURITY METRICS AND MEASURES ... Keywords: cyber security; metrics; measures; software; computer systems; IT ...

2013-05-07T23:59:59.000Z

335

A Security Enforcement Kernel for OpenFlow Networks Phillip Porras  

E-Print Network (OSTI)

on the NOx concentration (equation (12.5)). One might hope under these conditions that a reduction in NOx reduction of NOx emissions. Detailed models for the United States predict that a 50% reduction of NOx presently for 50% of global NOx emissions (section 11.4), and one might be concerned that reduction

Gu, Guofei

336

Secure Manufacturing | Y-12 National Security Complex  

NLE Websites -- All DOE Office Websites (Extended Search)

Secure Secure Manufacturing Secure Manufacturing The depth and breadth of Y-12's manufacturing capabilities and expertise enable Y-12 to address current and emerging national security challenges by providing leadership and direction to perform the following activities: solving unique, high-risk manufacturing problems; eliminating the most difficult manufacturability and development obstacles; protecting classified and proprietary materials, components, and information; developing unique technologies to optimize manufacturing and systems performance; and executing projects cost effectively and with timeliness. Y-12 accomplishes this mission to meet the national security challenges of today and those of the future, with capability and expertise in the following areas:

337

On the kernelization of ranking r-CSP in tournaments  

E-Print Network (OSTI)

A Ranking r-Constraint Satisfaction Problem (ranking r-CSP) consists of a ground set of vertices V, an arity r > 2, a parameter k and a constraint system c, where c is a function which maps rankings of r-sized subsets of V to {0,1}. The objective is to decide if there exists a ranking ? of the vertices satisfying all but at most k constraints. Famous ranking r-CSP include the Feedback Arc Set in Tournaments and Betweenness in Tournaments problems. We consider these problems from the kernelization viewpoint. We first prove that Feedback Arc Set in Bipartite Tournaments admits a kernel with O(k^2) vertices, improving the previous bound of O(k^3) vertices. Next, we prove that so-called l_r-simply characterized ranking r-CSP admit linear vertex-kernels whenever they admit constant-factor approximation algorithms. This implies that r-Betweenness in Tournaments and r-Transitive Feedback Arc Set In Tournaments admit linear vertex-kernels. Finally, we consider another generalization of Feedback Arc Set in Tournaments...

Perez, Anthony

2012-01-01T23:59:59.000Z

338

Optical transformation from chirplet to fractional Fourier transformation kernel  

E-Print Network (OSTI)

We find a new integration transformation which can convert a chirplet function to fractional Fourier transformation kernel, this new transformation is invertible and obeys Parseval theorem. Under this transformation a new relationship between a phase space function and its Weyl-Wigner quantum correspondence operator is revealed.

Hong-yi Fan; Li-yun Hu

2009-02-11T23:59:59.000Z

339

Optical transformation from chirplet to fractional Fourier transformation kernel  

E-Print Network (OSTI)

We find a new integration transformation which can convert a chirplet function to fractional Fourier transformation kernel, this new transformation is invertible and obeys Parseval theorem. Under this transformation a new relationship between a phase space function and its Weyl-Wigner quantum correspondence operator is revealed.

Fan, Hong-yi

2009-01-01T23:59:59.000Z

340

Maximum a posteriori based kernel classifier trained by linear programming  

Science Conference Proceedings (OSTI)

We propose a new approach for classification problem based on the maximum a posteriori (MAP) estimation. The necessary and sufficient condition for the cost function to estimate a posteriori probability was obtained. It was clarified by the condition ... Keywords: cost function, kernel function, linear programming, maximum a posteriori

Nopriadi Nopriadi; Yukihiko Yamashita

2010-08-01T23:59:59.000Z

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


341

Kernel principal component analysis for stochastic input model generation  

Science Conference Proceedings (OSTI)

Stochastic analysis of random heterogeneous media provides useful information only if realistic input models of the material property variations are used. These input models are often constructed from a set of experimental samples of the underlying random ... Keywords: Data-driven models, Flow in random porous media, Kernel principal component analysis, Non-linear model reduction, Stochastic partial differential equations

Xiang Ma; Nicholas Zabaras

2011-08-01T23:59:59.000Z

342

Efficient and effective automated surveillance agents using kernel tricks  

Science Conference Proceedings (OSTI)

Many schemes have been presented over the years to develop automated visual surveillance systems. However, these schemes typically need custom equipment, or involve significant complexity and storage requirements. In this paper we present three software-based ... Keywords: agent, automated, camera, intrusion, kernel, surveillance

Tarem Ahmed, Xianglin Wei, Supriyo Ahmed, Al-Sakib Khan Pathan

2013-05-01T23:59:59.000Z

343

Dead or Alive: finding zombie features in the Linux kernel  

Science Conference Proceedings (OSTI)

Variability management in operating systems is an error-prone and tedious task. This is especially true for the Linux operating system, which provides a specialized tool called Kconfig for users to customize kernels from an impressive amount of ... Keywords: Linux, features, language, preprocessor, software product lines, tool support

Reinhard Tartler; Julio Sincero; Wolfgang Schrder-Preikschat; Daniel Lohmann

2009-10-01T23:59:59.000Z

344

Multiclass Kernel-Imbedded Gaussian Processes for Microarray Data Analysis  

Science Conference Proceedings (OSTI)

Identifying significant differentially expressed genes of a disease can help understand the disease at the genomic level. A hierarchical statistical model named multiclass kernel-imbedded Gaussian process (mKIGP) is developed under a Bayesian framework ... Keywords: Gene expression, Gaussian processes, Monte Carlo methods, nonlinear multiclass systems.

Xin Zhao; Leo Wang-Kit Cheung

2011-07-01T23:59:59.000Z

345

A dynamic aspect-oriented system for OS kernels  

Science Conference Proceedings (OSTI)

We propose a dynamic aspect-oriented system for operating system (OS) kernels written in the C language. Unlike other similar systems, our system named KLASY allows the users to pointcut not only function calls but also member accesses to structures. ... Keywords: Linux, aspect-oriented programming, dynamic AOP, operating system, profiling and debugging

Yoshisato Yanagisawa; Kenichi Kourai; Shigeru Chiba

2006-10-01T23:59:59.000Z

346

Generalized holomorphic Szeg kernel in 3D spheroids  

Science Conference Proceedings (OSTI)

Monogenic orthogonal polynomials over 3D prolate spheroids were previously introduced and shown to have some remarkable properties. In particular, the underlying functions take values in the quaternions (identified with R^4), and are generally assumed ... Keywords: Chebyshev polynomials, Ferrer's associated Legendre functions, Hyperbolic functions, Prolate spheroidal monogenics, Quaternion analysis, Szeg kernel function

J. Morais; K. I. Kou; W. SprIg

2013-02-01T23:59:59.000Z

347

Measurement Denoising Using Kernel Adaptive Filters in the Smart Grid  

E-Print Network (OSTI)

Measurement Denoising Using Kernel Adaptive Filters in the Smart Grid Zhe Chen and Robert C. Qiu@ieee.org, rqiu@tntech.edu Abstract--State estimation plays an important role in the smart grid. Conventionally, noisy measurements are directly used for state estimation. Today, in the context of the smart grid

Qiu, Robert Caiming

348

Security tasks are highly interdependent.  

E-Print Network (OSTI)

Motivation Security tasks are highly interdependent. To improve security tools, we need to understand how security practitioners collaborate in their organizations. Security practitioners in context Exchange of Information Develop security tools that: · Integrate information from different communication

349

Security Policies Dr. Ahmad Almulhem  

E-Print Network (OSTI)

Security Policies Dr. Ahmad Almulhem Computer Engineering Department, KFUPM Spring 2008 Ahmad Almulhem - Network Security Engineering - 2008 1 / 51 #12;Security Policies Types of Security Policies Trust Types of Access Control Summary Part I Overview Ahmad Almulhem - Network Security Engineering

Almulhem, Ahmad

350

Nuclear Security | National Nuclear Security Administration  

NLE Websites -- All DOE Office Websites (Extended Search)

| National Nuclear Security Administration | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Nuclear Security Home > About Us > Our Programs > Nuclear Security Nuclear Security The Office of Defense Nuclear Security (DNS) is responsible for the development and implementation of security programs for NNSA. In this capacity, DNS is the NNSA line management organization responsible for

351

Nuclear Security | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

| National Nuclear Security Administration | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Nuclear Security Home > About Us > Our Programs > Nuclear Security Nuclear Security The Office of Defense Nuclear Security (DNS) is responsible for the development and implementation of security programs for NNSA. In this capacity, DNS is the NNSA line management organization responsible for

352

Nuclear Security Enterprise | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Enterprise | National Nuclear Security Administration Enterprise | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Nuclear Security Enterprise Home > About Us > Our Programs > Defense Programs > Nuclear Security Enterprise Nuclear Security Enterprise The Nuclear Security Enterprise (NSE) mission is to ensure the Nation sustains a safe, secure, and effective nuclear deterrent through the

353

Nuclear Security & Safety  

Energy.gov (U.S. Department of Energy (DOE))

The Energy Department is working to enhance nuclear security through defense, nonproliferation, and environmental efforts.

354

Security Technologies Group  

Science Conference Proceedings (OSTI)

Security Technologies Group. Welcome. Our group develops measurement science in support of performance-based standards ...

2012-10-24T23:59:59.000Z

355

Industrial Control Systems Security  

Science Conference Proceedings (OSTI)

... Risk Management Architecture security focus Physical interaction ... Cybersecurity Cybersecurity Framework Smart Grid Program ...

2013-06-05T23:59:59.000Z

356

NERSC Computer Security  

NLE Websites -- All DOE Office Websites (Extended Search)

Security Security NERSC Computer Security NERSC computer security efforts are aimed at protecting NERSC systems and its users' intellectual property from unauthorized access or modification. Among NERSC's security goal are: 1. To protect NERSC systems from unauthorized access. 2. To prevent the interruption of services to its users. 3. To prevent misuse or abuse of NERSC resources. Security Incidents If you think there has been a computer security incident you should contact NERSC Security as soon as possible at security@nersc.gov. You may also call the NERSC consultants (or NERSC Operations during non-business hours) at 1-800-66-NERSC. Please save any evidence of the break-in and include as many details as possible in your communication with us. NERSC Computer Security Tutorial

357

Office of Security Assistance  

NLE Websites -- All DOE Office Websites (Extended Search)

Security Security Home Sub Offices › Security Policy › Security Assistance › Departmental Personnel Security Mission & Functions › Security Policy › Security Assistance › Departmental Personnel Security Human Reliability Program (HRP) Guidance Documents Security Technology Information Archive (STIA) Related Links › DOE › DOE CIO › NNSA › DOE CFO › NTC › S&S PIR Contact Us HSS Logo Director's Perspective Welcome to the Office of Security Assistance Samuel N. Callahan, Director Mission and Functions The Office of Health, Safety, and Security (HSS) created the Office of Security Assistance Program to provide timely technical assistance and system support to field and Headquarters elements to enhance site security programs, upon request. The program is comprised of technologists and subject matter experts from all security disciplines including Program Management, Protection Program Operations, Information Security, Materials Control and Accountability, and Personnel Security. HSS is committed to building a security assistance program to serve the interests of the Department based upon the needs of our customers - with emphasis on customer-focus and meeting multi-disciplinary security needs. In Fiscal Year 2007, HSS performed extensive assistance activities at the request of DOE/NNSA program offices and field sites. The activities ranged from special and routine site survey assistance, physical and technical security inspections in support of the Office of Intelligence, Vulnerability Assessment and Design Basis Threat (DBT) implementation assistance, third-party, adversary support, and DBT implementation and planning validation activities associated with the Site Assistance Visits and Technology Assistance Visits. The security assistance provided to our customers included technical expertise tailored to augment site capabilities in critical fields.

358

MasteringWeb Services Security MasteringWeb Services Security  

E-Print Network (OSTI)

Preview of MasteringWeb Services Security Preview of MasteringWeb Services Security Konstantin introduction Highlights of the book Web Services security problem XML Security WS-Security Security mechanisms for ASP.NET Web Services Planning and building secure Web Service systems ­ Architectural and policy

359

This Bug Man Is a Pest George Ledin teaches students how to write viruses, and it makes  

E-Print Network (OSTI)

's going on in Ledin's classroom. He has been likened to A.Q. Khan, the Pakistani scientist who sold--and the http://www.newsweek.com/2008/08/01/this-bug-man-is-a-pest.prin... 1 of 2 #12;hackers. "We've changed

Ravikumar, B.

360

Global Security | Y-12 National Security Complex  

NLE Websites -- All DOE Office Websites (Extended Search)

Security Security Global Security We train nuclear industry professionals, emergency responders and security forces from around the world to safeguard vulnerable materials. Nuclear nonproliferation - stopping the spread of nuclear materials - is a critical part of creating a safer world. Y-12 has been working in nonproliferation since the early 1990s in more than 25 countries. As the nation reduces the size of its arsenal, Y-12 will play a central role in decommissioning weapons systems and providing weapons material for peacetime uses. We are a leader across the National Nuclear Security Administration in implementing technology and current training to ensure materials are protected with the highest degree of confidence. We provide the expertise to secure highly enriched uranium - domestically

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


361

Security Notice | Y-12 National Security Complex  

NLE Websites -- All DOE Office Websites (Extended Search)

Security Notice Security Notice Security Notice Security Information This website is part of a federal computer system used to accomplish federal functions. Y-12 uses software programs to monitor this website for security purposes to ensure it remains available to all users and to protect information in the system. By accessing this website, you are expressly consenting to these monitoring activities. Unauthorized attempts to defeat or circumvent security features; to use the system for other than intended purposes; to deny service to authorized users; to access, obtain, alter, damage, or destroy information; or otherwise to interfere with the system or its operation - all are prohibited. Evidence of such acts may be disclosed to law enforcement authorities and result in criminal prosecution under the Computer Fraud and

362

NIST, Computer Security Division, Computer Security ...  

Science Conference Proceedings (OSTI)

... The NIST Handbook SP 800-12. SP 800-12 (HTML). NIST IR 7621, Oct 2009, Small Business Information Security: The Fundamentals NISTIR 7621. ...

363

Office of Headquarters Security Operations: Security Awareness...  

NLE Websites -- All DOE Office Websites (Extended Search)

Paul Ruehs Contact Information: Paul Ruehs - (301) 903-7189; Room F-324 Scope: The Security Awareness Program is established by DOE Order to inform individuals of their...

364

National Nuclear Security Administration  

NLE Websites -- All DOE Office Websites (Extended Search)

i. i. Message from the Administrator President Obama has reshaped our national security priorities making enterprise infrastructure modernization with integrated Information Technology (IT) capabilities a key strategic initiative. Our IT infrastructure must ensure that our workforce can access appropriate information in a secure, reliable, and cost-effective manner. Effective information sharing throughout the government enhances the national security of the United States (US). For the National Nuclear Security Administration (NNSA), effective information sharing helps strengthen our nuclear security mission; builds collaborative networks within NNSA as well as with the Department of Energy (DOE), Department of Defense (DoD), and other national security

365

Homeland Security Programs | ORNL  

NLE Websites -- All DOE Office Websites (Extended Search)

Homeland Security Programs Homeland Security Programs SHARE Homeland Security Programs The Homeland Security Programs support the Department of Homeland Security (DHS), other federal and state agencies, and commercial partners. Through the integration of a number of key competencies, ORNL is able to provide critical operational, technical, and scientific support to these sponsors. A key focus of this area is to translate the critical research into operational capability for the security, protection, response, and recovery of the nation against natural and man-made events. Research Areas detecting, preventing, and reversing the proliferation of weapons of mass destruction deploying integrated systems for incident awareness, detection, and response providing technology for detecting explosives at the

366

Learning mobile security with android security labware  

Science Conference Proceedings (OSTI)

As smart mobile devices grow increasingly in popularity, so do the incentives for attackers. Recent surveys on mobile security describe the rapidly increasing number and sophistication of mobile attacks. Newer sources of risks are being introduced or ... Keywords: android, labware, mobile security

Minzhe Guo; Prabir Bhattacharya; Ming Yang; Kai Qian; Li Yang

2013-03-01T23:59:59.000Z

367

Quantifying Security in Secure Software Development Phases  

Science Conference Proceedings (OSTI)

Secure software is crucial in todays software dependent world. However, most of the time, security is not addressed from the very beginning of a software development life cycle (SDLC), and it is only incorporated after the software has been developed. ...

Muhammad Umair Ahmed Khan; Mohammad Zulkernine

2008-07-01T23:59:59.000Z

368

SECURITY ASSESSMENTS: TOOLS FOR MEASURING THE EFFECTIVENESS OF SECURITY CONTROLS  

E-Print Network (OSTI)

SECURITY ASSESSMENTS: TOOLS FOR MEASURING THE EFFECTIVENESS OF SECURITY CONTROLS Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute of Standards and Technology The selection and implementation of security controls are critical decisions for protecting

369

Campus Security Report 1 Campus seCurity  

E-Print Network (OSTI)

Campus Security Report 1 Campus seCurity and Fire saFety report UC Santa Cruz 2010 #12;Campus Security Report 2 UC Santa Cruz Geography ........................................................ 8 Security and Access to Campus Buildings and Grounds ........................................ 8

Wilmers, Chris

370

Nuclear Security 101 | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

101 | National Nuclear Security Administration 101 | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Home > Media Room > Fact Sheets > Nuclear Security 101 Fact Sheet Nuclear Security 101 Mar 23, 2012 The goal of United States Government's nuclear security programs is to prevent the illegal possession, use or transfer of nuclear material,

371

Nuclear Security 101 | National Nuclear Security Administration  

NLE Websites -- All DOE Office Websites (Extended Search)

101 | National Nuclear Security Administration 101 | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Home > Media Room > Fact Sheets > Nuclear Security 101 Fact Sheet Nuclear Security 101 Mar 23, 2012 The goal of United States Government's nuclear security programs is to prevent the illegal possession, use or transfer of nuclear material,

372

Cyber Security Evaluations - Reports  

NLE Websites -- All DOE Office Websites (Extended Search)

Cyber Security Reports Cyber Security Reports 2012 Review of the Classified Cyber Security Programs at the Lawrence Livermore National Laboratory, January 2012, (OUO) Independent Oversight Review of the Classified Cyber Security Programs at the Savannah River Site, March 2012, (OUO) Independent Oversight Review of the Unclassified and Classified Cyber Security Programs at the Office of Scientific and Technical Information, March 2012, (OUO) Independent Oversight 2011 Report on Security Vulnerabilities of National Laboratory Computers, April 13, 2012, (OUO) Technical Review of the Office of Health, Safety and Security Classified Local Area Network, May 2012, (OUO) 2011 (U) Unclassified Cyber Security Technical Review of the Bonneville Power Administration Transmission Services Control Center Network, (OUO), May 2011

373

Secure Shell (SSH)  

NLE Websites -- All DOE Office Websites (Extended Search)

Secure Shell (SSH) Name: Rutaiwan Status: Educator Age: 20s Location: NA Country: NA Date: June 2003 Question: What is the Secure Shell (SSH)? What is a strong and weak points of...

374

Foundation for system security  

Science Conference Proceedings (OSTI)

We provide a coherent framework for the design and analysis of secure systems. Our framework is inspired by Lawrence Lessig's modalities of control, by Niklas Luhmann's theory of trust, by existing models of information security, and by existing models ...

Clark Thomborson

2009-01-01T23:59:59.000Z

375

Performance and security tradeoff  

Science Conference Proceedings (OSTI)

A tradeoff is a situation that involves losing one quality or aspect of something in return for gaining another quality or aspect. Speaking about the tradeoff between performance and security indicates that both, performance and security, can be measured, ...

Katinka Wolter; Philipp Reinecke

2010-06-01T23:59:59.000Z

377

Checking Security Policy Compliance  

E-Print Network (OSTI)

Ensuring compliance of organizations to federal regulations is a growing concern. This paper presents a framework and methods to verify whether an implemented low-level security policy is compliant to a high-level security policy. Our compliance checking framework is based on organizational and security metadata to support refinement of high-level concepts to implementation specific instances. Our work uses the results of refinement calculus to express valid refinement patterns and their properties. Intuitively, a low-level security policy is compliant to a high-level security policy if there is a valid refinement path from the high-level security policy to the low-level security policy. Our model is capable of detecting violations of security policies, failures to meet obligations, and capability and modal conflicts.

Gowadia, Vaibhav; Kudo, Michiharu

2008-01-01T23:59:59.000Z

378

NIST.gov - Computer Security Division - Computer Security ...  

Science Conference Proceedings (OSTI)

... Digital Age - Information Security Transformation for the ... to Information Systems (Transforming the Certification ... for Smart Grid Cyber Security (NIST ...

379

NIST.gov - Computer Security Division - Computer Security ...  

Science Conference Proceedings (OSTI)

... Automated Information Flows for Situational Awareness; Transformation of Dynamic Security ... Cyber security leadership in the Executive Branch. ...

380

NIST.gov - Computer Security Division - Computer Security ...  

Science Conference Proceedings (OSTI)

... per the Security Content Automation Protocol (SCAP ... securely install and configure a device; and; ... applicable scenarios and distribution formats, the ...

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


381

NIST.gov - Computer Security Division - Computer Security ...  

Science Conference Proceedings (OSTI)

... Nuclear Regulatory Commission; National Security Agency (File ... Richard S. Carson & Associates; RSA Securities; RU Consulting (File 1 of 2 ...

382

ADVANCED DATA SECURITY  

Science Conference Proceedings (OSTI)

ADVANCED DATA SECURITY. NVLAP Lab Code: 200968-0. Address and Contact Information: 1933 O'Toole Avenue San ...

2013-11-08T23:59:59.000Z

383

National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure...

384

Security system signal supervision  

SciTech Connect

This purpose of this NUREG is to present technical information that should be useful to NRC licensees for understanding and applying line supervision techniques to security communication links. A review of security communication links is followed by detailed discussions of link physical protection and DC/AC static supervision and dynamic supervision techniques. Material is also presented on security for atmospheric transmission and video line supervision. A glossary of security communication line supervision terms is appended. 16 figs.

Chritton, M.R. (BE, Inc., Barnwell, SC (United States)); Matter, J.C. (Sandia National Labs., Albuquerque, NM (United States))

1991-09-01T23:59:59.000Z

385

Verifiably secure devices  

Science Conference Proceedings (OSTI)

We put forward the notion of a verifiably secure device, in essence a stronger notion of secure computation, and achieve it in the ballot-box model. Verifiably secure devices 1. Provide a perfect solution to the problem of achieving correlated equilibrium, ...

Sergei Izmalkov; Matt Lepinski; Silvio Micali

2008-03-01T23:59:59.000Z

386

Understanding Android Security  

Science Conference Proceedings (OSTI)

Google's Android platform is a widely anticipated open source operating system for mobile phones. This article describes Android's security model and attempts to unmask the complexity of secure application development. The authors conclude by identifying ... Keywords: Android, mobile phones, Smartphones, security

William Enck; Machigar Ongtang; Patrick McDaniel

2009-01-01T23:59:59.000Z

387

Lemnos interoperable security project.  

Science Conference Proceedings (OSTI)

With the Lemnos framework, interoperability of control security equipment is straightforward. To obtain interoperability between proprietary security appliance units, one or both vendors must now write cumbersome 'translation code.' If one party changes something, the translation code 'breaks.' The Lemnos project is developing and testing a framework that uses widely available security functions and protocols like IPsec - to form a secure communications channel - and Syslog, to exchange security log messages. Using this model, security appliances from two or more different vendors can clearly and securely exchange information, helping to better protect the total system. Simplify regulatory compliance in a complicated security environment by leveraging the Lemnos framework. As an electric utility, are you struggling to implement the NERC CIP standards and other regulations? Are you weighing the misery of multiple management interfaces against committing to a ubiquitous single-vendor solution? When vendors build their security appliances to interoperate using the Lemnos framework, it becomes practical to match best-of-breed offerings from an assortment of vendors to your specific control systems needs. The Lemnos project is developing and testing a framework that uses widely available open-source security functions and protocols like IPsec and Syslog to create a secure communications channel between appliances in order to exchange security data.

Halbgewachs, Ronald D.

2010-03-01T23:59:59.000Z

388

Security auditing course development  

Science Conference Proceedings (OSTI)

As people increasingly depend on computers and network systems, security auditing has become one of the most effective security practices to achieve defense-in-depth in organizations. It follows an effective process to measure policies, procedures ... Keywords: IT audit, IT education, curriculum development, security

Yin Pan

2007-10-01T23:59:59.000Z

389

Energy, Climate & Infrastructure Security  

E-Print Network (OSTI)

Energy, Climate & Infrastructure Security EXCEPTIONAL SERVICE IN THE NATIONAL INTEREST Sandia Security Administration under contract DE-AC04-94AL85000. SAND 2012-1846P CustomTraining Sandia providesPRAsandhowtheycanbemanaged to increase levels of safety and security. Like othertrainings,Sandiaexpertsdesigncoursesto beasbroadorin

390

Human Rights and Security  

E-Print Network (OSTI)

Migration, Human Rights and Security in Europe MRU Student Conference Proceedings 2012 Edited by Siril Berglund, Helen McCarthy and Agata Patyna #12;2 "Migration, Human Rights and Security...............................................................................................58 #12;3 "Migration, Human Rights and Security in Europe", MRU Student Conference Proceedings

Saunders, Mark

391

UNIVERSITY POLICE ANNUAL SECURITY  

E-Print Network (OSTI)

UNIVERSITY POLICE 2013 ANNUAL SECURITY AND FIRE SAFETY GUIDE In compliance with the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act The University of New Orleans. Please take a moment to read the following information. #12;ANNUAL SECURITY AND FIRE SAFETY GUIDE 2013

Kulp, Mark

392

Functional Programming and Security  

E-Print Network (OSTI)

This paper analyses the security contribution of typical functional-language features by examining them in the light of accepted information security principles. Imperative and functional code are compared to illustrate various cases. In conclusion, there may be an excellent case for the use of functional languages on the grounds of better security; however, empirical research should be done to validate this possibility.

Motara, Yusuf Moosa

2012-01-01T23:59:59.000Z

393

Information Security Guide  

E-Print Network (OSTI)

Information Security Guide For Government Executives Pauline Bowen Elizabeth Chew Joan Hash #12; Table of Contents Introduction 1 Why do I need to invest in information security? 2 Where do I need to focus my attention in accomplishing critical information security goals? 4 What are the key activities

394

Energy, Climate & Infrastructure Security  

E-Print Network (OSTI)

Energy, Climate & Infrastructure Security EXCEPTIONAL SERVICE IN THE NATIONAL INTEREST Sandia Security Administration under contract DE-AC04-94AL85000. SAND 2012-0987P Transportation of the safe and secure transport of radioactive and hazardous materials. AWaytoEnsureSafeTransport Sandia

395

Program Areas | National Security | ORNL  

NLE Websites -- All DOE Office Websites (Extended Search)

Programs Initiatives Facilities Events and Conferences Supporting Organizations National Security Home | Science & Discovery | National Security | Program Areas SHARE Program...

396

Supporting Organizations | National Security | ORNL  

NLE Websites -- All DOE Office Websites (Extended Search)

Initiatives Facilities Events and Conferences Supporting Organizations National Security Home | Science & Discovery | National Security | Supporting Organizations SHARE Supporting...

397

Kernel-Correlated Levy Field Driven Forward Rate and Application to Derivative Pricing  

SciTech Connect

We propose a term structure of forward rates driven by a kernel-correlated Levy random field under the HJM framework. The kernel-correlated Levy random field is composed of a kernel-correlated Gaussian random field and a centered Poisson random measure. We shall give a criterion to preclude arbitrage under the risk-neutral pricing measure. As applications, an interest rate derivative with general payoff functional is priced under this pricing measure.

Bo Lijun [Xidian University, Department of Mathematics (China); Wang Yongjin [Nankai University, School of Business (China); Yang Xuewei, E-mail: xwyangnk@yahoo.com.cn [Nanjing University, School of Management and Engineering (China)

2013-08-01T23:59:59.000Z

398

Building security requirements with CLASP  

Science Conference Proceedings (OSTI)

Traditionally, security requirements have been derived in an ad hoc manner. Recently, commercial software development organizations have been looking for ways to produce effective security requirements.In this paper, we show how to build security ... Keywords: application security, security process, security requirements

John Viega

2005-07-01T23:59:59.000Z

399

Lemnos Interoperable Security Program  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Lemnos Interoperable Security Program Lemnos Interoperable Security Program Creating common language and metrics for describing functions of network security tools and testing for interoperability As energy control systems employ more Internet-based features and routable communication methods, the need grows for enhanced security functions, such as firewalls, virtual private networks (VPNs), and intrusion detection systems. When purchasing network security products, today's control systems users cannot adequately compare products from different vendors because the industry lacks a widely accepted mechanism for evaluating functionality, performance,

400

Security | Argonne National Laboratory  

NLE Websites -- All DOE Office Websites (Extended Search)

Security Security Nonproliferation and Nuclear Forensics Decision Science Sensors and Materials Security Enhancing national and homeland security requires technological advancements in everything from biosensors to risk assessments. Game-changing scientific discovery is required for the development of sensors, detectors and other technological advancements used to protect and defend our country. At Argonne, our highly collaborative community of scientists and engineers discover and develop critical security and defense technologies to prevent and mitigate events with the potential for mass disruption or destruction, thereby protecting our citizens and our national interests. Our goal is to make America a safer place through innovations in threat decision science, sensors and materials, infrastructure assurance,

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


401

An Object-Oriented Nano-Kernel for Operating System Hardware Support  

Science Conference Proceedings (OSTI)

Abstract: The nano-kernel in the /spl mu/Choices operating system provides hardware support for the operating system. The nano-kernel is a single, modular subsystem that encapsulates the hardware and presents an idealized machine architecture to the ... Keywords: /spl mu/Choices operating system hardware support, UNIX, Unix, abstract classes, hardware encapsulation, higher level abstractions, idealized machine architecture, interface, object-oriented methods, object-oriented nano-kernel, object-oriented programming, operating system kernels, policy, portable design, process paradigms, single modular subsystem, software portability, virtual memory

D. K. Raila

1995-08-01T23:59:59.000Z

402

Heat Kernel Short-Time Expansion within the Scope of Feynman-Kac Formula  

Science Conference Proceedings (OSTI)

The paper gives an outlook of the stochastic approach to derivation of heat kernel short-time asymptotic expansion and to effective evaluation of corresponding coefficients.

Stepin, S. A.; Rejrat, A. J. [Institute of Mathematics, University of Bialystok, Akademicka 2, 15-267 Bialystok (Poland)

2010-11-25T23:59:59.000Z

403

Engineering secure software  

E-Print Network (OSTI)

In recent years computer software has gained notoriety for the endemic nature of security problems in software. These problems have been exploited with malicious intent by attackers. Most attempts at fixing these problems have been after-the-fact fixes in the form of software patches. The root causes for security problems in software are explored. A survey of research attempts at engineering secure software is presented. The techniques discussed range from those that are very similar to classical software engineering, to those that may be used in analyses of security requirements, as well as tools that can help engineer secure software. The survey classifies the approaches as process-oriented and as tools-oriented. The current approaches are incomplete in nature. They seem to address the security problem in parts and not in the whole. A comprehensive methodology, integrated with evolutionary software engineering practices is presented. The methodology combines both process and tools oriented approaches to construct secure software.

Jetly, Prateek

2001-01-01T23:59:59.000Z

404

U-125: Cisco ASA Multiple Bugs Let Remote Users Deny Service...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Deny Service PLATFORM: Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module ABSTRACT: Several vulnerabilities were reported in...

405

U-029: TCP/IP Services for OpenVMS POP/IMAP Service Bug Lets...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

The patch kits and installation instructions are available from: HP Support Center Home. Addthis Related Articles U-032: Microsoft Security Bulletin Windows TCPIP MS11-083...

406

T-674: Drupal Secure Password Hashes Module Security Bypass Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

74: Drupal Secure Password Hashes Module Security Bypass 74: Drupal Secure Password Hashes Module Security Bypass Vulnerability T-674: Drupal Secure Password Hashes Module Security Bypass Vulnerability July 22, 2011 - 3:00pm Addthis PROBLEM: Drupal Secure Password Hashes Module Security Bypass Vulnerability PLATFORM: Drupal Secure Password Hashes 6.X-1.0 Drupal Secure Password Hashes 5.X-1.4 ABSTRACT: The Secure Password Hashes module for Drupal is prone to a security-bypass vulnerability. reference LINKS: Drupal Homepage SA-CONTRIB-2011-026 - Secure Password Hashes (phpass) - Multiple Vulnerabilities IMPACT ASSESSMENT: Medium Discussion: This module uses the PHPass hashing library to try to store users hashed passwords securely. The module sets a fixed string for the 'pass' column in the {users} database column but does not replace the pass attribute of the account

407

Safeguards and Security and Cyber Security RM  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Safeguards and Security and Safeguards and Security and Cyber Security Review Module March 2010 CD- -0 OFFICE O S CD-1 OF ENVIRO Standard Safeguar and Cy Rev Critical D CD-2 M ONMENTA Review Pla rds and S yber Secu view Modul Decision (CD CD March 2010 AL MANAG an (SRP) Security urity le D) Applicabili D-3 GEMENT ity CD-4 Post Ope eration Standard Review Plan, 2 nd Edition, March 2010 i FOREWORD The Standard Review Plan (SRP) 1 provides a consistent, predictable corporate review framework to ensure that issues and risks that could challenge the success of Office of Environmental Management (EM) projects are identified early and addressed proactively. The internal EM project review process encompasses key milestones established by DOE O 413.3A, Change 1, Program and Project Management for the Acquisition of Capital Assets, DOE-STD-

408

Office of Headquarters Security Operations: Operations Security...  

NLE Websites -- All DOE Office Websites (Extended Search)

The Office of Health, Safety and Security HSS Logo Department of Energy Seal Left Tab SEARCH Right Tab TOOLS Right Tab Left Tab HOME Right Tab Left Tab ABOUT US Right Tab Left Tab...

409

Office of Headquarters Security Operations: Headquarters Security...  

NLE Websites -- All DOE Office Websites (Extended Search)

The Office of Health, Safety and Security HSS Logo Department of Energy Seal Left Tab SEARCH Right Tab TOOLS Right Tab Left Tab HOME Right Tab Left Tab ABOUT US Right Tab Left Tab...

410

Cyberspace security: How to develop a security strategy  

E-Print Network (OSTI)

Despite all visible dividers, the Internet is getting us closer and closer, but with a great price. Our security is the price. The internatl. community is fully aware of the urgent need to secure the cyberspace as you see the multiplication of security standards and national schemes interpreting them beyond borders: ISO 15408, ISO 17799, and ISO 27001. Even though some countries, incl. the Security Big Six (SB6), are equipped with their security books and may feel relatively safe; this remains a wrong sense of security as long as they share their networks with entities of less security. The standards impose security best practices and system specifications for the development of information security management systems. Partners beyond borders have to be secure as this is only possible if all entities connected to the partnership remain secure. Unfortunately, there is no way to verify the continuous security of partners without periodic security auditing and certification, and members who do not comply should ...

Raggad, Bel G

2007-01-01T23:59:59.000Z

411

National Security Science Archive  

NLE Websites -- All DOE Office Websites (Extended Search)

National Security Science » National Security Science » NSS Archive National Security Science magazine Latest Issue:April 2013 All Issues » submit National Security Science Archive Using its broad and unique scientific and engineering capabilities, the Laboratory solves a diverse set of challenges to national and global security and the weapons programs. National Security Science magazine showcases the breadth and depth of the Laboratory's scientific and technical work to policy makers, the general public, academia, and scientific and technical experts. past issues cover Issue 2 2012 interactive | web | pdf past issues cover Issue 1 2012 interactive | web | pdf past issues cover Issue 3 2011 web | pdf past issues cover Issue 2 2011 web | pdf past issues cover Issue 1 2011 web | pdf past issues cover

412

Security and Privacy Notice  

NLE Websites -- All DOE Office Websites (Extended Search)

Security and Privacy Notice Security and Privacy Notice Thank you for visiting the Office of Health, Safety and Security (HSS) web site and reviewing our position on security and privacy. SECURITY NOTICE This web site is part of a Federal computer system and is the property of the United States Government. It is for authorized use only. The Department of Energy monitors this web site for security purposes to ensure it remains available and to protect information in the system. The Department of Energy uses software programs and additional equipment to monitor network traffic to identify unauthorized attempts to access, obtain, alter, damage or destroy information, or otherwise to interfere with the system or its operation. Any and all uses of this system and all files on this system

413

PNNL: Security & Privacy  

NLE Websites -- All DOE Office Websites (Extended Search)

Security & Privacy Security & Privacy Thank you for visiting the Pacific Northwest National Laboratory (PNNL) website (pnnl.gov) and reviewing our security and privacy policies. The following policies apply to all pages and sites in the pnnl.gov domain, unless otherwise noted. Security Notice This website is part of a Federal computer system used to accomplish Federal functions. The Department of Energy monitors this website for security purposes to ensure it remains available to all users and to protect information in the system. By accessing this website, you are expressly consenting to these monitoring activities. Unauthorized attempts to defeat or circumvent security features, to use the system for other than intended purposes, to deny service to authorized users, to access, obtain, alter, damage, or destroy information, or

414

Office of Security Operations  

NLE Websites -- All DOE Office Websites (Extended Search)

Office of Physical Protection Office of Physical Protection Bill Dwyer Director, 202-586-7887 Mission The mission of the Office of Physical Protection is to implement and oversee dedicated human resources, processes, and equipment designed to protect personnel and assets entrusted to our care at Department of Energy (DOE) Headquarters facilities. The Office is comprised of dedicated DOE Federal security professionals, Headquarters Protective Force personnel, and Alarms and Access Control Technicians. These security subject matter experts work together to ensure compliance with DOE Safeguards and Security regulations, Interagency Security Committee guidance, and federal laws. The result of this collaboration is a security program designed to ensure a safe and secure working environment for all Headquarters employees.

415

Security Topic Group  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Group Group Security and TEC * Tension exists between open forum concept of TEC and the ability of STG members to discuss security topics. - DOE will maintain the open forum - it will not form a subgroup of cleared members NAS Study * Some members want STG to formally recommend a fully independent review of security issues - DOE is reviewing the NAS study and has not formulated a position Security Topic Group (Continued) Classification Guide & Information Sharing Protocol * Guide is finished and undergoing internal concurrence - Slated for late September release * Protocol will be completed once the guide is issued Security-Related Lessons Learned * Lessons learned document was distributed and comments requested by the end of March Security Topic Group (Continued) SRG/CVSA Survey

416

TORCH Computational Reference Kernels - A Testbed for Computer Science Research  

Science Conference Proceedings (OSTI)

For decades, computer scientists have sought guidance on how to evolve architectures, languages, and programming models in order to improve application performance, efficiency, and productivity. Unfortunately, without overarching advice about future directions in these areas, individual guidance is inferred from the existing software/hardware ecosystem, and each discipline often conducts their research independently assuming all other technologies remain fixed. In today's rapidly evolving world of on-chip parallelism, isolated and iterative improvements to performance may miss superior solutions in the same way gradient descent optimization techniques may get stuck in local minima. To combat this, we present TORCH: A Testbed for Optimization ResearCH. These computational reference kernels define the core problems of interest in scientific computing without mandating a specific language, algorithm, programming model, or implementation. To compliment the kernel (problem) definitions, we provide a set of algorithmically-expressed verification tests that can be used to verify a hardware/software co-designed solution produces an acceptable answer. Finally, to provide some illumination as to how researchers have implemented solutions to these problems in the past, we provide a set of reference implementations in C and MATLAB.

Kaiser, Alex; Williams, Samuel Webb; Madduri, Kamesh; Ibrahim, Khaled; Bailey, David H.; Demmel, James W.; Strohmaier, Erich

2010-12-02T23:59:59.000Z

417

A Neutron Scattering Kernel of Solid Methane in phase II  

E-Print Network (OSTI)

A neutron scattering cross section model for solid methane was studied in the temperature ranges of 20.4$\\sim$4K. The analytical scattering kernel was adapted from Ozaki.$\\it{et al.}$\\cite{ozaki:3442}\\cite{ozaki2} to describe molecular rotation in this temperature range. This model includes a molecular translation and intramolecular vibration as well as the rotational degree of freedom in effective ways. Total scattering cross sections were calculated from the model and evaluated by comparing with the cross section measurement of Grieger\\cite{grieger:3161} and Whittemore\\cite{Wittemore} for incident neutron energy of 0.1 \\textit{meV} $\\sim$ 1\\textit{eV}. We produced frequency spectra from the model in the temperature range. The results were also compared with the Harker $&$ Brugger frequency spectrum at 22K\\cite{HARKER1967}. For broader applications, neutron scattering kernels for MCNP (Monte Carlo N Particle Transport Code) were produced at 20K and 4K from the frequency spectra using NJOY code. The scatt...

Shin, Yunchang; Liu, Chen-yu; Lavelle, Christopher M; Baxter, David V

2007-01-01T23:59:59.000Z

418

Security (Un-)Usability 17 Security Usability Fundamentals  

E-Print Network (OSTI)

Security (Un-)Usability 17 Security Usability Fundamentals An important consideration when you're building an application is the usability of the security features that you'll be employing. Security experts frequently lament that security has been bolted onto applications as an afterthought, however

Cortes, Corinna

419

Borel summation of the small time expansion of the heat kernel with a vector potential  

E-Print Network (OSTI)

We study the Borel summability of the small time expansion of the heat kernel associated to a first order perturbation of a Laplacian. An explicit formula for this kernel plays a central role. As a consequence, we get a Poisson formula on the torus.

Thierry Harge

2013-02-04T23:59:59.000Z

420

Linking non-binned spike train kernels to several existing spike train metrics  

Science Conference Proceedings (OSTI)

This work presents three kernel functions that can be used as inner product operators on non-binned spike trains, allowing the use of state-of-the-art classification techniques. One of the main advantages is that this approach does not require the spike ... Keywords: Kernel methods, Non-binned, Spike train classification, Spike train metrics

Benjamin Schrauwen; Jan Van Campenhout

2007-03-01T23:59:59.000Z

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


421

Enterprise Cyber Security Posture  

Science Conference Proceedings (OSTI)

... to enable organizations to transform uncertainties into ... org/issues- research/telecom/security-breach-notification ... systems C. Cyber-physical systems ...

2013-04-10T23:59:59.000Z

422

Hazardous Material Security (Maryland)  

Energy.gov (U.S. Department of Energy (DOE))

All facilities processing, storing, managing, or transporting hazardous materials must be evaluated every five years for security issues. A report must be submitted to the Department of the...

423

Nevada National Security Site  

NLE Websites -- All DOE Office Websites (Extended Search)

of nuclear weapons and storing special nuclear materials. Other activities include environmental management, national security response, and defense and civil technologies....

424

Security - Identification Badges  

Science Conference Proceedings (OSTI)

Security - Identification Badges. All doors to the Child Care Center are locked at all times and access is via the card reader system only. ...

2013-08-15T23:59:59.000Z

425

Seamless and Secure Mobility  

Science Conference Proceedings (OSTI)

... layer techniques and the use of advanced measurement in order to accurately assess and manage the performance and security characteristics of ...

2013-11-27T23:59:59.000Z

426

security blunders (INMM 2010)  

NLE Websites -- All DOE Office Websites (Extended Search)

OF SECURITY BLUNDERS Roger G. Johnston and Jon S. Warner Vulnerability Assessment Team Nuclear Engineering Division Argonne National Laboratory 9700 S. Cass Ave, Building 206,...

427

DOC Information System Security Conference on Innovating ...  

Science Conference Proceedings (OSTI)

... B. Walsh, Acting Director, Cyber Security Program, Department of Homeland Security. ... R. Clark, Senior Advisor National and Cyber Security, DOC. ...

2013-06-28T23:59:59.000Z

428

National Nuclear Security Administration Overview | Department...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Nuclear Security Administration Overview National Nuclear Security Administration Overview National Nuclear Security Administration Overview More Documents & Publications National...

429

SECURITY TERMINATION STATEMENT | Department of Energy  

NLE Websites -- All DOE Office Websites (Extended Search)

SECURITY TERMINATION STATEMENT SECURITY TERMINATION STATEMENT Form provides an individual's statement in connection with the termination of access authorization (security...

430

Annual Security Report October 2012  

E-Print Network (OSTI)

1 Annual Security Report October 2012 Mission Statement The Campus Security and Parking Services Department ("Security") exists to provide a secure and welcoming research, educational, and work environment in which security concerns are balanced with freedom of movement in an open campus atmosphere while

Goddard III, William A.

431

Dumb Ideas in Computer Security  

E-Print Network (OSTI)

Dumb Ideas in Computer Security Dr Charles P Pfleeger Pfleeger Consulting Group 19 July 2011 chuck Security" (2005) http://www.ranum.com/security/computer_security/editorials/dumb/ Default permit Ideas in Computer Security 219 Jul 2011 #12;Struck a Nerve Results 1-10 of about 2,030,000 for dumb

432

Security and Cyber Evaluations - Guidance Documents  

NLE Websites -- All DOE Office Websites (Extended Search)

Guidance Documents Security and Cyber Evaluations Security Evaluations Appraisal Process Guide, April 2008 Cyber Security Evaluations Appraisal Process Guide, April 2008 Security...

433

Integrated Security System | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Integrated Security System Integrated Security System A security platform providing multi-layer intrusion detection and security management for a networked energy control systems...

434

Nevada National Security Site | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Nevada National Security Site Nevada National Security Site Nevada National Security Site | October 2011 Control Point Nevada National Security Site | October 2011 Control Point...

435

Headquarters Facilities Master Security Plan | Department of...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Security Headquarters Facilities Master Security Plan Headquarters Facilities Master Security Plan Welcome to the 2013 version of the Headquarters Facilities Master Security...

436

Physical Security Reports | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Oversight Security & Cyber Evaluations Security and Cyber Guidance Physical Security Reports Physical Security Reports 2012 (U) Pantex Plant Protective Force Response...

437

Tag: Global Security | Y-12 National Security Complex  

NLE Websites -- All DOE Office Websites (Extended Search)

Global Security Global Security Tag: Global Security Displaying 1 - 10 of 61... Category: Global Security Ultrasonic cleaner cuts costs, enhances safety The process of upgrading an old cleaning unit revealed how things were once done and the advances that have followed. More... Category: Global Security Well Logging Security Initiatives GTRI demonstrates the threat to the security of (oil) well logging systems and outlines the initiatives that are enhancing the security of these sources worldwide. More... Category: Global Security Y-12 Receives Two R&D 100 Awards Engineers at the National Nuclear Security Administration's Y-12 National Security Complex have won two R&D 100 Awards. More... Category: Global Security Y-12 researchers garner R&D 100 awards A research chemist and his revolutionary cloth invented to clean surfaces

438

Cultivar and E-Beam irradiation effects on phytochemical content and antioxidant properties of pecan kernels  

E-Print Network (OSTI)

Pecan kernels from six cultivars were analyzed for phenolic content and antioxidant properties. In addition, kernels from two cultivars were irradiated with 0, 1.5 and 3.0 kGy using E-Beam irradiation and stored in accelerated conditions (40 °C and 55% R.H.). Changes in phytochemical profile and antioxidant properties were monitored for 134 days. Cultivars differed greatly in their phytochemical content. Total extractable phenolic content (TP) ranged from 62 to 106 milligrams of chlorogenic acid equivalents per gram of defatted kernel. Antioxidant capacity (AC) measured by the DPPH free radical had a strong correlation with TP. Shells from each cultivar were 6, 4.5 and 18 times greater for TP, AC and condensed tannin content (CT). Gallic and ellagic acids, epicatechin and catechin were identified in hydrolyzed extracts of all cultivars. Prior to hydrolysis, no compounds were positively identified. Fatty acid profile of kernel oil had a strong inverse correlation between oleic and linoleic oil. Kernels from the same cultivar but different location differed in their fatty acid composition but had similar TP. Irradiation of Kanza and Desirable kernels with 1.5 and 3.0 kGy had no detrimental effects on AC and TP by the end of experiments. Phenolic profile was similar for all treatments. Tocopherol content decreased with irradiation treatments, but no further degradation was observed throughout storage. Peroxide values increased slightly after 98 and 134 days of storage for Desirable kernels, with slight differences between controls and irradiated samples. Color of kernels decreased in lightness and yellowness and increased in redness with no differences between irradiated samples and controls. For the first time the effect of pecan cultivar and E-Beam irradiation was assessed in phytochemical and antioxidant attributes of pecan kernels. Additionally, irradiation with E-Beam had no significant detrimental effects in phytochemical composition and only a slight increase in peroxide value, indicating potential as pecan kernel sanitization.

Villarreal Lozoya, Jose Emilio

2006-05-01T23:59:59.000Z

439

Secure video communications system  

DOE Patents (OSTI)

A secure video communications system having at least one command network formed by a combination of subsystems. The combination of subsystems to include a video subsystem, an audio subsystem, a communications subsystem, and a control subsystem. The video communications system to be window driven and mouse operated, and having the ability to allow for secure point-to-point real-time teleconferencing.

Smith, Robert L. (Idaho Falls, ID)

1991-01-01T23:59:59.000Z

440

NIST.gov - Computer Security Division - Computer Security ...  

Science Conference Proceedings (OSTI)

... and Space Administration, the National Security Agency, the Department of Energy, the US Office of Management and Budget, the Social Security ...

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


441

Well Logging Security Initiatives | Y-12 National Security Complex  

NLE Websites -- All DOE Office Websites (Extended Search)

Well Logging Security ... Well Logging Security Initiatives The mp4 video format is not supported by this browser. Download video Captions: On Watch as GTRI demonstrates the threat...

442

Berkeley Lab Cyber Security - Cyber Security Website - Berkeley...  

NLE Websites -- All DOE Office Websites (Extended Search)

Department of Energy logo Phone Book Jobs Search Contact Us About CPIC Intranet Cyber Home Resources Training Requirements Search Cyber Security Cyber Security Website FAQs...

443

NIST.gov - Computer Security Division - Computer Security ...  

Science Conference Proceedings (OSTI)

... NIST Computer Security Division is Proud to Announce the Release of DRAFT NISTIR 7298, Revision 2: NIST Glossary of Key Information Security ...

444

Security and Training | Y-12 National Security Complex  

NLE Websites -- All DOE Office Websites (Extended Search)

Training Security and Training Instability in parts of the world and increased terrorist activities worldwide intensify security concerns in protecting personnel, materials and...

445

From National Security to Environmental Security: A Historical Overview .  

E-Print Network (OSTI)

??The study attempts to provide a historical approach to the role of the environment in security studies. Contemporary security challenges have shown that the narrow (more)

Vella, Andre`

2012-01-01T23:59:59.000Z

446

The Office of Nuclear Safeguards and Security | National Nuclear Security  

National Nuclear Security Administration (NNSA)

Safeguards and Security | National Nuclear Security Safeguards and Security | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog The Office of Nuclear Safeguards and Security Home > About Us > Our Programs > Nonproliferation > Nonproliferation & International Security > The Office of Nuclear Safeguards and Security The Office of Nuclear Safeguards and Security

447

NIST.gov - Computer Security Division - Computer Security ...  

Science Conference Proceedings (OSTI)

... To receive email notification(s) when new security publications are released, subscribe to the CSRC Publications Mailing List. ... NIST Security Events. ...

448

Securing Control Systems Modems  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Recommended Practice for Securing Recommended Practice for Securing Control System Modems January 2008 iii ABSTRACT This paper addresses an often overlooked "backdoor" into critical infrastructure control systems created by modem connections. A modem's connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods. iv ACKNOWLEDGEMENT This document was developed for the U.S. Department of Homeland

449

International Nuclear Security  

SciTech Connect

This presentation discusses: (1) Definitions of international nuclear security; (2) What degree of security do we have now; (3) Limitations of a nuclear security strategy focused on national lock-downs of fissile materials and weapons; (4) What do current trends say about the future; and (5) How can nuclear security be strengthened? Nuclear security can be strengthened by: (1) More accurate baseline inventories; (2) Better physical protection, control and accounting; (3) Effective personnel reliability programs; (4) Minimize weapons-usable materials and consolidate to fewer locations; (5) Consider local threat environment when siting facilities; (6) Implement pledges made in the NSS process; and (7) More robust interdiction, emergency response and special operations capabilities. International cooperation is desirable, but not always possible.

Doyle, James E. [Los Alamos National Laboratory

2012-08-14T23:59:59.000Z

450

PRIVACY/SECURITY NOTICE  

NLE Websites -- All DOE Office Websites (Extended Search)

PRIVACY/SECURITY NOTICE PRIVACY/SECURITY NOTICE By continuing to use this system you indicate your awareness of and consent to the following terms and conditions of use. LOG OFF IMMEDIATELY if you do not agree to the conditions stated in this warning. SECURITY NOTICE This Web site is part of a Federal computer system used to accomplish Federal functions. The Department of Energy monitors this Web site for security purposes to ensure it remains available to all users and to protect information in the system. The system employs software programs to monitor network traffic to identify unauthorized activities. By accessing this Web site, you are expressly consenting to these monitoring activities. Unauthorized attempts to defeat or circumvent security features; to use the system for other than intended purposes; to deny service to authorized

451

Secure Contexts (Extended Abstract)  

E-Print Network (OSTI)

Information flow security in a multilevel system aims at guaranteeing that no high level information is revealed to low levels. A usual requirement to ensure information flow security for a process is that no generic attacker can induce a high-to-low information flow. This requirement is too demanding when we have some knowledge about the contexts where the process is going to run. To deal with these situations we introduce the notion of secure contexts for a process. The notion is parametric with respect to both the observational equivalence and the operation used to characterize the low level behavior. In the paper we mainly analyze the cases of bisimulation and trace equivalence. We describe how to build secure contexts in these cases and we show that two well-known security properties, BNDC and NDC, are just special instances of our general notion.

Annalisa Bossi; Damiano Macedonio; Carla Piazza; Sabina Rossi

2003-01-01T23:59:59.000Z

452

Indirection and computer security.  

SciTech Connect

The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyze common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.

Berg, Michael J.

2011-09-01T23:59:59.000Z

453

Security Assistance | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Security Assistance Security Assistance Security Assistance Welcome to Security Assistance Samuel N. Callahan, Director Mission and Functions The Office of Health, Safety, and Security (HSS) created the Office of Security Assistance Program to provide timely technical assistance and system support to field and Headquarters elements to enhance site security programs, upon request. The program is comprised of technologists and subject matter experts from all security disciplines including Program Management, Protection Program Operations, Information Security, Materials Control and Accountability, and Personnel Security. HSS is committed to building a security assistance program to serve the interests of the Department based upon the needs of our customers - with emphasis on customer-focus and meeting multi-disciplinary security needs. In Fiscal

454

Evaluating mobile agent platform security  

Science Conference Proceedings (OSTI)

Agent mobility requires additional security standards. While the theoretical aspects of mobile agent security have been widely studied, there are few studies about the security standards of current agent platforms. In this paper, test cases are proposed ...

Axel Brkle; Alice Hertel; Wilmuth Mller; Martin Wieser

2006-09-01T23:59:59.000Z

455

UC SECURITY FRAMEWORK 2011 -2012  

E-Print Network (OSTI)

1 UC SECURITY FRAMEWORK 2011 - 2012 #12;2 Contents Background..................................................................................................................................4 About UC Security & Campus Community Support .................................................................5 Security Service Authority and Relationship with NZ Police and Emergency Services ...........5

Hickman, Mark

456

The security of machine learning  

E-Print Network (OSTI)

of the IEEE symposium on security and privacy (pp. 188201).and communications security (CCS) (pp. 5968). Globerson,detection. In USENIX security symposium. Klimt, B. , & Yang,

Barreno, Marco; Nelson, Blaine; Joseph, Anthony D.; Tygar, J. D.

2010-01-01T23:59:59.000Z

457

January 2005 INTEGRATING IT SECURITY  

E-Print Network (OSTI)

January 2005 INTEGRATING IT SECURITY INTO THE CAPITAL PLANNING AND INVESTMENT CONTROL PROCESS By Joan S. Hash, Computer Security Division, Information Technology Laboratory, National Institute of Standards and Technology Introduction To assist federal agencies with effec tively integrating security

458

SCADA system security, complexity, and security proof  

Science Conference Proceedings (OSTI)

Modern Critical infrastructures have command and control systems. These command and control systems are commonly called supervisory control and data acquisition (SCADA). In the past, SCADA system has a closed operational environment, so these systems ... Keywords: 11770-2 mechanism 9, Formal security poof, SCADA, key management

Reda Shbib; Shikun Zhou; Khalil Alkadhimi

2012-11-01T23:59:59.000Z

459

Remote PC Security: Securing the home worker  

Science Conference Proceedings (OSTI)

A recent study of 1000 teleworkers in 10 countries, commissioned by Cisco, showed that one in five allows friends, family and others to use their work PC to access the Internet. Now is the time to pull stray remote workers back into the security fold. ...

Steven Furnell

2006-11-01T23:59:59.000Z

460

Office of Security Operations: Headquarters Security Officers (HSO) Program  

NLE Websites -- All DOE Office Websites (Extended Search)

Headquarters Security Officers (HSO) Program Headquarters Security Officers (HSO) Program Responsible Individual/Contact: Wayne Berkebile - (301) 903-1163 - D-320 Scope: The Headquarters Security Officer (HSO) Program was established in 1990 by the Under Secretary of Energy in order to improve communications between the Office of Headquarters Security Operations and component organizations within DOE Headquarters. It is governed by DOE Headquarters Order 472.1, Headquarters Security Officer Program, dated 3-19-2010. Each Headquarters element is required to appoint at least one HSO and an Alternate HSO. HSOs perform a wide variety of security-related functions within their element such as obtaining security badges and clearances, maintaining Security Areas, acquiring security equipment, implementing procedures for protecting classified and sensitive information, conducting security inquiries, and arranging for required security services.

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


461

Security Suites | ornl.gov  

NLE Websites -- All DOE Office Websites (Extended Search)

Security Suites Available by Internet Service Providers Comcast Comcast offers the Norton Security Suite with antivirus and firewall software for your protection, for no additional...

462

Security and Suitability Process Reform  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Security and Suitability Process Reform December 2008 Provided by the Joint Security and Suitability Reform Team EXECUTIVE OFFICE OF THE PRESIDENT OFFICE OF MANAGEMENT AND BUDGET...

463

Smart-Grid Security Issues  

Science Conference Proceedings (OSTI)

TITLE: Smart-Grid Security Issues (Editorial Material, English) IEEE SECURITY & PRIVACY 8 (1). JAN-FEB 2010. p.81-85 IEEE COMPUTER SOC, LOS ALAMITOS

Khurana, Himanshu; Hadley, Mark D.; Lu, Ning; Frincke, Deborah A.

2010-01-29T23:59:59.000Z

464

Privacy/Security Policy  

NLE Websites -- All DOE Office Websites (Extended Search)

Privacy/Security Privacy/Security Privacy/Security Policy This web site is part of a federal computer system used to accomplish federal functions. Read the following important privacy and security information carefully. Security Notice October 31, 2000 This web site is part of a federal computer system used to accomplish federal functions. The Department of Energy monitors this web site for security purposes to ensure that it remains available to all users and to protect information in the system. By accessing this web site, you are expressly consenting to these monitoring activities. Unauthorized attempts to defeat or circumvent security features, to use the system for other than intended purposes, to deny service to authorized users, to access, obtain, alter, damage, or destroy information, or otherwise to interfere with the system or its operation are prohibited. Evidence of such acts may be disclosed to law enforcement authorities and result in criminal prosecution under the Computer Fraud and Abuse Act of 1986 (Pub. L. 99-474) and the National Information Infrastructure Protection Act of 1996 (Pub. L. 104-294), (18 U.S.C. 1030), or other applicable criminal laws.

465

Kernel functions and Baecklund transformations for relativistic Calogero-Moser and Toda systems  

SciTech Connect

We obtain kernel functions associated with the quantum relativistic Toda systems, both for the periodic version and for the nonperiodic version with its dual. This involves taking limits of previously known results concerning kernel functions for the elliptic and hyperbolic relativistic Calogero-Moser systems. We show that the special kernel functions at issue admit a limit that yields generating functions of Baecklund transformations for the classical relativistic Calogero-Moser and Toda systems. We also obtain the nonrelativistic counterparts of our results, which tie in with previous results in the literature.

Hallnaes, Martin [School of Mathematics, Loughborough University, Loughborough LE11 3TU (United Kingdom); Ruijsenaars, Simon [School of Mathematics, University of Leeds, Leeds LS2 9JT (United Kingdom)

2012-12-15T23:59:59.000Z

466

Home Network Security  

E-Print Network (OSTI)

Home computers that are connected to the Internet are under attack and need to be secured. That process is relatively well understood, even though we do not have perfect solutions today and probably never will. Meanwhile, however, the home computing environment is evolving into a home network of multiple devices, which will also need to be secured. We have little experience with these new home networks and much research needs to be done in this area. This paper gives a view of the requirements and some of the techniques available for securing home networks.

Technology Journal Interoperable; Carl M. Ellison; Corporate Technology Group; Intel Corporation

2002-01-01T23:59:59.000Z

467

Federal Computer Security Program Managers' Forum (Forum ...  

Science Conference Proceedings (OSTI)

Federal Computer Security Program Managers' Forum. Summary: The Federal Computer Security Program Managers' Forum ...

2013-01-15T23:59:59.000Z

468

Global Nuclear Security Technology Division (GNSTD)  

NLE Websites -- All DOE Office Websites (Extended Search)

Systems Nonproliferation Technology Nuclear Material Detection & Characterization Nuclear Security Advanced Technologies Safeguards & Security Technology Threat Reduction...

469

Federal Information Systems Security Educators' Association ...  

Science Conference Proceedings (OSTI)

Federal Information Systems Security Educators' Association (FISSEA). Summary: The Federal Information Systems Security ...

2013-01-15T23:59:59.000Z

470

Border Gateway Protocol - Robustness and Security  

Science Conference Proceedings (OSTI)

Border Gateway Protocol - Robustness and Security. Summary: This project focuses on Robustness, Security, and Scalability ...

2012-05-03T23:59:59.000Z

471

NIST Highlight about workshop on homeland security ...  

Science Conference Proceedings (OSTI)

Workshop on Homeland Security Standards. On ... Related Links: ANSI Homeland Security Standards Panel. Contact. General ...

2011-12-14T23:59:59.000Z

472

NIST.gov - Computer Security Division - Computer Security ...  

Science Conference Proceedings (OSTI)

... Risks posters; National Security Agency Counterintelligence Awareness (301-688-6535); Native Intelligence, Inc. Rainbow ...

473

SOCIAL SECURITY ADMINISTRATION Application for a Social Security Card  

E-Print Network (OSTI)

SOCIAL SECURITY ADMINISTRATION Application for a Social Security Card Applying for a Social Security Card is easy AND it is FREE! If you DO NOT follow these instructions, we CANNOT process your and evidence to any Social Security office. Follow instructions below. HOW TO COMPLETE THE APPLICATION Most

Li, Mo

474

Safety and Security What do Safety/Security work with?  

E-Print Network (OSTI)

Safety and Security on campus #12;Agenda · What do Safety/Security work with? · If something happens · Opening hours · Remember · Website · How to find us #12;The Section for Safety and Security work with; · Security revolving work environment · Handle locks, keys, alarms, surveillance · Responsible

475

28 00 00 ELECTRONIC SAFETY AND SECURITY ELECTRONIC SECURITY  

E-Print Network (OSTI)

28 00 00 ELECTRONIC SAFETY AND SECURITY ELECTRONIC SECURITY SYSTEM DESIGN, CONSTRUCTION Services #12;28 00 00 ELECTRONIC SAFETY AND SECURITY August 8, 2011 2 THE UNIVERSITY OF TEXAS AT AUSTIN ELECTRONIC SECURITY SYSTEM DESIGN, CONSTRUCTION AND COMMISSIONING GUIDE PART 1 - GENERAL 1.1 NOTICE

Texas at Austin, University of

476

28 00 00 ELECTRONIC SAFETY AND SECURITY ELECTRONIC SECURITY  

E-Print Network (OSTI)

28 00 00 ELECTRONIC SAFETY AND SECURITY ELECTRONIC SECURITY SYSTEM DESIGN, CONSTRUCTION Services #12;28 00 00 ELECTRONIC SAFETY AND SECURITY May 1, 2013 2 THE UNIVERSITY OF TEXAS AT AUSTIN ELECTRONIC SECURITY SYSTEM DESIGN, CONSTRUCTION AND COMMISSIONING GUIDE PART 1 - GENERAL 1.1 NOTICE

Texas at Austin, University of

477

National Security Information Systems (NSIS) -National Security Systems &  

NLE Websites -- All DOE Office Websites (Extended Search)

NSSA: National Security Information Systems NSSA: National Security Information Systems Nonproliferation & National Security (NPNS) Overview Technical Nonproliferation Policy Support Strategic Trade Control Review of export license applications Multilateral Export Control Arrangements Interdiction Engagement & Training INECP INSEP GIPP Safeguards Concepts and Approaches Human Capital Development Additional Protocol Technical Assistance National Security Systems & Assessments National Security Information Systems Vulnerability Assessment Team (VAT) Radiation Detection & Response (RDR) Contact NPNS Other Major Programs Work with Argonne Contact us For Employees Site Map Help Join us on Facebook Follow us on Twitter NE Division on Flickr Nonproliferation and National Security Program National Security Systems & Assessments

478

Information Security: Coordination of Federal Cyber Security Research and  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Security: Coordination of Federal Cyber Security Security: Coordination of Federal Cyber Security Research and Development Information Security: Coordination of Federal Cyber Security Research and Development GAO recommends that the Office of Science and Technology Policy establish timelines for developing a federal agenda for cyber security research. GAO also recommends that the Office of Management and Budget (OMB) issue guidance to agencies for providing cyber security research data to repositories. In commenting on a draft of this report, OMB stated that it would review the need for such guidance. Information Security: Coordination of Federal Cyber Security Research and Development More Documents & Publications Networking and Information Technology Research and Development Supplement to the President's Budget (February 2010)

479

Erera, Spring School 2004 Transportation Security  

E-Print Network (OSTI)

! Transportation security research: future #12;Erera, Spring School 2004 Outline ! Understanding transportationErera, Spring School 2004 Transportation Security Alan Erera and Chelsea C. White III Industrial transportation security ! Security regulations and programs ! Transportation security research: present

Erera, Alan

480

Security/Disclaimer  

Office of Scientific and Technical Information (OSTI)

U.S. Department of Energy DOE Green Energy Home & Search About Contact Us Javascript Not Enabled OSTI Security Website Policies and Important Links Some links on this page may take...

Note: This page contains sample records for the topic "kernel security bug" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


481

National Security, Weapons Science  

NLE Websites -- All DOE Office Websites (Extended Search)

National Security, Weapons Science National Security, Weapons Science /science-innovation/_assets/images/icon-science.jpg National Security, Weapons Science National security depends on science and technology. The United States relies on Los Alamos National Laboratory for the best of both. No place on Earth pursues a broader array of world-class scientific endeavors. Dual-Axis Radiographic Hydrodynamic Test Facility (DARHT) The Dual-Axis Radiographic Hydrodynamic Test Facility at LANL is part of the DOE's stockpile stewardship program. It uses two large X-ray machines to record three-dimensional interior images of materials. In most experiments, materials (including plutonium) undergo hydrodynamic shock to simulate the implosion process in nuclear bombs and/or the effects of severe hydrodynamic stress. The tests are described as "full-scale mockups

482

Internet Security Glossary  

Science Conference Proceedings (OSTI)

This Glossary (191 pages of definitions and 13 pages of references) provides abbreviations, explanations, and recommendations for use of information system security terminology. The intent is to improve the comprehensibility of writing that deals with ...

R. Shirey

2000-05-01T23:59:59.000Z

483

Office of Security Enforcement  

NLE Websites -- All DOE Office Websites (Extended Search)

The Office of Health, Safety and Security HSS Logo Department of Energy Seal Left Tab SEARCH Right Tab TOOLS Right Tab Left Tab HOME Right Tab Left Tab ABOUT US Right Tab Left Tab...

484

Office of Security Operations  

NLE Websites -- All DOE Office Websites (Extended Search)

The Office of Health, Safety and Security HSS Logo Department of Energy Seal Left Tab SEARCH Right Tab TOOLS Right Tab Left Tab HOME Right Tab Left Tab ABOUT US Right Tab Left Tab...

485

National Nuclear Security Administration  

NLE Websites -- All DOE Office Websites (Extended Search)

Nuclear Security Administration FY 2011 - FY 2015 Budget Outlook Managing the NNSA 4.0% Science, Technology & Engineering 14.5% Stockpile Support 17.9% Preventing the Spread of...

486

Wi-Fi security  

Science Conference Proceedings (OSTI)

"ALL [wireless security] mechanisms are completely in-effective" was the conclusion of a study by the Department of Computer Science at the University of Maryland. This discussion will systematically shed light on the inherent insecurities involved with ...

Paul Williams

2006-04-01T23:59:59.000Z

487

National Nuclear Security Administration  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

AI~W~~l AI~W~~l 11Vl'~~4 National Nuclear Security Administration Department of Energy National Nuclear Security Administration Nevada Site Office P.O. Box 98518 Las Vegas, NV 89193-8518 JAN! 8 2013 Gregory H. Woods, General Counsel, DOE/HQ (GC-1) FORS NATIONAL NUCLEAR SECURITY ADMINISTRATION NEVADA SITE OFFICE (NNSA/NSO) NATIONAL ENVIRONMENTAL POLICY ACT (NEPA) ANNUAL SUMMARY In accordance with DOE Order 451.1B, National Environmental Policy Act Compliance Program, NNSA/NSO is submitting the enclosed Annual NEP A Planning Summary. The document provides a brief description of ongoing and planned NEP A actions for calendar year 2013. This summary provides information for completion of the Site- Wide Environmental Impact Statement for the Nevada National Security Site and Off-Site Locations in the State of Nevada.

488

Incidents of Security Concern  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

NOT MEASUREMENT NOT MEASUREMENT SENSITIVE DOE-STD-1210-2012 September 2012 DOE STANDARD Incidents of Security Concern U.S. Department of Energy AREA SANS Washington, D.C. 20585 DISTRIBUTION STATEMENT A. Approved for public release; distribution is unlimited. DOE-STD-1210-2012 INTENTIONALLY BLANK DOE-STD-1210-2012 TABLE OF CONTENTS PARAGRAPH PAGE FOREWORD ................................................................................................................................ IV INCIDENTS OF SECURITY CONCERN......................................................................................1 1. SCOPE ....................................................................................................................................1 2. PURPOSE...............................................................................................................................1

489

Security Resiliency Testing  

Science Conference Proceedings (OSTI)

An accepted practice within the electric sector is to pre-stage and test equipment before deployment. Verification of functionality, operating parameters, and interoperability of equipment to be deployed can often be incorporated into predeployment testing. This testing may also support the selection of features responsible for the security of the host equipment. However, some security features and many aspects of resiliency testing may require activation, interaction, and interoperability with an ...

2013-12-02T23:59:59.000Z

490

Transportation Security Update  

Science Conference Proceedings (OSTI)

The U.S. Department of Transportation (DOT) final rules issued in 2003 required persons who offer for transportation or transport certain hazardous materials to develop and implement security plans. The Electric Power Research Institute (EPRI) formed a Transportation Security Implementation Working Group, which included representation from the Nuclear Energy Institute (NEI), to identify key projects, which were documented in the original report in 2005. This report updates information in the original rep...

2011-07-27T23:59:59.000Z

491

Data port security lock  

DOE Patents (OSTI)

In a security apparatus for securing an electrical connector, a plug may be fitted for insertion into a connector receptacle compliant with a connector standard. The plug has at least one aperture adapted to engage at least one latch in the connector receptacle. An engagement member is adapted to partially extend through at least one aperture and lock to at least one structure within the connector receptacle.

Quinby, Joseph D. (Albuquerque, NM); Hall, Clarence S. (Albuquerque, NM)

2008-06-24T23:59:59.000Z

492

CMS System Security Plan Template  

Science Conference Proceedings (OSTI)

System Security Plan (SSP) Template Instructions. This template contains boiler plate language. Each template must be ...

2009-06-30T23:59:59.000Z

493

News in ITL - Computer Security  

Science Conference Proceedings (OSTI)

... Cybersecurity Center Seeks Comments on Energy Industry Security ... Commerce Department Proposes New Policy Framework to Strengthen ...

2010-10-22T23:59:59.000Z

494

CMS System Security Plan Procedure  

Science Conference Proceedings (OSTI)

... TASK 5: SYSTEM DECOMMISSION. ... BPSSM Business Partners Systems Security Manual. ... of Information Technology, Policy, Procedures, & Audits. ...

2009-06-30T23:59:59.000Z

495

Publicly Submitted White Papers - Security  

Science Conference Proceedings (OSTI)

... Security Threats, Exploits, Vulnerabilites, Incidents, and Responses; ... CAHV); Critical Incident Response and Disaster Recovery Assistance; ...

2011-08-02T23:59:59.000Z

496

Developing security protocols by refinement  

Science Conference Proceedings (OSTI)

We propose a development method for security protocols based on stepwise refinement. Our refinement strategy guides the transformation of abstract security goals into protocols that are secure when operating over an insecure channel controlled by a Dolev-Yao-style ... Keywords: entity authentication, formal development, key establishment, security protocols, stepwise refinement

Christoph Sprenger; David Basin

2010-10-01T23:59:59.000Z

497

News: IBM launches security offensive  

Science Conference Proceedings (OSTI)

IBM has announced a major security push, representing a US$1.5 billion investment in security-related projects next year. It will partner with other security vendors to offer a set of security services targeting information assets. The services will ...

2007-11-01T23:59:59.000Z

498

Security challenges in embedded systems  

Science Conference Proceedings (OSTI)

Embedded systems security is a significant requirement in emerging environments, considering the increasing deployment of embedded systems in several application domains. The large number of deployed embedded systems, their limited resources and their ... Keywords: Communication system security, computer security, embedded systems, security

Dimitrios N. Serpanos; Artemios G. Voyiatzis

2013-03-01T23:59:59.000Z

499

Towards web security using PLASMA  

Science Conference Proceedings (OSTI)

The World Wide Web is one of the most significant multi-media applications ever developed-and therefore securing the web is one of the most pressing problems. There exist a number of approaches for securing the World Wide Web which, however, usually ... Keywords: high level security, multimedia, secure communications platform, world wide web

Annette Krannig

1998-01-01T23:59:59.000Z

500

Security-oriented program transformations  

Science Conference Proceedings (OSTI)

Security experts generally believe that, "security cannot be added on, it must be designed from the beginning" [1]. This is because the typical way of improving system security by patches is ad hoc and has not produced good results. My work shows that ... Keywords: program transformation, security

Munawar Hafiz; Ralph E. Johnson

2009-04-01T23:59:59.000Z