National Library of Energy BETA

Sample records for validation flaw lets

  1. V-150: Apache VCL Input Validation Flaw Lets Remote Authenticated...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Apache VCL Input Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges V-150: Apache VCL Input Validation Flaw Lets Remote Authenticated Users Gain Elevated...

  2. V-165: Cisco WebEx for iOS Certificate Validation Flaw Lets Remote Users

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Spoof the Server | Department of Energy 65: Cisco WebEx for iOS Certificate Validation Flaw Lets Remote Users Spoof the Server V-165: Cisco WebEx for iOS Certificate Validation Flaw Lets Remote Users Spoof the Server May 28, 2013 - 12:46am Addthis PROBLEM: Cisco WebEx for iOS Certificate Validation Flaw Lets Remote Users Spoof the Server PLATFORM: Cisco WebEx for iOS 4.1, Other versions may also be affected. ABSTRACT: A vulnerability was reported in Cisco WebEx for iOS. REFERENCE LINKS:

  3. T-676: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Users Access or Modify SSL/TLS Sessions | Department of Energy 76: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote Users Access or Modify SSL/TLS Sessions T-676: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote Users Access or Modify SSL/TLS Sessions July 26, 2011 - 1:06am Addthis PROBLEM: A vulnerability was reported in Apple iOS. A remote user with the ability to conduct a man-in-the-middle attack can access or modify SSL/TLS sessions. PLATFORM: iOS 4.2.5

  4. T-676: Apple iOS Certificate Chain Validation Flaw Lets Certain...

    Broader source: Energy.gov (indexed) [DOE]

    T-727:Microsoft Windows SSLTLS Protocol Flaw Lets Remote Users Decryption Sessions U-259: RSA BSAFE SSL-C Lets Remote Users Decrypt SSLTLS Traffic and SSL Buffer Overflow Lets ...

  5. T-663: Cisco Content Services Gateway ICMP Processing Flaw Lets...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    3: Cisco Content Services Gateway ICMP Processing Flaw Lets Remote Users Deny Service T-663: Cisco Content Services Gateway ICMP Processing Flaw Lets Remote Users Deny Service July...

  6. V-176: Adobe Flash Player Memory Corruption Flaw Lets Remote...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    6: Adobe Flash Player Memory Corruption Flaw Lets Remote Users Execute Arbitrary Code V-176: Adobe Flash Player Memory Corruption Flaw Lets Remote Users Execute Arbitrary Code June...

  7. U-262: Microsoft Internet Explorer Flaw Lets Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2: Microsoft Internet Explorer Flaw Lets Remote Users Execute Arbitrary Code U-262: Microsoft Internet Explorer Flaw Lets Remote Users Execute Arbitrary Code September 18, 2012 -...

  8. T-574: Google Chrome Multiple Flaws Let Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    4: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code T-574: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code March 10, 2011 - 3:05pm Addthis...

  9. U-010:HP Onboard Administrator Unspecified Flaw Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    0:HP Onboard Administrator Unspecified Flaw Lets Remote Users Gain Access U-010:HP Onboard Administrator Unspecified Flaw Lets Remote Users Gain Access October 13, 2011 - 8:15am...

  10. U-239: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    U-165: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs T-676: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote Users Access or ...

  11. U-277: Google Chrome Multiple Flaws Let Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Addthis PROBLEM: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): prior to 22.0.1229.92 ABSTRACT: Several vulnerabilities were...

  12. V-218: HP Service Manager Unspecified Flaw Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    U-010:HP Onboard Administrator Unspecified Flaw Lets Remote Users Gain Access U-029: TCPIP Services for OpenVMS POPIMAP Service Bug Lets Remote Users Gain Unauthorized Access...

  13. V-139: Cisco Network Admission Control Input Validation Flaw...

    Broader source: Energy.gov (indexed) [DOE]

    PROBLEM: Cisco Network Admission Control Input Validation Flaw Lets Remote Users Inject SQL Commands PLATFORM: Cisco NAC Manager versions prior to 4.8.3.1 and 4.9.2 ABSTRACT: A...

  14. U-242: Linux Kernel Netlink SCM_CREDENTIALS Processing Flaw Lets...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2: Linux Kernel Netlink SCMCREDENTIALS Processing Flaw Lets Local Users Gain Elevated Privileges U-242: Linux Kernel Netlink SCMCREDENTIALS Processing Flaw Lets Local Users Gain...

  15. V-156: Linux Kernel Array Bounds Checking Flaw Lets Local Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    6: Linux Kernel Array Bounds Checking Flaw Lets Local Users Gain Elevated Privileges V-156: Linux Kernel Array Bounds Checking Flaw Lets Local Users Gain Elevated Privileges May...

  16. T-678: Red Hat Enterprise Virtualization Hypervisor VLAN Packet Processing Flaw Lets Remote Users Deny Service

    Office of Energy Efficiency and Renewable Energy (EERE)

    Red Hat Enterprise Virtualization Hypervisor VLAN Packet Processing Flaw Lets Remote Users Deny Service.

  17. U-107: Cisco NX-OS IP Packet Processing Flaw Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    07: Cisco NX-OS IP Packet Processing Flaw Lets Remote Users Deny Service U-107: Cisco NX-OS IP Packet Processing Flaw Lets Remote Users Deny Service February 21, 2012 - 6:00am ...

  18. T-536: Cisco ASA Multiple Flaws Let Remote Users Deny Service...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    6: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls T-536: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls ...

  19. V-020: Apple QuickTime Multiple Flaws Let Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    0: Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary Code V-020: Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary Code November 9, 2012 - 6:00am...

  20. V-225: McAfee Email Gateway SMTP Processing Flaw Lets Remote...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5: McAfee Email Gateway SMTP Processing Flaw Lets Remote Users Deny Service V-225: McAfee Email Gateway SMTP Processing Flaw Lets Remote Users Deny Service August 23, 2013 - 1:26am...

  1. V-066: Adobe Acrobat/Reader Multiple Flaws Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    6: Adobe AcrobatReader Multiple Flaws Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges V-066: Adobe AcrobatReader Multiple Flaws Lets Remote...

  2. V-095: Oracle Java Flaws Let Remote Users Execute Arbitrary Code...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5: Oracle Java Flaws Let Remote Users Execute Arbitrary Code V-095: Oracle Java Flaws Let Remote Users Execute Arbitrary Code February 20, 2013 - 12:38am Addthis PROBLEM: Oracle...

  3. V-142: Oracle Java Reflection API Flaw Lets Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2: Oracle Java Reflection API Flaw Lets Remote Users Execute Arbitrary Code V-142: Oracle Java Reflection API Flaw Lets Remote Users Execute Arbitrary Code April 25, 2013 - 12:14am...

  4. V-179: Blackberry Z10 Flaw Lets Physically Local Users Access...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    9: Blackberry Z10 Flaw Lets Physically Local Users Access the Device V-179: Blackberry Z10 Flaw Lets Physically Local Users Access the Device June 17, 2013 - 1:09am Addthis...

  5. T-673: Apple Safari Multiple Flaws Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks

    Broader source: Energy.gov [DOE]

    Apple Safari Multiple Flaws Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks

  6. T-536: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Security Controls | Department of Energy 36: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls T-536: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls January 18, 2011 - 2:30pm Addthis PROBLEM: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls. PLATFORM: Cisco 5500 Series Adaptive Security Appliances (ASA) ABSTRACT: Cisco ASA 5500 Series Adaptive Security Appliances are affected by multiple

  7. V-153: Symantec Brightmail Gateway Input Validation Flaw Permits...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    3: Symantec Brightmail Gateway Input Validation Flaw Permits Cross-Site Scripting Attacks V-153: Symantec Brightmail Gateway Input Validation Flaw Permits Cross-Site Scripting...

  8. U-252: Barracuda Web Filter Input Validation Flaws Permit Cross...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2: Barracuda Web Filter Input Validation Flaws Permit Cross-Site Scripting Attacks U-252: Barracuda Web Filter Input Validation Flaws Permit Cross-Site Scripting Attacks September...

  9. U-239: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Addresses | Department of Energy 39: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source Addresses U-239: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source Addresses August 20, 2012 - 7:00am Addthis PROBLEM: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source Addresses PLATFORM: Version(s): 6 beta 4 and prior versions ABSTRACT: A remote user can spoof SMS source addresses. Reference LINKS: SecurityTracker Alert ID: 1027410 Apple.com PCMag.com

  10. V-049: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let Remote Users

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Execute Arbitrary Code | Department of Energy 9: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let Remote Users Execute Arbitrary Code V-049: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let Remote Users Execute Arbitrary Code December 18, 2012 - 1:30am Addthis PROBLEM: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let Remote Users Execute Arbitrary Code PLATFORM: Windows RealPlayer 15.0.6.14 and prior. ABSTRACT: Two vulnerabilities were reported in RealPlayer. REFERENCE

  11. T-727:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Sessions | Department of Energy 7:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption Sessions T-727:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption Sessions September 27, 2011 - 8:00am Addthis PROBLEM: Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption Sessions. PLATFORM: Windows XP Service Pack 3 Windows XP Professional x64 Edition Service Pack 2 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows

  12. V-049: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    V-049: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let Remote Users Execute ... The vendor has issued a fix (16.0.0.282). Addthis Related Articles V-228: RealPlayer ...

  13. U-089:Apache Struts ParameterInterceptor() Flaw Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Apache Struts ParameterInterceptor() Flaw Lets Remote Users Execute Arbitrary Commands PLATFORM: Struts 2.0.0 - Struts 2.3.1.1 ABSTRACT: A remote user can execute arbitrary code...

  14. U-144:Juniper Secure Access Input Validation Flaw Permits Cross...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    4:Juniper Secure Access Input Validation Flaw Permits Cross-Site Scripting Attacks U-144:Juniper Secure Access Input Validation Flaw Permits Cross-Site Scripting Attacks April 10,...

  15. U-001:Symantec IM Manager Input Validation Flaws

    Broader source: Energy.gov [DOE]

    Symantec IM Manager Input Validation Flaws Permit Cross-Site Scripting, SQL Injection, and Code Execution Attacks.

  16. U-107: Cisco NX-OS IP Packet Processing Flaw Lets Remote Users Deny Service

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    | Department of Energy 07: Cisco NX-OS IP Packet Processing Flaw Lets Remote Users Deny Service U-107: Cisco NX-OS IP Packet Processing Flaw Lets Remote Users Deny Service February 21, 2012 - 6:00am Addthis PROBLEM: A vulnerability was reported in Cisco NX-OS. A remote user can cause denial of service conditions. PLATFORM: Nexus 1000v, 5000, and 7000 Series Switches ABSTRACT: A remote user can send a specially crafted IP packet to cause the target device to reload. reference LINKS: Cisco

  17. V-112: Microsoft SharePoint Input Validation Flaws Permit Cross...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Input Validation Flaws Permit Cross-Site Scripting and Denial of Service Attacks V-112: Microsoft SharePoint Input Validation Flaws Permit Cross-Site Scripting and Denial...

  18. V-168: Splunk Web Input Validation Flaw Permits Cross-Site Scripting...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    8: Splunk Web Input Validation Flaw Permits Cross-Site Scripting Attacks V-168: Splunk Web Input Validation Flaw Permits Cross-Site Scripting Attacks May 31, 2013 - 6:00am Addthis...

  19. V-124: Splunk Web Input Validation Flaw Permits Cross-Site Scripting...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    4: Splunk Web Input Validation Flaw Permits Cross-Site Scripting Attacks V-124: Splunk Web Input Validation Flaw Permits Cross-Site Scripting Attacks April 2, 2013 - 1:13am Addthis...

  20. U-048: HP LaserJet Printers Unspecified Flaw Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    T-699: EMC AutoStart Buffer Overflows Let Remote Users Execute Arbitrary Code U-049: IBM Tivoli Netcool Reporter CGI Bug Lets Remote Users Inject Commands on the Target System...

  1. T-602: BlackBerry Enterprise Server Input Validation Flaw in...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    02: BlackBerry Enterprise Server Input Validation Flaw in BlackBerry Web Desktop Manager Permits Cross-Site Scripting Attacks T-602: BlackBerry Enterprise Server Input Validation...

  2. T-727:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    U-033: Microsoft Security Bulletin Summary for November 2011 T-706: Microsoft Fraudulent Digital Certificate Issued by DigiNotar U-259: RSA BSAFE SSL-C Lets Remote Users Decrypt ...

  3. U-247: EMC Cloud Tiering Appliance Flaw Lets Remote Users Bypass...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    CTA 7.3.1 and later with Hotfix ESA-2012-034 Addthis Related Articles V-045: Adobe ColdFusion Lets Local Users Bypass Sandbox Restrictions V-036: EMC Smarts Network...

  4. U-111: IBM AIX ICMP Processing Flaw Lets Remote Users Deny Service...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    aixefixessecurityicmpfix.tar Addthis Related Articles U-096: IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny Service V-031: IBM WebSphere DataPower...

  5. T-701: Citrix Access Gateway Enterprise Edition Input Validation Flaw in Logon Portal Permits Cross-Site Scripting Attacks

    Broader source: Energy.gov [DOE]

    Citrix Access Gateway Enterprise Edition Input Validation Flaw in Logon Portal Permits Cross-Site Scripting Attacks.

  6. V-229: IBM Lotus iNotes Input Validation Flaws Permit Cross-Site Scripting

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Attacks | Department of Energy 9: IBM Lotus iNotes Input Validation Flaws Permit Cross-Site Scripting Attacks V-229: IBM Lotus iNotes Input Validation Flaws Permit Cross-Site Scripting Attacks August 28, 2013 - 6:00am Addthis PROBLEM: Several vulnerabilities were reported in IBM Lotus iNotes PLATFORM: IBM Lotus iNotes 8.5.x ABSTRACT: IBM Lotus iNotes 8.5.x contains four cross-site scripting vulnerabilities REFERENCE LINKS: Security Tracker Alert ID 1028954 IBM Security Bulletin 1647740

  7. T-575: OpenLDAP back-ndb Lets Remote Users Authenticate Without a Valid

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Password | Department of Energy 5: OpenLDAP back-ndb Lets Remote Users Authenticate Without a Valid Password T-575: OpenLDAP back-ndb Lets Remote Users Authenticate Without a Valid Password March 11, 2011 - 3:05pm Addthis PROBLEM: A vulnerability was reported in OpenLDAP. A remote user can authenticate without a valid password. PLATFORM: Open LDAP version(s) 2.4.12 - 2.2.24 ABSTRACT: OpenLDAP back-ndb Lets Remote Users Authenticate Without a Valid Password. reference LINKS: SecurityTracker

  8. V-165: Cisco WebEx for iOS Certificate Validation Flaw Lets Remote...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    The security issue is caused due to the application not properly verifying the server SSL certificate. This can be exploited to e.g. spoof the server via a MitM (Man-in-the-Middle) ...

  9. V-093: Symantec PGP Desktop Buffer Overflows Let Local Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Secure Mobility Client Heap Overflow Lets Local Users Gain Elevated Privileges V-066: Adobe AcrobatReader Multiple Flaws Lets Remote Users Execute Arbitrary Code and Local Users...

  10. V-227: VMware Workstation and Player vmware-mount Command Flaw...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Workstation and Player vmware-mount Command Flaw Lets Local Users Gain Root Privileges V-227: VMware Workstation and Player vmware-mount Command Flaw Lets Local Users Gain Root...

  11. U-195: PHPlist Input Validation Flaws Permit Cross-Site Scripting and SQL Injection Attacks

    Broader source: Energy.gov [DOE]

    The 'public_html/lists/admin' pages do not properly validate user-supplied input in the 'sortby' parameter [CVE-2012-2740]. A remote authenticated administrative user can supply a specially crafted parameter value to execute SQL commands on the underlying database.

  12. U-193: NetBSD System Call Return Value Validation Flaw Lets Local Users Gain Elevated Privileges

    Broader source: Energy.gov [DOE]

    On Intel CPUs, the sysret instruction can be manipulated into returning to specific non-canonical addresses, which may yield a CPU reset. We cannot currently rule out with utter confidence that this vulnerability could not also be used to execute code with kernel privilege instead of crashing the system.

  13. U-015: CiscoWorks Common Services Home Page Input Validation Flaw Lets Remote Users Execute Arbitrary Commands

    Broader source: Energy.gov [DOE]

    Successful exploitation of this vulnerability may allow an authenticated, remote attacker to execute arbitrary commands on the affected system with the privileges of a system administrator.

  14. Validation of analysis methods for assessing flawed piping subjected to dynamic loading

    SciTech Connect (OSTI)

    Olson, R.J.; Wolterman, R.L.; Wilkowski, G.M.; Kot, C.A.

    1994-08-01

    Argonne National Laboratory and Battelle have jointly conducted a research program for the USNRC to evaluate the ability of current engineering analysis methods and one state-of-the-art analysis method to predict the behavior of circumferentially surface-cracked pipe system water-hammer experiment. The experimental data used in the evaluation were from the HDR Test Group E31 series conducted by the Kernforschungszentrum Karlsruhe (KfK) in Germany. The incentive for this evaluation was that simplified engineering methods, as well as newer ``state-of-the-art`` fracture analysis methods, have been typically validated only with static experimental data. Hence, these dynamic experiments were of high interest. High-rate dynamic loading can be classified as either repeating, e.g., seismic, or nonrepeating, e.g., water hammer. Development of experimental data and validation of cracked pipe analyses under seismic loading (repeating dynamic loads) are being pursued separately within the NRC`s International Piping Integrity Research Group (IPIRG) program. This report describes developmental and validation efforts to predict crack stability under water hammer loading, as well as comparisons using currently used analysis procedures. Current fracture analysis methods use the elastic stress analysis loads decoupled from the fracture mechanics analysis, while state-of-the-art methods employ nonlinear cracked-pipe time-history finite element analyses. The results showed that the current decoupled methods were conservative in their predictions, whereas the cracked pipe finite element analyses were more accurate, yet slightly conservative. The nonlinear time-history cracked-pipe finite element analyses conducted in this program were also attractive in that they were done on a small Apollo DN5500 workstation, whereas other cracked-pipe dynamic analyses conducted in Europe on the same experiments required the use of a CRAY2 supercomputer, and were less accurate.

  15. U-049: IBM Tivoli Netcool Reporter CGI Bug Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    LaserJet Printers Unspecified Flaw Lets Remote Users Update Firmware with Arbitrary Code U-053: Linux kexec Bugs Let Local and Remote Users Obtain Potentially Sensitive Information

  16. Flawed reasoning

    SciTech Connect (OSTI)

    Frankena, M.W.; Owen, B.M.

    1993-07-15

    The FERC's failure to investigate the Entergy/GSU merger's effects on market power may force other agencies to examine electric utility mergers on their own. The competitive effects of the proposed merger Entergy and Gulf States Utilities (GSU) will not be further investigated by the Federal Energy Regulatory Commission (FERC), according to a January 1993 order. The FERC's primary justification is that the [open quotes]open access[close quotes] transmission conditions offered by the merging parties eliminated concern over market power in transmission and bulk power. The FERC's reasoning is flawed. If the merger were to lead to an increase in market power, the proposed transmission conditions would not prevent the merged firm from exercising that power. The FERC also justifies its decision not to investigate the competitive effects of the merger on the grounds that no intervenor had demonstrated that present competition between the two systems is more than de minimis. This is not an appropriate standard. Intervenors demonstrated that Entergy's and GSU's transmission system offer alternative contract routes for bulk power between generators and customers. Even if Entergy and GSU both do not actually sell significant amounts of the same transmission-service, an antitrust evaluation should consider whether the availability of a second, independent route constrains the pricing of the first. The FERC's reasoning indicates that it has lost its way in carrying out its responsibilities to protect consumers. Open access to transmission systems may play an important role in increasing competition in bulk power markets. However, the FERC's goal should be to promote competition, not merely to open access for its own sake. In its enthusiasm to secure [open quotes]open access[close quotes], the FERC appears willing to ignore possible reductions in competition.

  17. T-649: Red Hat Network Satellite Server Request Validation Flaw Permits Cross-Site Request Forgery Attacks

    Broader source: Energy.gov [DOE]

    The Red Hat Network (RHN) Satellite and Spacewalk services do not properly validate user-supplied. A remote user can create specially crafted HTML that, when loaded by a target authenticated user, will take actions on the target site acting as the target user.

  18. Flaw detection and evaluation

    DOE Patents [OSTI]

    Wilks, Robert S.; Sturges, Jr., Robert H.

    1983-01-01

    The invention provides a method of and apparatus for optically inspecting nuclear fuel pellets for surface flaws. The inspection system includes a prism and lens arrangement for scanning the surface of each pellet as the same is rotated. The resulting scan produces data indicative of the extent and shape of each flaw which is employed to generate a flaw quality index for each detected flaw. The flaw quality indexes from all flaws are summed and compared with an acceptable surface quality index. The result of the comparison is utilized to control the acceptance or rejection of the pellet.

  19. U-233: Oracle Database INDEXTYPE CTXSYS.CONTEXT Bug Lets Remote...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Articles U-083:Oracle Critical Patch Update Advisory - January 2012 V-067: Oracle Java Flaw Lets Remote Users Execute Arbitrary Code T-576: Oracle Solaris Adobe Flash Player...

  20. T-636: Wireshark Multiple Flaws Let Remote Users Deny Service

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities were reported in Wireshark. A remote user can cause denial of service conditions.

  1. U-014: Oracle Java Runtime Environment (JRE) Multiple Flaws Let...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    SDK and JRE 1.4.233 and prior ABSTRACT: A remote user can create a Java applet or Java Web Start application that, when loaded by the target user, will access or modify data or...

  2. Fabrication Flaw Density and Distribution In Repairs to Reactor Pressure Vessel and Piping Welds

    SciTech Connect (OSTI)

    GJ Schuster, FA Simonen, SR Doctor

    2008-04-01

    The Pacific Northwest National Laboratory is developing a generalized fabrication flaw distribution for the population of nuclear reactor pressure vessels and for piping welds in U.S. operating reactors. The purpose of the generalized flaw distribution is to predict component-specific flaw densities. The estimates of fabrication flaws are intended for use in fracture mechanics structural integrity assessments. Structural integrity assessments, such as estimating the frequency of loss-of-coolant accidents, are performed by computer codes that require, as input, accurate estimates of flaw densities. Welds from four different reactor pressure vessels and a collection of archived pipes have been studied to develop empirical estimates of fabrication flaw densities. This report describes the fabrication flaw distribution and characterization in the repair weld metal of vessels and piping. This work indicates that large flaws occur in these repairs. These results show that repair flaws are complex in composition and sometimes include cracks on the ends of the repair cavities. Parametric analysis using an exponential fit is performed on the data. The relevance of construction records is established for describing fabrication processes and product forms. An analysis of these records shows there was a significant change in repair frequency over the years when these components were fabricated. A description of repair flaw morphology is provided with a discussion of fracture mechanics significance. Fabrication flaws in repairs are characterized using optimized-access, high-sensitivity nondestructive ultrasonic testing. Flaw characterizations are then validated by other nondestructive evaluation techniques and complemented by destructive testing.

  3. V-192: Symantec Security Information Manager Input Validation...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Flaws Permit Cross-Site Scripting, SQL Injection, and Information Disclosure Attacks V-192: Symantec Security Information Manager Input Validation Flaws Permit Cross-Site...

  4. Fabrication Flaw Density and Distribution in the Repairs of Reactor Pressure Vessels

    SciTech Connect (OSTI)

    Schuster, George J.; Doctor, Steven R.; Simonen, Fredric A.

    2006-02-15

    The Pacific Northwest National Laboratory (PNNL) is developing a generalized flaw size and density distribution for the population of U.S. reactor pressure vessels (RPVs). The purpose of the generalized flaw distribution is to predict vessel specific flaw rates for use in probabilistic fracture mechanics calculations that estimate vessel failure probability. Considerable progress has been made on the construction of an engineering data base of fabrication flaws in U.S. nuclear RPVs. The fabrication processes and product forms used to construct U.S. RPVs are represented in the data base. A validation methodology has been developed for characterizing the flaws for size, shape, orientation, and composition. The relevance of construction records has been established for describing fabrication processes and product forms. The fabrication flaws were detected in material removed from cancelled nuclear power plants using high sensitivity nondestructive ultrasonic testing, and validated by other nondestructive evaluation (NDE) techniques, and complemented by destructive testing. This paper describes research that has generated data on welding flaws, which indicated that the largest flaws occur in weld repairs. Recent research results confirm that repair flaws are complex in composition and may include cracks on the repair ends. Section III of the American Society of Mechanical Engineers (ASME) Boiler and Pressure Vessel Code for nuclear power plant components requires radiographic examinations (RT) of welds and requires repairs for RT indications that exceed code acceptable sizes. PNNL has previously obtained the complete construction records for two RPVs. Analysis of these records show a significant change in repair frequency.

  5. The HMDS Coating Flaw Removal Tool

    SciTech Connect (OSTI)

    Monticelli, M V; Nostrand, M C; Mehta, N; Kegelmeyer, L; Johnson, M A; Fair, J; Widmayer, C

    2008-10-24

    In many high energy laser systems, optics with HMDS sol gel antireflective coatings are placed in close proximity to each other making them particularly susceptible to certain types of strong optical interactions. During the coating process, halo shaped coating flaws develop around surface digs and particles. Depending on the shape and size of the flaw, the extent of laser light intensity modulation and consequent probability of damaging downstream optics may increase significantly. To prevent these defects from causing damage, a coating flaw removal tool was developed that deploys a spot of decane with a syringe and dissolves away the coating flaw. The residual liquid is evacuated leaving an uncoated circular spot approximately 1mm in diameter. The resulting uncoated region causes little light intensity modulation and thus has a low probability of causing damage in optics downstream from the mitigated flaw site.

  6. ULTRASONIC FLAW DETECTION METHOD AND MEANS

    DOE Patents [OSTI]

    Worlton, D.C.

    1961-08-15

    A method of detecting subsurface flaws in an object using ultrasonic waves is described. An ultnasonic wave of predetermined velocity and frequency is transmitted to engage the surface of the object at a predetermined angle of inci dence thereto. The incident angle of the wave to the surface is determined with respect to phase velocity, incident wave velocity, incident wave frequency, and the estimated depth of the flaw so that Lamb waves of a particular type and mode are induced only in the portion of the object between the flaw and the surface. These Lamb waves are then detected as they leave the object at an angle of exit equal to the angle of incidence. No waves wlll be generated in the object and hence received if no flaw exists beneath the surface. (AEC)

  7. NON-DESTRUCTIVE FLAW DETECTION APPARATUS

    DOE Patents [OSTI]

    Stateman, M.J.; Holloway, H.R.

    1957-12-17

    An apparatus is described for the non-destructive detection of flaws in electrical conducting articles. The particular feature of the detection apparatus is that a flaw in the front or back of the test article will not be masked by signals caused by the passage of the end and front of the article through the detection apparatus. The present invention alleviates the above problem by mounting detection coils on directly opposite sides of the test passageway so that the axes of the pickup coils are perpendicular to the axis of an energizing coil through which the article is passed. A flaw in the article will cause a change in the voltage induced in one pickup coil, but passage of the end or front of the article will not produce unequal signals. The signals are compared in appropriate electrical circuitry to actuate a recorder only when unequal signals are present, indicating the presence of a flaw.

  8. Midland reactor pressure vessel flaw distribution

    SciTech Connect (OSTI)

    Foulds, J.R.; Kennedy, E.L.; Rosinski, S.T.

    1993-12-01

    The results of laboratory nondestructive examination (NDE), and destructive cross-sectioning of selected weldment sections of the Midland reactor pressure vessel were analyzed per a previously developed methodology in order to develop a flaw distribution. The flaw distributions developed from the NDE results obtained by two different ultrasonic test (UT) inspections (Electric Power Research Institute NDE Center and Pacific Northwest Laboratories) were not statistically significantly different. However, the distribution developed from the NDE Center`s (destructive) cross-sectioning-based data was found to be significantly different than those obtained through the UT inspections. A fracture mechanics-based comparison of the flaw distributions showed that the cross-sectioning-based data, conservatively interpreted (all defects considered as flaws), gave a significantly lower vessel failure probability when compared with the failure probability values obtained using the UT-based distributions. Given that the cross-sectioning data were reportedly biased toward larger, more significant-appearing (by UT) indications, it is concluded that the nondestructive examinations produced definitively conservative results. In addition to the Midland vessel inspection-related analyses, a set of twenty-seven numerical simulations, designed to provide a preliminary quantitative assessment of the accuracy of the flaw distribution method used here, were conducted. The calculations showed that, in more than half the cases, the analysis produced reasonably accurate predictions.

  9. Flaw Tolerance for Multiple Fatique Cracks

    SciTech Connect (OSTI)

    Gosselin, Stephen R.; Simonen, Fredric A.; Carter, R. G.

    2005-07-01

    This paper documents important details of the technical bases for changes to Appendix L. Calculations identified aspect ratios for equivalent single cracks (ESC) between the extremes of a 6:1 ratio and a full circumferential crack that can be used in Appendix L flaw tolerance assessments to account for the initiation, growth, and linking of multiple fatigue cracks. Probabilistic fracture mechanics (PFM) calculations determined ESC aspect ratios that result in the same through-wall crack probability as multiple small cracks (0.02 inch depth) that initiate and coalesce. The computations considered two materials (stainless and low alloy steels), three pipe diameters, five cyclic membrane-to-gradient stress ratios and a wide range of primary loads. Subsequent deterministic calculations identified the ESC aspect ratio for the hypothetical reference flaw depth assumptions in Appendix L. This paper also describes computations that compare the Appendix L flaw tolerance allowable operating period for the ESC models with results obtained when the a single default 6:1 aspect ratio reference flaw.

  10. T-663: Cisco Content Services Gateway ICMP Processing Flaw Lets Remote Users Deny Service

    Broader source: Energy.gov [DOE]

    The Cisco Content Services Gateway: Second Generation provides intelligent network capabilities such as flexible policy management and billing based on deep-packet inspection, as well as subscriber and application awareness capabilities that enable mobile operators to quickly and easily offer value-added, differentiated services over their mobile data networks. A DoS vulnerability exists in the Cisco Content Services Gateway: Second Generation could allow an unauthenticated attacker to cause a device reload by sending crafted ICMP messages to the affected device. Note: The Cisco Gateway GPRS Support Node (GGSN), the Cisco Mobile Wireless Home Agent (HA), the Cisco Wireless Security Gateway (WSG), the Cisco Broadband Wireless Gateway and Cisco IP Transfer Point (ITP), and the Cisco Long Term Evolution (LTE) Gateway are not affected. This vulnerability is documented in Cisco bug ID CSCtl79577 ( registered customers only) and has been assigned CVE ID CVE-2011-2064.

  11. U-205: RSA Access Manager Session Replay Flaw Lets Remote Users Access the System

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in RSA Access Manager. A remote user can gain access to the target system.

  12. U-166: Adobe Shockwave Player Memory Corruption Flaws Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities were reported in Adobe Shockwave Player. A remote user can cause arbitrary code to be executed on the target user's system.

  13. U-140: HP-UX Unspecified Flaw in DCE Lets Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    A remote user can execute arbitrary code on the target system. A remote user can send specially crafted data to execute arbitrary code on the target system. The code will run with the privileges of the target service.

  14. T-574: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact while others can be exploited by malicious people bypass certain security restrictions, disclose system information, and compromise a user's system.

  15. U-170: Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities were reported in Apple QuickTime. A remote user can cause arbitrary code to be executed on the target user's system.

  16. V-006: CA ARCserve Backup Flaws Let Remote Users Execute Arbitrary Code and Deny Service

    Broader source: Energy.gov [DOE]

    Two vulnerabilities were reported in CA ARCserve Backup. A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions.

  17. T-541: Citrix Provisioning Services Unspecified Flaw Let's Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    A vulnerability has been identified in Citrix Provisioning Services that could result in arbitrary code execution. This vulnerability can be triggered by an attacker sending a specially crafted packet to the Provisioning Services server. This vulnerability is present in all supported versions of Citrix Provisioning Services up to and including version 5.6.

  18. U-134: Apache Traffic Server Host Header Processing Flaw Lets Remote Users Deny Service

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in Apache Traffic Server. A remote user can cause denial of service conditions.

  19. U-170: Apple QuickTime Multiple Flaws Let Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    overflow CVE-2012-0670. A specially crafted '.pict' file can trigger a memory corruption error CVE-2012-0671. Impact: A remote user can create a file that, when loaded by...

  20. V-164: Apple QuickTime Multiple Flaws Let Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1) An unspecified error when handling TeXML files can be exploited to cause memory corruption. 2) A boundary error when handling H.263 encoded movie files can be exploited to...

  1. T-673: Apple Safari Multiple Flaws Let Remote Users Execute Arbitrary...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    specially crafted HTML that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary code on the target system - CVE-2010-1823,...

  2. T-662: ISC BIND Packet Processing Flaw Lets Remote Users Deny Service

    Broader source: Energy.gov [DOE]

    A defect in the affected BIND 9 versions allows an attacker to remotely cause the "named" process to exit using a specially crafted packet. This defect affects both recursive and authoritative servers. The code location of the defect makes it impossible to protect BIND using ACLs configured within named.conf or by disabling any features at compile-time or run-time. A remote attacker would need to be able to send a specially crafted packet directly to a server running a vulnerable version of BIND. There is also the potential for an indirect attack via malware that is inadvertently installed and run, where infected machines have direct access to an organization's nameservers.

  3. T-617: BIND RPZ Processing Flaw Lets Remote Users Deny Service

    Broader source: Energy.gov [DOE]

    When a name server is configured with a response policy zone (RPZ), queries for type RRSIG can trigger a server crash.

  4. U-227: bind-dyndb-ldap DN Escaping Flaw Lets Remote Users Deny Service

    Broader source: Energy.gov [DOE]

    A vulnerability has been reported in bind-dyndb-ldap, which can be exploited by malicious people to cause a DoS (Denial of Service).

  5. U-161: Citrix Provisioning Services Unspecified Flaw Lets Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in Citrix Provisioning Services. A remote user can execute arbitrary code on the target system.

  6. U-133: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system.

  7. U-143: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Multiple vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system.

  8. V-218: HP Service Manager Unspecified Flaw Lets Remote Users Gain Unauthorized Access

    Broader source: Energy.gov [DOE]

    This security update resolves a vulnerability in the HP Service Manager which allows people to have access to unauthorized information

  9. U-004:Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.

  10. U-160: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Several vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system

  11. Sandia Wind-Turbine Blade Flaw Detection Experiments in Denmark

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Wind-Turbine Blade Flaw Detection Experiments in Denmark - Sandia Energy Energy Search ... Twitter Google + Vimeo GovDelivery SlideShare Sandia Wind-Turbine Blade Flaw Detection ...

  12. Procedure for flaw detection in cast stainless steel

    DOE Patents [OSTI]

    Kupperman, David S.

    1988-01-01

    A method of ultrasonic flaw detection in cast stainless steel components incorporating the steps of determining the nature of the microstructure of the cast stainless steel at the site of the flaw detection measurements by ultrasonic elements independent of the component thickness at the site; choosing from a plurality of flaw detection techniques, one such technique appropriate to the nature of the microstructure as determined and detecting flaws by use of the chosen technique.

  13. T-575: OpenLDAP back-ndb Lets Remote Users Authenticate Without...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Remote Users Authenticate Without a Valid Password T-575: OpenLDAP back-ndb Lets Remote Users Authenticate Without a Valid Password March 11, 2011 - 3:05pm Addthis PROBLEM: A ...

  14. Validation

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Validation in fusion research: Towards guidelines and best practices P. W. Terry, 1 M. Greenwald, 2 J.-N. Leboeuf, 3 G. R. McKee, 4 D. R. Mikkelsen, 5 W. M. Nevins, 6 D. E. Newman, ...

  15. U-147:Red Hat Enterprise MRG Grid Input Validation Flaw

    Office of Energy Efficiency and Renewable Energy (EERE)

    The MRG Management Console (Cumin) does not properly filter HTML code from user-supplied input before displaying the input.

  16. U-139: IBM Tivoli Directory Server Input Validation Flaw

    Broader source: Energy.gov [DOE]

    The Web Admin Tool does not properly filter HTML code from user-supplied input before displaying the input.

  17. T-701: Citrix Access Gateway Enterprise Edition Input Validation...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1: Citrix Access Gateway Enterprise Edition Input Validation Flaw in Logon Portal Permits Cross-Site Scripting Attacks T-701: Citrix Access Gateway Enterprise Edition Input...

  18. Validating

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Validating extended MHD models for fusion plasmas K. J. McCollam (kmccollam@wisc.edu), D. J. Den Hartog, C. M. Jacobson, J. A. Reusch, J. S. Sarff, and the MST Team, University of Wisconsin-Madison, April 2015 Submitted to the DOE Workshop on Integrated Simulations for Magnetic Fusion Energy Sciences Primary topic: A (Disruptions); Secondary topic: C (Whole device modeling) Oral presentation requested if time available Motivation: That predictive capability is a major gap in fusion plasma

  19. Ultrasonic Flaw Detection of Cracks and Machined Flaws as Observed Through Austenitic Stainless Steel Piping Welds

    SciTech Connect (OSTI)

    Anderson, Michael T.; Cinson, Anthony D.; Crawford, Susan L.; Cumblidge, Stephen E.; Diaz, Aaron A.

    2009-07-01

    Piping welds in the pressure boundary of light water reactors (LWRs) are subject to a volumetric examination based on Section XI of the American Society of Mechanical Engineers (ASME) Boiler and Pressure Vessel Code. Due to access limitations and high background radiation levels, the technique used is primarily ultrasonic rather than radiographic. Many of the austenitic welds in safety-related piping systems provide limited access to both sides of the weld, so a far-side examination is necessary. Historically, far-side inspections have performed poorly because of the coarse and elongated grains that make up the microstructures of austenitic weldments. The large grains cause the ultrasound to be scattered, attenuated, and redirected. Additionally, grain boundaries or weld geometry may reflect coherent ultrasonic echoes, making flaw detection and discrimination a more challenging endeavor. Previous studies conducted at the Pacific Northwest National Laboratory (PNNL) on ultrasonic far-side examinations in austenitic piping welds involved the application of conventional transducers, use of low-frequency Synthetic Aperture Focusing Techniques (SAFT), and ultrasonic phased-array (PA) methods on specimens containing implanted thermal fatigue cracks and machined reflectors [1-2]. From these studies, PA inspection provided the best results, detecting nearly all of the flaws from the far side. These results were presented at the Fifth International Conference on NDE in Relation to Structural Integrity for Nuclear and Pressurised Components in 2006. This led to an invitation to examine field-removed specimens containing service-induced intergranular stress corrosion cracks (IGSCC) at the Electric Power Research Institute’s (EPRI) Nondestructive Evaluation (NDE) Center, in Charlotte, North Carolina. Results from this activity are presented.

  20. U-230: Sudo on Red Hat Enterprise Linux %postun Symlink Flaw Lets Local Users Gain Elevated Privileges

    Office of Energy Efficiency and Renewable Energy (EERE)

    An updated sudo package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 5.

  1. U-014: Oracle Java Runtime Environment (JRE) Multiple Flaws Let Remote Users Execute Arbitrary Code and Deny Service

    Broader source: Energy.gov [DOE]

    A remote user can create a Java applet or Java Web Start application that, when loaded by the target user, will access or modify data or execute arbitrary code on the target user's system.

  2. U-007: IBM Rational AppScan Import/Load Function Flaws Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Two vulnerabilities were reported in IBM Rational AppScan. A remote user can cause arbitrary code to be executed on the target user's system.

  3. V-058: Microsoft Internet Explorer CDwnBindInfo Object Reuse Flaw Lets Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    A vulnerability was reported in Microsoft Internet Explorer. A remote user can cause arbitrary code to be executed on the target user's system.

  4. U-006:Cisco Network Admission Control Manager Directory Traversal Flaw Lets Remote Users Obtain Potentially Sensitive Information

    Office of Energy Efficiency and Renewable Energy (EERE)

    An unauthenticated attacker could exploit this vulnerability to access sensitive information, including password files and system logs, that could be leveraged to launch subsequent attacks.

  5. Spotlight on Austin, Texas: Let Your Contractor Be Your Guide...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Let Your Contractor Be Your Guide for Big Rewards Spotlight on Austin, Texas: Let Your Contractor Be Your Guide for Big Rewards Spotlight on Austin, Texas: Let Your Contractor Be ...

  6. U-106: Citrix XenServer Multiple Flaws in Web Self Service Have...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    6: Citrix XenServer Multiple Flaws in Web Self Service Have Unspecified Impact U-106: Citrix XenServer Multiple Flaws in Web Self Service Have Unspecified Impact February 17, 2012...

  7. T-707: Apache Tomcat AJP Protocol Processing Bug Lets Remote...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AJP Protocol Processing Bug Lets Remote Users Bypass Authentication or Obtain Information T-707: Apache Tomcat AJP Protocol Processing Bug Lets Remote Users Bypass Authentication...

  8. V-235: Cisco Mobility Services Engine Configuration Error Lets...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5: Cisco Mobility Services Engine Configuration Error Lets Remote Users Login Anonymously V-235: Cisco Mobility Services Engine Configuration Error Lets Remote Users Login ...

  9. V-202: Cisco Video Surveillance Manager Bugs Let Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Video Surveillance Manager Bugs Let Remote Users Obtain Potentially Sensitive Information V-202: Cisco Video Surveillance Manager Bugs Let Remote Users Obtain Potentially Sensitive...

  10. V-155: Apache Tomcat FORM Authenticator Lets Remote Users Conduct...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5: Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks V-155: Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks...

  11. V-220: Juniper Security Threat Response Manager Lets Remote Authentica...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Threat Response Manager Lets Remote Authenticated Users Execute Arbitrary Commands V-220: Juniper Security Threat Response Manager Lets Remote Authenticated Users Execute...

  12. V-149: Microsoft Internet Explorer Object Access Bug Lets Remote...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    9: Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary Code V-149: Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary...

  13. T-728: Apache Tomcat HTTP DIGEST Authentication Weaknesses Let...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    8: Apache Tomcat HTTP DIGEST Authentication Weaknesses Let Remote Users Conduct Bypass Attacks T-728: Apache Tomcat HTTP DIGEST Authentication Weaknesses Let Remote Users Conduct...

  14. U-047: Siemens Automation License Manager Bugs Let Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    7: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code U-047: Siemens Automation License Manager Bugs Let Remote Users Deny Service or...

  15. NON-DESTRUCTIVE METHOD AND MEANS FOR FLAW DETECTION

    DOE Patents [OSTI]

    Hochschild, R.

    1959-03-10

    BS>An improved method is presented for the nondestructive detection of flaws in olectrictilly conductivc articles using magnetic field. According to thc method a homogoneous mignetic field is established in the test article;it right angle" to the artyicle. A probe is aligned with its axis transverse to the translates so hat th4 probe scans the surface of the test article while the axis of the robe is transverse to the direction of translation of the article. In this manner any output current obtained in thc probe is an indication of the size and location of a flaw in the article under test, with a miiiimum of signal pick- up in the probe from the established magnetic field.

  16. U-093: Mozilla Firefox Multiple Flaws Permit Remote Code Execution, Information Disclosure, and Cross-Site Scripting Attacks

    Broader source: Energy.gov [DOE]

    Mozilla Firefox Multiple Flaws Permit Remote Code Execution, Information Disclosure, and Cross-Site Scripting.

  17. Method for fabricating prescribed flaws in the interior of metals

    DOE Patents [OSTI]

    Hsu, David K.; Thompson, Donald O.

    1989-03-07

    The method for fabricating a metal body having a flaw of predetermined size and shape located therein comprises placing half of the metal powder required to make the metal body in the die of a press and pressing it to create a flat upper surface thereon. A piece of copper foil is cut to the size and shape of the desired interior crack and placed on the upper surface of the powder and centered in position. The remaining powder is then placed in the die to cover the copper foil. The powder is first cold pressed and removed from the press. The powder metal piece is then sintered in a furnace at a temperature above the melting point of the copper and below the melting point of the metal. It is then removed from the furnace, cooled to room temperature, and placed back in the die and pressed further. This procedure results in an interior flaw or crack. Modified forms of the method involve using a press-sinter-press-sinter cycle with the first sinter being below the melting point of the copper and the second sinter being above the melting point of the copper and below the melting point of the metal.

  18. Eddy current probe and method for flaw detection in metals

    DOE Patents [OSTI]

    Watjen, J.P.

    1987-06-23

    A flaw detecting system is shown which includes a probe having a pair of ferrite cores with in-line gaps in close proximity to each other. An insulating, non-magnetic, non-conducting holder fills the gaps and supports the ferrite cores in a manner such that the cores form a generally V-shape. Each core is provided with an excitation winding and a detection winding. The excitation windings are connected in series or parallel with an rf port for connection thereof to a radio frequency source. The detection windings, which are differentially wound, are connected in series circuit to a detector port for connection to a voltage measuring instrument. The ferrite cores at the in-line gaps directly engage the metal surface of a test piece, and the probe is scanned along the test piece. In the presence of a flaw in the metal surface the detection winding voltages are unbalanced, and the unbalance is detected by the voltage measuring instrument. The insulating holder is provided with a profile which conforms to that of a prominent feature of the test piece to facilitate movement of the probe along the feature, typically an edge or a corner. 9 figs.

  19. Eddy current probe and method for flaw detection in metals

    DOE Patents [OSTI]

    Watjen, John P.

    1987-06-23

    A flaw detecting system is shown which includes a probe having a pair of ferrite cores with in-line gaps in close proximity to each other. An insulating, non-magnetic, non-conducting holder fills the gaps and supports the ferrite cores in a manner such that the cores form a generally V-shape. Each core is provided with an excitation winding and a detection winding. The excitation windings are connected in series or parallel with an rf port for connection thereof to a radio frequency source. The detection windings, which are differentially wound, are connected in series circuit to a detector port for connection to a voltage measuring instrument. The ferrite cores at the in-line gaps directly engage the metal surface of a test piece, and the probe is scanned along the test piece. In the presence of a flaw in the metal surface the detection winding voltages are unbalanced, and the unbalance is detected by the voltage measuring instrument. The insulating holder is provided with a profile which conforms to that of a prominent feature of the test piece to facilitate movement of the probe along the feature, typically an edge or a corner.

  20. U-212: RSA Authentication Manager Flaws Permit Cross-Site and Cross-Frame

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Scripting and URL Redirection Attacks | Department of Energy 12: RSA Authentication Manager Flaws Permit Cross-Site and Cross-Frame Scripting and URL Redirection Attacks U-212: RSA Authentication Manager Flaws Permit Cross-Site and Cross-Frame Scripting and URL Redirection Attacks July 13, 2012 - 7:00am Addthis PROBLEM: RSA Authentication Manager Flaws Permit Cross-Site and Cross-Frame Scripting and URL Redirection Attacks PLATFORM: RSA Authentication Manager 7.1 is vulnerable; other

  1. Defining a Possible Low LET Bystander Effect

    SciTech Connect (OSTI)

    Charles R. Geard

    2009-05-04

    Current radiation protection guidelines assume a linear response to ionizing radiations down through doses where epidemiological studies provide very limited to no information as to the propriety of such assumptions. The bystander response is a non-targeted effect which might impact such guidelines. These studies while clearly affirming a bystander response for high LET radiations, do not provide such affirmation for environmentally relevant low dose, low LET radiations. Caution and further study are necessary before making judgements that could impact on current standards.

  2. V-127: Samba Bug Lets Remote Authenticated Users Modify Files...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    7: Samba Bug Lets Remote Authenticated Users Modify Files V-127: Samba Bug Lets Remote Authenticated Users Modify Files April 5, 2013 - 6:00am Addthis PROBLEM: A vulnerability was...

  3. INFOGRAPHIC: Let's Get to Work on Solar Soft Costs | Department...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Let's Get to Work on Solar Soft Costs INFOGRAPHIC: Let's Get to Work on Solar Soft Costs December 2, 2013 - 1:00pm Addthis Learn how soft costs are contributing to the price of ...

  4. Solar Decathlon 2015: Let the Competition Begin | Department...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Let the Competition Begin Solar Decathlon 2015: Let the Competition Begin February 13, 2014 - 1:00pm Addthis The Solar Decathlon competition has provided more than 17,000 college ...

  5. Sandia National Laboratories: Let it rain

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Let it rain By Karli Massey Thursday, September 01, 2016 Sandia's clean water stewards focus on stormwater runoff Sandia experts, students explore mechanical challenges at summer institute Environmental technical professional John Kay (4141) inspects a construction site at Sandia before a storm to ensure proper protection measures are in place near stormwater drains. Monsoon season is well underway in New Mexico and other areas across the Southwest. The flash floods caused by monsoon storms

  6. U-238: HP Service Manager Input Validation Flaw Permits Cross-Site Scripting Attacks

    Broader source: Energy.gov [DOE]

    Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 7.11, 9.21, and 9.30, and HP Service Center Web Tier 6.28, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  7. V-153: Symantec Brightmail Gateway Input Validation Flaw Permits Cross-Site Scripting Attacks

    Broader source: Energy.gov [DOE]

    Symantec’s Brightmail Gateway management console is susceptible to stored cross-site scripting (XSS) issues found in some of the administrative interface pages.

  8. U-229: HP Network Node Manager i Input Validation Flaw Permits Cross-Site Scripting Attacks

    Broader source: Energy.gov [DOE]

    Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in cross site scripting (XSS).

  9. V-229: IBM Lotus iNotes Input Validation Flaws Permit Cross-Site...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    CVE-2013-0591 CVE-2013-0595 IMPACT ASSESSMENT: Medium DISCUSSION: The software does not properly filter HTML code from user-supplied input before displaying the input. ...

  10. U-050: Adobe Flex SDK Input Validation Flaw Permits Cross-Site Scripting Attacks

    Broader source: Energy.gov [DOE]

    Flex applications created using the Flex SDK may not properly filter HTML code from user-supplied input before displaying the input.

  11. U-255: Apache Wicket Input Validation Flaw Permits Cross-Site...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    in ajax links before displaying the input. A remote user can create a specially crafted URL that, when loaded by a target user, will cause arbitrary scripting code to be executed...

  12. U-144:Juniper Secure Access Input Validation Flaw Permits Cross-Site Scripting Attacks

    Broader source: Energy.gov [DOE]

    The VPN management interface does not properly filter HTML code from user-supplied input before displaying the input. A remote user can cause arbitrary scripting code to be executed by the target user's browser.

  13. U-206: WordPress Flaws Permit Cross-Site Scripting, Cross-Site...

    Broader source: Energy.gov (indexed) [DOE]

    WordPress Flaws Permit Cross-Site Scripting, Cross-Site Request Forgery, and Information Disclosure Attacks PLATFORM: Version(s): prior to 3.4.1 ABSTRACT: Several vulnerabilities...

  14. Identify Structural Flaw Location and Type with an Inverse Algorithm of Resonance Inspection

    SciTech Connect (OSTI)

    Xu, Wei; Lai, Canhai; Sun, Xin

    2015-10-20

    To evaluate the fitness-for-service of a structural component and to quantify its remaining useful life, aging and service-induced structural flaws must be quantitatively determined in service or during scheduled maintenance shutdowns. Resonance inspection (RI), a non-destructive evaluation (NDE) technique, distinguishes the anomalous parts from the good parts based on changes in the natural frequency spectra. Known for its numerous advantages, i.e., low inspection cost, high testing speed, and broad applicability to complex structures, RI has been widely used in the automobile industry for quality inspection. However, compared to other contemporary direct visualization-based NDE methods, a more widespread application of RI faces a fundamental challenge because such technology is unable to quantify the flaw details, e.g. location, dimensions, and types. In this study, the applicability of a maximum correlation-based inverse RI algorithm developed by the authors is further studied for various flaw cases. It is demonstrated that a variety of common structural flaws, i.e. stiffness degradation, voids, and cracks, can be accurately retrieved by this algorithm even when multiple different types of flaws coexist. The quantitative relations between the damage identification results and the flaw characteristics are also developed to assist the evaluation of the actual state of health of the engineering structures.

  15. U-259: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic...

    Office of Environmental Management (EM)

    59: RSA BSAFE SSL-C Lets Remote Users Decrypt SSLTLS Traffic and SSL Buffer Overflow Lets Remote Users Execute Arbitrary Code U-259: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL...

  16. V-151: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload...

    Energy Savers [EERE]

    Users Upload Files and Let Remote Users Conduct Cross-Site Scripting Attacks V-151: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and Let Remote Users ...

  17. Development of flaw acceptance criteria for aging management of spent nuclear fuel multi-purpose canisters

    SciTech Connect (OSTI)

    Lam, Poh -Sang; Sindelar, Robert L.

    2015-03-09

    A typical multipurpose canister (MPC) is made of austenitic stainless steel and is loaded with spent nuclear fuel assemblies. The canister may be subject to service-induced degradation when it is exposed to aggressive atmospheric environments during a possibly long-term storage period if the permanent repository is yet to be identified and readied. Because heat treatment for stress relief is not required for the construction of an MPC, stress corrosion cracking may be initiated on the canister surface in the welds or in the heat affected zone. An acceptance criteria methodology is being developed for flaw disposition should the crack-like defects be detected by periodic in-service Inspection. The first-order instability flaw sizes has been determined with bounding flaw configurations, that is, through-wall axial or circumferential cracks, and part-through-wall long axial flaw or 360° circumferential crack. The procedure recommended by the American Petroleum Institute (API) 579 Fitness-for-Service code (Second Edition) is used to estimate the instability crack length or depth by implementing the failure assessment diagram (FAD) methodology. The welding residual stresses are mostly unknown and are therefore estimated with the API 579 procedure. It is demonstrated in this paper that the residual stress has significant impact on the instability length or depth of the crack. The findings will limit the applicability of the flaw tolerance obtained from limit load approach where residual stress is ignored and only ligament yielding is considered.

  18. Development of flaw acceptance criteria for aging management of spent nuclear fuel multiple-purpose canisters

    SciTech Connect (OSTI)

    Lam, P.; Sindelar, R.

    2015-03-09

    A typical multipurpose canister (MPC) is made of austenitic stainless steel and is loaded with spent nuclear fuel assemblies. The canister may be subject to service-induced degradation when it is exposed to aggressive atmospheric environments during a possibly long-term storage period if the permanent repository is yet to be identified and readied. Because heat treatment for stress relief is not required for the construction of an MPC, stress corrosion cracking may be initiated on the canister surface in the welds or in the heat affected zone. An acceptance criteria methodology is being developed for flaw disposition should the crack-like defects be detected by periodic In-service Inspection. The first-order instability flaw sizes has been determined with bounding flaw configurations, that is, through-wall axial or circumferential cracks, and part-through-wall long axial flaw or 360° circumferential crack. The procedure recommended by the American Petroleum Institute (API) 579 Fitness-for-Service code (Second Edition) is used to estimate the instability crack length or depth by implementing the failure assessment diagram (FAD) methodology. The welding residual stresses are mostly unknown and are therefore estimated with the API 579 procedure. It is demonstrated in this paper that the residual stress has significant impact on the instability length or depth of the crack. The findings will limit the applicability of the flaw tolerance obtained from limit load approach where residual stress is ignored and only ligament yielding is considered.

  19. U-279: Cisco Firewall Services Module Bugs Let Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    79: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service U-279: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code ...

  20. U-159: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    9: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users Bypass Authentication U-159: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users Bypass...

  1. V-195: RSA Authentication Manager Lets Local Users View the Administra...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5: RSA Authentication Manager Lets Local Users View the Administrative Account Password V-195: RSA Authentication Manager Lets Local Users View the Administrative Account Password...

  2. V-172: ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    ISC BIND RUNTIMECHECK Error Lets Remote Users Deny Service Against Recursive Resolvers V-172: ISC BIND RUNTIMECHECK Error Lets Remote Users Deny Service Against Recursive...

  3. U-241: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information U-241: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain...

  4. U-005: Apache mod_proxy Pattern Matching Bug Lets Remote Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5: Apache modproxy Pattern Matching Bug Lets Remote Users Access Internal Servers U-005: Apache modproxy Pattern Matching Bug Lets Remote Users Access Internal Servers October 6,...

  5. U-142: HP Onboard Administrator Bugs Let Remote Users Gain Access...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks U-142: HP Onboard Administrator Bugs Let Remote Users Gain...

  6. U-046: Apache mod_proxy/mod_rewrite Bug Lets Remote Users Access...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    6: Apache modproxymodrewrite Bug Lets Remote Users Access Internal Servers U-046: Apache modproxymodrewrite Bug Lets Remote Users Access Internal Servers November 28, 2011 -...

  7. Flaws Identification Using Eddy Current Differential Transducer and Artificial Neural Networks

    SciTech Connect (OSTI)

    Chady, T.; Lopato, P.

    2006-03-06

    In this paper we present a multi-frequency excitation eddy current differential transducer and dynamic neural models which were used to detect and identify artificial flaws in thin conducting plates. Plates are made of Inconel600. EDM notches have relative depth from 10% to 80% and length from 2 mm to 7 mm. All flaws were located on the opposite surface of the examined specimen. Measured signals were used as input for training and verifying dynamic neural networks with a moving window. Wide range of ANN (Artificial Neural Network) structures are examined for different window length and different number of frequency components in excitation signal. Observed trends are presented in this paper.

  8. T-703: Cisco Unified Communications Manager Open Query Interface Lets

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Remote Users Obtain Database Contents | Department of Energy 703: Cisco Unified Communications Manager Open Query Interface Lets Remote Users Obtain Database Contents T-703: Cisco Unified Communications Manager Open Query Interface Lets Remote Users Obtain Database Contents August 26, 2011 - 3:45pm Addthis PROBLEM: A vulnerability was reported in Cisco Unified Communications Manager. A remote user can obtain database contents PLATFORM: Cisco Unified Communications Manager 6.x, 7.x, 8.0, 8.5

  9. Apparatus and method for detecting and/or measuring flaws in conductive material

    DOE Patents [OSTI]

    Hockey, Ronald L.; Riechers, Douglas M.

    2000-01-01

    The present invention uses a magnet and sensor coil unilaterial and in relative motion to a conductive material, to measure perturbation or variation in the magnetic field in the presence of a flaw. A liftoff compensator measures a distance between the conductive material and the magnet.

  10. Anisotropic determination and correction for ultrasonic flaw detection by spectral analysis

    DOE Patents [OSTI]

    Adler, Laszlo; Von Cook, K.; Simpson, Jr., William A.; Lewis, D. Kent

    1978-01-01

    The anisotropic nature of a material is determined by measuring the velocity of an ultrasonic longitudinal wave and a pair of perpendicular ultrasonic shear waves through a sample of the material each at a plurality of different angles in three planes orthogonal to each other. The determined anisotropic nature is used as a correction factor in a spectral analyzing system of flaw determination.

  11. T-707: Apache Tomcat AJP Protocol Processing Bug Lets Remote Users Bypass Authentication or Obtain Information

    Broader source: Energy.gov [DOE]

    Apache Tomcat AJP protocol processing bug lets remote users bypass authentication or obtain information.

  12. V-151: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Let Remote Users Conduct Cross-Site Scripting Attacks | Department of Energy 51: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and Let Remote Users Conduct Cross-Site Scripting Attacks V-151: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and Let Remote Users Conduct Cross-Site Scripting Attacks May 8, 2013 - 12:06am Addthis PROBLEM: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and Let Remote Users Conduct Cross-Site Scripting Attacks

  13. Flaw Stability Considering Residual Stress for Aging Management of Spent Nuclear Fuel Multiple-Purpose Canisters

    DOE Public Access Gateway for Energy & Science Beta (PAGES Beta)

    Lam, Poh-Sang; Sindelar, Robert L.

    2016-04-28

    A typical multipurpose canister (MPC) is made of austenitic stainless steel and is loaded with spent nuclear fuel assemblies. Because heat treatment for stress relief is not required for the construction of the MPC, the canister is susceptible to stress corrosion cracking in the weld or heat affected zone regions under long-term storage conditions. Logic for flaw acceptance is developed should crack-like flaws be detected by Inservice Inspection. The procedure recommended by API 579-1/ASME FFS-1, Fitness-for-Service, is used to calculate the instability crack length or depth by failure assessment diagram. It is demonstrated that the welding residual stress has amore » strong influence on the results.« less

  14. Thermal wave image processing for characterization of subsurface of flaws in materials

    SciTech Connect (OSTI)

    Gopalan, K.; Gopalsami, N.

    1993-08-01

    Infrared images resulting from back-scattered thermal waves in composite materials are corrupted by instrument noise and sample heat-spread function. This paper demonstrates that homomorphic deconvolution and {open_quotes}demultiplication{close_quotes} result in enhanced image quality for characterization of subsurface flaws in Kevlar and graphics composites. The choice of processing depends on the material characteristics and the extent of noise in the original image.

  15. Improved multi-directional eddy current inspection test apparatus for detecting flaws in metal articles

    DOE Patents [OSTI]

    Nance, Roy A.; Hartley, William H.; Caffarel, Alfred J.

    1984-01-01

    Apparatus is described for detecting flaws in a tubular workpiece in a single scan. The coils of a dual coil bobbin eddy current inspection probe are wound at a 45.degree. angle to the transverse axis of the probe, one coil having an angular position about the axis about 90.degree. relative to the angular position of the other coil, and the angle of intersection of the planes containing the coils being about 60.degree..

  16. Intense X-rays expose tiny flaws in 3-D printed titanium that can lead to

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    breakage over time | Argonne National Laboratory Intense X-rays expose tiny flaws in 3-D printed titanium that can lead to breakage over time By Katie Elyce Jones * March 4, 2016 Tweet EmailPrint Titanium is strong but light - a desirable property among metals. In the twentieth century, titanium was used in military aircraft and equipment and commercial jets. Today, we find this tough and flexible metal all around us - in sports gear, tools, surgical and dental implants, prosthetics,

  17. Stress-intensity-factor influence coefficients for semielliptical inner-surface flaws in clad pressure vessels

    SciTech Connect (OSTI)

    Keeney, J.A.; Bryson, J.W.

    1995-12-31

    A problem of particular interest in pressure vessel technology is the calculation of accurate stress-intensity factors for semielliptical surface cracks in cylinders. Computing costs for direct solution techniques can be prohibitive when applied to three-dimensional (3-D) geometries with time-varying boundary conditions such as those associated with pressurized thermal shock. An alternative superposition technique requires the calculation of a set of influence coefficients for a given 3-D crack model that can be superimposed to obtain mode-I stress-intensity factors. This paper presents stress-intensity-factor influence coefficients (SIFICs) for axially and circumferentially oriented finite-length semielliptical inner-surface flaws with aspect ratios (total crack length (2c) to crack depth (a)) of 2, 6, and 10 for clad cylinders having an internal radius to wall thickness (t) ratio of 10. SIFICs are computed for flaw depths in the range of 0.01 {le} a/t {le} 0.5 and two cladding thicknesses. The incorporate of this SIFIC data base in fracture mechanics codes will facilitate the generation of fracture mechanics solutions for a wide range of flaw geometries as may be required in structural integrity assessments of pressurized-water and boiling-water reactors.

  18. U-092: Sudo Format String Bug Lets Local Users Gain Elevated Privileges

    Broader source: Energy.gov [DOE]

    A local user can supply a specially crafted command line argument to trigger a format string flaw and execute arbitrary commands on the target system with root privileges.

  19. Evaluation of Manual Ultrasonic Examinations Applied to Detect Flaws in Primary System Dissimilar Metal Welds at North Anna Power Station

    SciTech Connect (OSTI)

    Anderson, Michael T.; Diaz, Aaron A.; Doctor, Steven R.

    2012-06-01

    During a recent inservice inspection (ISI) of a dissimilar metal weld (DMW) in an inlet (hot leg) steam generator nozzle at North Anna Power Station Unit 1, several axially oriented flaws went undetected by the licensee's manual ultrasonic testing (UT) technique. The flaws were subsequently detected as a result of outside diameter (OD) surface machining in preparation for a full structural weld overlay. The machining operation uncovered the existence of two through-wall flaws, based on the observance of primary water leaking from the DMW. Further ultrasonic tests were then performed, and a total of five axially oriented flaws, classified as primary water stress corrosion cracking (PWSCC), were detected in varied locations around the weld circumference.

  20. T-621: Citrix XenServer Lets Local Administrative Users on the...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1: Citrix XenServer Lets Local Administrative Users on the Guest OS Deny Service T-621: Citrix XenServer Lets Local Administrative Users on the Guest OS Deny Service May 12, 2011 -...

  1. T-704: RSA enVision Lets Remote Users View Files and Remote Authentica...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    RSA enVision Lets Remote Users View Files and Remote Authenticated Users Obtain Password T-704: RSA enVision Lets Remote Users View Files and Remote Authenticated Users Obtain...

  2. U-056: Linux Kernel HFS Buffer Overflow Lets Local Users Gain...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    6: Linux Kernel HFS Buffer Overflow Lets Local Users Gain Root Privileges U-056: Linux Kernel HFS Buffer Overflow Lets Local Users Gain Root Privileges December 9, 2011 - 8:00am...

  3. V-189: Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users Deny Service on the Target Host V-189: Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users Deny Service on the Target...

  4. V-115: Apple iOS Bugs Let Local Users Gain Elevated Privileges...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5: Apple iOS Bugs Let Local Users Gain Elevated Privileges V-115: Apple iOS Bugs Let Local Users Gain Elevated Privileges March 20, 2013 - 12:08am Addthis PROBLEM: Apple iOS Bugs...

  5. V-113: Apple Safari Bugs Let Remote Users Execute Arbitrary Code...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    3: Apple Safari Bugs Let Remote Users Execute Arbitrary Code V-113: Apple Safari Bugs Let Remote Users Execute Arbitrary Code March 18, 2013 - 1:53am Addthis PROBLEM: Apple Safari...

  6. V-184: Google Chrome Flash Plug-in Lets Remote Users Conduct...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    4: Google Chrome Flash Plug-in Lets Remote Users Conduct Clickjacking Attacks V-184: Google Chrome Flash Plug-in Lets Remote Users Conduct Clickjacking Attacks June 24, 2013 -...

  7. V-212: Samba smbd CPU Processing Loop Lets Remote Users Deny...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2: Samba smbd CPU Processing Loop Lets Remote Users Deny Service V-212: Samba smbd CPU Processing Loop Lets Remote Users Deny Service August 6, 2013 - 6:00am Addthis PROBLEM: A...

  8. V-141: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other Operating Systems V-141: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other Operating Systems April...

  9. V-045: Adobe ColdFusion Lets Local Users Bypass Sandbox Restrictions...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5: Adobe ColdFusion Lets Local Users Bypass Sandbox Restrictions V-045: Adobe ColdFusion Lets Local Users Bypass Sandbox Restrictions December 12, 2012 - 2:00am Addthis PROBLEM:...

  10. U-257: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    7: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service U-257: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service September 12, 2012 - 6:00am Addthis...

  11. V-203: HP LoadRunner Multiple Bugs Let Remote Users Deny Service...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    V-171: Apple Safari Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks V-110: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code...

  12. V-110: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    0: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code V-110: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code March 13, 2013 - 12:04am Addthis PROBLEM:...

  13. V-140: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    0: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information V-140: Apache ActiveMQ Bugs Let Remote...

  14. U-029: TCP/IP Services for OpenVMS POP/IMAP Service Bug Lets...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    9: TCPIP Services for OpenVMS POPIMAP Service Bug Lets Remote Users Gain Unauthorized Access U-029: TCPIP Services for OpenVMS POPIMAP Service Bug Lets Remote Users Gain...

  15. V-144: HP Printers Let Remote Users Access Files on the Printer...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    4: HP Printers Let Remote Users Access Files on the Printer V-144: HP Printers Let Remote Users Access Files on the Printer April 29, 2013 - 12:27am Addthis PROBLEM: HP Printers...

  16. V-194: Citrix XenServer Memory Management Error Lets Local Administrat...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    XenServer Memory Management Error Lets Local Administrative Users on the Guest Gain Access on the Host V-194: Citrix XenServer Memory Management Error Lets Local Administrative...

  17. V-147: IBM Lotus Notes Mail Client Lets Remote Users Execute...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    7: IBM Lotus Notes Mail Client Lets Remote Users Execute Java Applets V-147: IBM Lotus Notes Mail Client Lets Remote Users Execute Java Applets May 2, 2013 - 6:00am Addthis...

  18. V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service ...

  19. V-198: Red Hat Enterprise MRG Messaging Qpid Python Certificate...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    8: Red Hat Enterprise MRG Messaging Qpid Python Certificate Validation Flaw Lets Remote Users Conduct Man-in-the-Middle Attacks V-198: Red Hat Enterprise MRG Messaging Qpid Python...

  20. U-082: McAfee SaaS 'myCIOScn.dll' ActiveX Control Lets Remote...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Lets Remote Users Execute Arbitrary Code January 17, 2012 - 1:00pm Addthis PROBLEM: PHP Null Pointer Dereference in zendstrndup() Lets Local Users Deny Service PLATFORM: PHP...

  1. V-112: Microsoft SharePoint Input Validation Flaws Permit Cross-Site Scripting and Denial of Service Attacks

    Broader source: Energy.gov [DOE]

    This security update resolves four reported vulnerabilities in Microsoft SharePoint and Microsoft SharePoint Foundation.

  2. T-670: Skype Input Validation Flaw in 'mobile phone' Profile Entry Permits Cross-Site Scripting Attacks

    Broader source: Energy.gov [DOE]

    The software does not properly filter HTML code from user-supplied input in the The "mobile phone" profile entry before displaying the input.

  3. U-067:WebSVN Input Validation Flaw in getLog() Permits Cross-Site Scripting Attacks

    Broader source: Energy.gov [DOE]

    A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the WebSVN software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

  4. Effect of stainless steel weld overlay cladding on the structural integrity of flawed steel plates in bending. Series 1

    SciTech Connect (OSTI)

    Corwin, W.R.; Robinson, G.C.; Nanstad, R.K.; Merkle, J.G.; Berggren, R.G.; Goodwin, G.M.; Swain, R.L.; Owings, T.D.

    1985-04-01

    The Heavy-Section Steel Technology (HSST) Stainless Steel Cladding Evaluations were undertaken to study the interaction of stainless steel cladding on the inside surface of a reactor pressure vessel with flaws initiating and propagating in base metal. With the more recent focus of safety studies on overcooling type transients, for which the behavior of small flaws is important, stainless steel cladding may have a key role in controlling the propagation and/or arrest of propagating flaws. A complicating factor in understanding the role of stainless steel cladding in this setting is the scarcity of data on its fracture toughness as a function of radiation dose and the fabrication process. The initial phase of the HSST evaluations addresses this question by testing the response of 51-mm-thick flawed plates clad with single-wire, submerged-arc weld overlays of different toughness levels. The tests completed indicate that cladding of moderate toughness had a limited ability to enhance the structural arrest toughness of a beam in bending. The specimen design and fabrication techniques employed for this first completed series of tests resulted in flaw and specimen configurations that prevented adequate control of the stress state at pop-in of the hydrogen-charged electron-beam welds. As a result, analyses of the tests by two approximate techniques and by the ORMGEN-ADINA-ORVIRT finite-element programs were not completely consistent.

  5. T-695: Avaya Aura Application Server Buffer Overflow in 'cstore.exe' Lets Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    Avaya Aura Application Server Buffer Overflow in 'cstore.exe' Lets Remote Users Execute Arbitrary Code.

  6. U-259: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic and SSL

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Buffer Overflow Lets Remote Users Execute Arbitrary Code | Department of Energy 59: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic and SSL Buffer Overflow Lets Remote Users Execute Arbitrary Code U-259: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic and SSL Buffer Overflow Lets Remote Users Execute Arbitrary Code September 13, 2012 - 6:00am Addthis PROBLEM: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic and SSL Buffer Overflow Lets Remote Users Execute

  7. Fatigue flaw growth assessment and inclusion of stratification to the LBB assessment

    SciTech Connect (OSTI)

    Samohyl, P.

    1997-04-01

    The application of the LBB requires also fatigue flaw growth assessment. This analysis was performed for PWR nuclear power plants types VVER 440/230, VVER 440/213c, VVER 1000/320. Respecting that these NPP`s were designed according to Russian codes that differ from US codes it was needed to compare these approaches. Comparison with our experimental data was accomplished, too. Margins of applicability of the US methods and their modifications for the materials used for construction of Czech and Slovak NPP`s are shown. Computer code accomplishing the analysis according to described method is presented. Some measurement and calculations show that thermal stratifications in horizontal pipelines can lead to additive loads that are not negligible and can be dangerous. An attempt to include these loads induced by steady-state stratification was made.

  8. V-134: Cisco AnyConnect Secure Mobility Client Heap Overflow Lets Local

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Users Gain Elevated Privileges | Department of Energy 4: Cisco AnyConnect Secure Mobility Client Heap Overflow Lets Local Users Gain Elevated Privileges V-134: Cisco AnyConnect Secure Mobility Client Heap Overflow Lets Local Users Gain Elevated Privileges April 15, 2013 - 1:30am Addthis PROBLEM: Cisco AnyConnect Secure Mobility Client Heap Overflow Lets Local Users Gain Elevated Privileges PLATFORM: Cisco AnyConnect Secure Mobility Client Cisco Secure Desktop ABSTRACT: Some vulnerabilities

  9. V-135: Cisco ASA Multiple Bugs Let Remote Users Deny Service | Department

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    of Energy 5: Cisco ASA Multiple Bugs Let Remote Users Deny Service V-135: Cisco ASA Multiple Bugs Let Remote Users Deny Service April 16, 2013 - 12:21am Addthis PROBLEM: Cisco ASA Multiple Bugs Let Remote Users Deny Service PLATFORM: Cisco ASA Software for Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, and Cisco ASA 1000V Cloud Firewall are affected by multiple vulnerabilities. Affected

  10. U-053: Linux kexec Bugs Let Local and Remote Users Obtain Potentially

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Sensitive Information | Department of Energy 53: Linux kexec Bugs Let Local and Remote Users Obtain Potentially Sensitive Information U-053: Linux kexec Bugs Let Local and Remote Users Obtain Potentially Sensitive Information December 7, 2011 - 7:30am Addthis PROBLEM: Linux kexec Bugs Let Local and Remote Users Obtain Potentially Sensitive Information . PLATFORM: Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat Enterprise Linux Server (v. 6) Red Hat

  11. U-279: Cisco Firewall Services Module Bugs Let Remote Users Execute

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Arbitrary Code and Deny Service | Department of Energy 79: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service U-279: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service October 11, 2012 - 6:00am Addthis PROBLEM: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service PLATFORM: Version(s): prior to 4.1(9) ABSTRACT: Several vulnerabilities were reported in Cisco Firewall

  12. Spotlight on Austin, Texas: Let Your Contractor Be Your Guide for Big

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Rewards | Department of Energy Let Your Contractor Be Your Guide for Big Rewards Spotlight on Austin, Texas: Let Your Contractor Be Your Guide for Big Rewards Spotlight on Austin, Texas: Let Your Contractor Be Your Guide for Big Rewards, as posted on the U.S. Department of Energy's Better Buildings Neighborhood Program website. Spotlight on Austin, Texas (444.88 KB) More Documents & Publications Spotlight on Austin, Texas: Best Offer Ever Produces Upgrades in Record Time Spotlight on

  13. V-076: Cisco Wireless LAN Controller Bugs Let Remote Users Deny...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cisco Wireless LAN Controller Bugs Let Remote Users Deny Service and Remote Authenticated Users Modify the Configuration and Execute Arbitrary Code V-076: Cisco Wireless LAN ...

  14. U-053: Linux kexec Bugs Let Local and Remote Users Obtain Potentially...

    Office of Environmental Management (EM)

    Linux kexec Bugs Let Local and Remote Users Obtain Potentially Sensitive Information . PLATFORM: Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) ...

  15. Debate response: Which rate designs provide revenue stability and efficient price signals? Let the debate continue.

    SciTech Connect (OSTI)

    Boonin, David Magnus

    2009-11-15

    Let's engage in further discussion that provides solutions and details, not just criticisms and assertions. Let's engage in a meaningful dialogue about the conditions where real-time pricing or critical peak pricing with decoupling or the SFV rate design with a feebate is most effective. (author)

  16. Let7a involves in neural stem cell differentiation relating with TLX level

    SciTech Connect (OSTI)

    Song, Juhyun; Cho, Kyoung Joo; Oh, Yumi; Lee, Jong Eun

    2015-07-10

    Neural stem cells (NSCs) have the potential for differentiation into neurons known as a groundbreaking therapeutic solution for central nervous system (CNS) diseases. To resolve the therapeutic efficiency of NSCs, recent researchers have focused on the study on microRNA's role in CNS. Some micro RNAs have been reported significant functions in NSC self-renewal and differentiation through the post-transcriptional regulation of neurogenesis genes. MicroRNA-Let7a (Let7a) has known as the regulator of diverse cellular mechanisms including cell differentiation and proliferation. In present study, we investigated whether Let7a regulates NSC differentiation by targeting the nuclear receptor TLX, which is an essential regulator of NSC self-renewal, proliferation and differentiation. We performed the following experiments: western blot analysis, TaqMan assay, RT-PCR, and immunocytochemistry to confirm the alteration of NSCs. Our data showed that let7a play important roles in controlling NSC fate determination. Thus, manipulating Let-7A and TLX could be a novel strategy to enhance the efficiency of NSC's neuronal differentiation for CNS disorders. - Highlights: • Let7a influences on NSC differentiation and proliferation. • Let7a involves in mainly NSC differentiation rather than proliferation. • Let7a positively regulates the TLX expression.

  17. Don't Let Your Money and Hot Water Go Down the Drain | Department...

    Energy Savers [EERE]

    Don't Let Your Money and Hot Water Go Down the Drain Don't Let Your Money and Hot Water Go Down the Drain December 9, 2008 - 4:00am Addthis John Lippert Do you look at your ...

  18. THE CHOICE OF OPTIMAL STRUCTURE OF ARTIFICIAL NEURAL NETWORK CLASSIFIER INTENDED FOR CLASSIFICATION OF WELDING FLAWS

    SciTech Connect (OSTI)

    Sikora, R.; Chady, T.; Baniukiewicz, P.; Caryk, M.; Piekarczyk, B.

    2010-02-22

    Nondestructive testing and evaluation are under continuous development. Currently researches are concentrated on three main topics: advancement of existing methods, introduction of novel methods and development of artificial intelligent systems for automatic defect recognition (ADR). Automatic defect classification algorithm comprises of two main tasks: creating a defect database and preparing a defect classifier. Here, the database was built using defect features that describe all geometrical and texture properties of the defect. Almost twenty carefully selected features calculated for flaws extracted from real radiograms were used. The radiograms were obtained from shipbuilding industry and they were verified by qualified operator. Two weld defect's classifiers based on artificial neural networks were proposed and compared. First model consisted of one neural network model, where each output neuron corresponded to different defect group. The second model contained five neural networks. Each neural network had one neuron on output and was responsible for detection of defects from one group. In order to evaluate the effectiveness of the neural networks classifiers, the mean square errors were calculated for test radiograms and compared.

  19. Non-destructive evaluation means and method of flaw reconstruction utilizing an ultrasonic multi-viewing transducer data acquistion system

    DOE Patents [OSTI]

    Thompson, Donald O.; Wormley, Samuel J.

    1989-03-28

    A multi-viewing ultrasound transducer acquisition system for non-destructive evaluation, flaw detection and flaw reconstruction in materials. A multiple transducer assembly includes a central transducer surrounded by a plurality of perimeter transducers, each perimeter transducer having an axis of transmission which can be angularly oriented with respect to the axis of transmission of the central transducer to intersect the axis of transmission of the central transducer. A control apparatus automatically and remotely positions the transducer assembly with respect to the material by a positioning apparatus and adjusts the pe GRANT REFERENCE This invention was conceived and reduced to practice at least in part under a grant from the Department of Energy under Contract No. W-7407-ENG-82.

  20. Technical basis for flawed cylinder test specification to assure adequate fracture resistance of ISO high-strength steel cylinder

    SciTech Connect (OSTI)

    Rana, M.D.; Smith, J.H.; Tribolet, R.O.

    1997-11-01

    High-pressure industrial gases (such as oxygen, nitrogen, argon, hydrogen, etc.) are stored and transported in portable cylinders. ISO TC58 SC3 has developed a draft specification 9809 for design and fabrication of high-pressure cylinders with maximum tensile strength limitation of 1,100 N/mm{sup 2}. In order to extend the ISO 9809 rules for higher than 1,100 N/mm{sup 2} strength level cylinders, a working group WG14 was formed in 1989 to develop new rules to assure adequate fracture resistance. In 1994, WG14 recommended a simple, but unique flawed cylinder test method for design qualification of the cylinder and acceptance criteria to assure adequate fracture resistance. WG14 also recommended Charpy-V-notch impact tests to control the required fracture resistance on production cylinders. This paper presents the technical basis that was employed in developing the flawed cylinder test method and acceptance criteria. The specification was developed for seamless steel cylinders having actual strength in the range of 1,100 to 1,400 N/mm{sup 2} and cylindrical section wall thickness in the range of 3 to 10 mm. Flawed cylinder tests were conducted on several hundred cylinders of varying sizes and strength levels. The specification requires to demonstrate LEAK-BEFORE-BREAK performance of the cylinder having flaw length equal to 1.6 (o.d. {times} t{sub design}){sup 0.5} at failure pressure = (t{sub design}/t{sub actual}) x Design Pressure.

  1. Technical basis for flawed cylinder test specification to assure adequate fracture resistance of ISO high strength steel cylinder

    SciTech Connect (OSTI)

    Rana, M.D.; Smith, J.H.; Tribolet, R.O.

    1996-12-01

    High pressure industrial gases (such as oxygen, nitrogen, argon, hydrogen, etc.) are stored and transported in portable cylinders. ISO TC58 SC3 has developed a draft specification 9809 for design and fabrication of high pressure cylinders with maximum tensile strength limitation of 1,100 N/mm{sup 2}. In order to extend the ISO 9809 rules for higher than 1,100 N/mm{sup 2} strength level cylinders, a working group WG14 was formed in 1989 to develop new rules to assure adequate fracture resistance. In 1994, WG14 recommended a simple, but unique flawed cylinder test method for design qualification of the cylinder and acceptance criteria to assure adequate fracture resistance. WG14 also recommended Charpy-V-Notch impact tests to control the required fracture resistance on production cylinders. This paper presents the technical basis that was employed in developing the flawed cylinder test method and acceptance criteria. The specification was developed for seamless steel cylinders having actual strength in the range of 1,100 to 1,400 N/mm{sup 2} and cylindrical section wall thickness in the range of 3mm to 10mm. Flawed cylinder tests were conducted on several hundred cylinders of varying sizes and strength levels. The specification requires to demonstrate LEAK-BEFORE-BREAK performance of the cylinder having flaw length equal to 1.6(O.D. {times} t{sub design}){sup 0.5} at failure pressure = (t{sub design}/t{sub actual}) {times} Design Pressure.

  2. T-606: Sun Java System Access Manager Lets Remote Users Partially Modify Data and Remote Authenticated Users Partially Access Data

    Broader source: Energy.gov [DOE]

    Sun Java System Access Manager Lets Remote Users Partially Modify Data and Remote Authenticated Users Partially Access Data.

  3. U-049: IBM Tivoli Netcool Reporter CGI Bug Lets Remote Users Inject

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Commands on the Target System | Department of Energy 49: IBM Tivoli Netcool Reporter CGI Bug Lets Remote Users Inject Commands on the Target System U-049: IBM Tivoli Netcool Reporter CGI Bug Lets Remote Users Inject Commands on the Target System December 1, 2011 - 9:00am Addthis PROBLEM: IBM Tivoli Netcool Reporter CGI Bug Lets Remote Users Inject Commands on the Target System. PLATFORM: IBM Tivoli Netcool Reporter prior to 2.2.0.8 ABSTRACT: A vulnerability was reported in IBM Tivoli Netcool

  4. V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Users Deny Service | Department of Energy 1: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service January 17, 2013 - 12:00am Addthis PROBLEM: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service PLATFORM: The vulnerability is reported in versions 8.7.1 and 8.7.1.1. ABSTRACT: A vulnerability has been reported in Cisco ASA 1000V Cloud Firewall

  5. T-545: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Execute Arbitrary Code | Department of Energy 5: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users Execute Arbitrary Code T-545: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users Execute Arbitrary Code January 28, 2011 - 7:21am Addthis PROBLEM: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users Execute Arbitrary Code. PLATFORM: RealPlayer 14.0.1 and prior versions ABSTRACT: A vulnerability was reported in RealPlayer. A remote user can

  6. MicroRNAs let-7b/i suppress human glioma cell invasion and migration by targeting IKBKE directly

    SciTech Connect (OSTI)

    Tian, Yuan; Hao, Shaobo; Ye, Minhua; Zhang, Anling; Nan, Yang; Wang, Guangxiu; Jia, Zhifan; Yu, Kai; Guo, Lianmei; Pu, Peiyu; Huang, Qiang; Zhong, Yue

    2015-03-06

    We demonstrated that IKBKE is overexpressed in human gliomas and that the downregulation of IKBKE markedly inhibits the proliferative and invasive abilities of glioma cells, which is consistent with the results reported by several different research groups. Therefore, IKBKE represents a promising therapeutic target for the treatment of glioma. In the present study, we verified that the microRNAs let-7b and let-7i target IKBKE through luciferase assays and found that let-7b/i mimics can knock down IKBKE and upregulate E-cadherin through western blot analysis. Moreover, the expression levels of let-7b/i were significantly lower in glioma cell lines than that in normal brain tissues, as determined by quantitative real-time PCR. Furthermore, let-7b/i inhibit the invasion and migration of glioma cells, as determined through wound healing and Transwell assays. The above-mentioned data suggest that let-7b/i inhibit the invasive ability of glioma cells by directly downregulating IKBKE and indirectly upregulating E-cadherin. - Highlights: • Let-7b and let-7i are downregulated in glioma cell lines. • IKBKE is a target gene of let-7b/i. • Let-7b/i inhibit the invasion and migration of glioma cells. • Let-7b/i upregulate E-cadherin by downregulating IKBKE.

  7. SANSMIC Validation.

    SciTech Connect (OSTI)

    Weber, Paula D.; Rudeen, David Keith; Lord, David

    2014-08-01

    SANSMIC is solution mining software that was developed and utilized by SNL in its role as geotechnical advisor to the US DOE SPR for planning purposes. Three SANSMIC leach modes - withdrawal, direct, and reverse leach - have been revalidated with multiple test cases for each mode. The withdrawal mode was validated using high quality data from recent leach activity while the direct and reverse modes utilized data from historical cavern completion reports. Withdrawal results compared very well with observed data, including the location and size of shelves due to string breaks with relative leached volume differences ranging from 6 - 10% and relative radius differences from 1.5 - 3%. Profile comparisons for the direct mode were very good with relative leached volume differences ranging from 6 - 12% and relative radius differences from 5 - 7%. First, second, and third reverse configurations were simulated in order to validate SANSMIC over a range of relative hanging string and OBI locations. The first-reverse was simulated reasonably well with relative leached volume differences ranging from 1 - 9% and relative radius differences from 5 - 12%. The second-reverse mode showed the largest discrepancies in leach profile. Leached volume differences ranged from 8 - 12% and relative radius differences from 1 - 10%. In the third-reverse, relative leached volume differences ranged from 10 - 13% and relative radius differences were ~4 %. Comparisons to historical reports were quite good, indicating that SANSMIC is essentially the same as documented and validated in the early 1980's.

  8. U-068:Linux Kernel SG_IO ioctl Bug Lets Local Users Gain Elevated...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Linux Kernel SGIO ioctl Bug Lets Local Users Gain Elevated Privileges PLATFORM: Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat...

  9. T-563: Red Hat Directory Server Bugs Let Local Users Gain Elevated...

    Broader source: Energy.gov (indexed) [DOE]

    server and command line utilities for server administration. Addthis Related Articles T-671: Red Hat system-config-firewall Lets Local Users Gain Root Privileges V-041: Red Hat...

  10. V-183: Cisco TelePresence TC and TE Bugs Let Remote Users Deny...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Remote Users Deny Service and Remote Adjacent Authenticated Users Gain Root Shell Access V-183: Cisco TelePresence TC and TE Bugs Let Remote Users Deny Service and Remote Adjacent...

  11. V-109: Google Chrome WebKit Type Confusion Error Lets Remote...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Google Chrome WebKit Type Confusion Error Lets Remote Users Execute Arbitrary Code PLATFORM: Google Chrome prior to 25.0.1364.160 ABSTRACT: A vulnerability was reported in...

  12. V-076: Cisco Wireless LAN Controller Bugs Let Remote Users Deny Service and

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Remote Authenticated Users Modify the Configuration and Execute Arbitrary Code | Department of Energy 6: Cisco Wireless LAN Controller Bugs Let Remote Users Deny Service and Remote Authenticated Users Modify the Configuration and Execute Arbitrary Code V-076: Cisco Wireless LAN Controller Bugs Let Remote Users Deny Service and Remote Authenticated Users Modify the Configuration and Execute Arbitrary Code January 24, 2013 - 6:00am Addthis PROBLEM: Several vulnerabilities were reported in

  13. Let's Try That Again: Selling the Teapot Dome Oil Field | Department of

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Energy Let's Try That Again: Selling the Teapot Dome Oil Field Let's Try That Again: Selling the Teapot Dome Oil Field January 30, 2015 - 11:28am Addthis A solitary oil pump at the Teapot Dome Oilfield in Wyoming. | Department of Energy photo. A solitary oil pump at the Teapot Dome Oilfield in Wyoming. | Department of Energy photo. Allison Lantero Allison Lantero Digital Content Specialist, Office of Public Affairs In 1922, President Warren Harding's Interior Secretary Albert Fall found

  14. V-235: Cisco Mobility Services Engine Configuration Error Lets Remote Users

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Login Anonymously | Department of Energy 5: Cisco Mobility Services Engine Configuration Error Lets Remote Users Login Anonymously V-235: Cisco Mobility Services Engine Configuration Error Lets Remote Users Login Anonymously September 5, 2013 - 12:33am Addthis PROBLEM: A vulnerability was reported in Cisco Mobility Services Engine. A remote user can login anonymously. PLATFORM: Cisco Mobility Services Engine ABSTRACT: A vulnerability in Cisco Mobility Services Engine could allow an

  15. Electromagnetic methods for measuring materials properties of cylindrical rods and array probes for rapid flaw inspection

    SciTech Connect (OSTI)

    Sun, Haiyan

    2005-05-01

    field in the presence of a finite a two-layer rod and a conductive tube. The results are in very good agreement with those obtained by using a 2D finite element code. In the third part, a new probe technology with enhanced flaw detection capability is described. The new probe can reduce inspection time through the use of multiple Hall sensors. A prototype Hall array probe has been built and tested with eight individual Hall sensor ICs and a racetrack coil. Electronic hardware was developed to interface the probes to an oscilloscope or an eddy current instrument. To achieve high spatial resolution and to limit the overall probe size, high-sensitivity Hall sensor arrays were fabricated directly on a wafer using photolithographic techniques and then mounted in their unencapsulated form. The electronic hardware was then updated to interface the new probes to a laptop computer.

  16. U-091: cURL Lets Remote Users Decrypt SSL/TLS Traffic | Department of

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Energy 91: cURL Lets Remote Users Decrypt SSL/TLS Traffic U-091: cURL Lets Remote Users Decrypt SSL/TLS Traffic January 30, 2012 - 6:45am Addthis PROBLEM: A vulnerability was reported in cURL. PLATFORM: Linux (Any), UNIX (Any), Windows (Any) : Version(s): 7.10.6 through 7.23.1 ABSTRACT: A remote user can decrypt SSL/TLS sessions in certain cases. reference LINKS: CVE-2011-3389 SecurityTracker Alert ID: 1026587 Vendor Advisory IMPACT ASSESSMENT: Moderate Discussion: A remote user with the

  17. V-228: RealPlayer Buffer Overflow and Memory Corruption Error Let Remote

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Users Execute Arbitrary Code | Department of Energy 8: RealPlayer Buffer Overflow and Memory Corruption Error Let Remote Users Execute Arbitrary Code V-228: RealPlayer Buffer Overflow and Memory Corruption Error Let Remote Users Execute Arbitrary Code August 27, 2013 - 6:00am Addthis PROBLEM: Two vulnerabilities were reported in RealPlayer PLATFORM: RealPlayer 16.0.2.32 and prior ABSTRACT: A remote user can cause arbitrary code to be executed on the target user's system REFERENCE LINKS:

  18. T-692: VMware vFabric tc Server Lets Remote Users Login Using Obfuscated

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Passwords | Department of Energy 92: VMware vFabric tc Server Lets Remote Users Login Using Obfuscated Passwords T-692: VMware vFabric tc Server Lets Remote Users Login Using Obfuscated Passwords August 12, 2011 - 3:47pm Addthis PROBLEM: A vulnerability was reported in VMware vFabric tc Server. A remote user can login using an obfuscated version of their password. PLATFORM: Version(s): vFabric tc Server 2.0.0.RELEASE to 2.0.5.SR01, 2.1.0.RELEASE to 2.1.1.SR01 ABSTRACT: VMware vFabric tc

  19. T-602: BlackBerry Enterprise Server Input Validation Flaw in BlackBerry Web Desktop Manager Permits Cross-Site Scripting Attacks

    Broader source: Energy.gov [DOE]

    The BlackBerry Web Desktop Manager not properly filter HTML code from user-supplied input before displaying the input. A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the site running the BlackBerry Web Desktop Manager software and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

  20. Effects of estrogen and gender on cataractogenesis induced by high-LET radiation

    SciTech Connect (OSTI)

    Henderson, M.A.; Rusek, A.; Valluri, S.; Garrett, J.; Lopez, J.; Caperell-Grant, A.; Mendonca, M.; Bigsby, R.; Dynlacht, J.

    2010-02-01

    Planning for long-duration manned lunar and interplanetary missions requires an understanding of radiation-induced cataractogenesis. Previously, it was demonstrated that low-linear energy transfer (LET) irradiation with 10 Gy of {sup 60}Co {gamma} rays resulted in an increased incidence of cataracts in male rats compared to female rats. This gender difference was not due to differences in estrogen, since male rats treated with the major secreted estrogen 17-{beta}-estradiol (E2) showed an identical increase compared to untreated males. We now compare the incidence and rate of progression of cataracts induced by high-LET radiation in male and female Sprague-Dawley rats. Rats received a single dose of 1 Gy of 600 MeV {sup 56}Fe ions. Lens opacification was measured at 2-4 week intervals with a slit lamp. The incidence and rate of progression of radiation-induced cataracts was significantly increased in the animals in which estrogen was available from endogenous or exogenous sources. Male rats with E2 capsules implanted had significantly higher rates of progression compared to male rats with empty capsules implanted (P = 0.025) but not compared to the intact female rats. These results contrast with data obtained after low-LET irradiation and suggest the possibility that the different types of damage caused by high- and low-LET radiation may be influenced differentially by steroid sex hormones.

  1. SU-E-T-555: A Protontherapy Inverse Treatment Planning System Prototype with Linear Energy Transfer (LET) Optimization

    SciTech Connect (OSTI)

    Sanchez-Parcerisa, D; Carabe-Fernandez, A

    2014-06-01

    Purpose: Develop and benchmark an inverse treatment planning system (TPS) for proton radiotherapy integrating fast analytical dose and LET calculations in patient geometries and a dual objective function with both dose and LET components, enabling us to apply optimization techniques to improve the predicted outcome of treatments based on radiobiological models. Methods: The software package was developed in MATLAB and implements a fluence-dose calculation technique based on a pencil beam model for dose calculations and a 3D LET model based on the extension of the LET in the radial direction as a function of the predicted radiological pathway. Both models were benchmarked against commissioning data from our institution, dose calculations performed with a commercial treatment planning system and Monte Carlo simulations. The optimization is based on the adaptive simulated annealing approach . Results: The dose and LET calculations were tested in a water phantom and several real patient treatments. The pass rate for the gamma index analysis (3%/3mm) test was above 90% for all test cases analyzed, and the calculation time was of the order of seconds. The inverse planning module produced plans with a significantly higher mean LET in the target compared to traditional plans, without any loss of target coverage. The clinical relevance of this improvement is under consideration . Conclusion: The developed treatment planning system is a valuable clinical and research tool that enables us to incorporate LET effects into proton radiotherapy planning in a streamlined fashion.

  2. Research Highlight: Let the Good Times Flow - Joint Center for Energy

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Storage Research October 1, 2015, News Articles Research Highlight: Let the Good Times Flow There are two electrodes in every battery. One electrode, called the cathode, connects to the positive end of the battery and is where the electric current leaves the battery. The other electrode, the anode, connects to the negative end of the battery and is where the electric current enters the battery. The flow of these electrons through an external circuit is what produces the electric current.

  3. Spotlight on Austin, Texas: Let Your Contractor Be Your Guide for Big Rewards

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1 Spotlight on Austin, Texas: Let Your Contractor Be Your Guide for Big Rewards Workforce All About Contractors Austin Energy, a municipally owned utility, has a long history of collaborating closely with the building contractors in its area to deliver energy efficiency programs, which benefits both parties involved. Because contractors understand that Austin Energy has made a long-term commitment to supporting energy efficiency, they have been willing to invest time and money into the technical

  4. Electrophoretically active sol-gel processes to backfill, seal, and/or densify porous, flawed, and/or cracked coatings on electrically conductive material

    DOE Patents [OSTI]

    Panitz, J.K.; Reed, S.T.; Ashley, C.S.; Neiser, R.A.; Moffatt, W.C.

    1999-07-20

    Electrophoretically active sol-gel processes to fill, seal, and/or density porous, flawed, and/or cracked coatings on electrically conductive substrates. Such coatings may be dielectrics, ceramics, or semiconductors and, by the present invention, may have deposited onto and into them sol-gel ceramic precursor compounds which are subsequently converted to sol-gel ceramics to yield composite materials with various tailored properties. 6 figs.

  5. Electrophoretically active sol-gel processes to backfill, seal, and/or densify porous, flawed, and/or cracked coatings on electrically conductive material

    DOE Patents [OSTI]

    Panitz, Janda K.; Reed, Scott T.; Ashley, Carol S.; Neiser, Richard A.; Moffatt, William C.

    1999-01-01

    Electrophoretically active sol-gel processes to fill, seal, and/or density porous, flawed, and/or cracked coatings on electrically conductive substrates. Such coatings may be dielectrics, ceramics, or semiconductors and, by the present invention, may have deposited onto and into them sol-gel ceramic precursor compounds which are subsequently converted to sol-gel ceramics to yield composite materials with various tailored properties.

  6. Final Assessment of Manual Ultrasonic Examinations Applied to Detect Flaws in Primary System Dissimilar Metal Welds at North Anna Power Station

    SciTech Connect (OSTI)

    Anderson, Michael T.; Diaz, Aaron A.; Cinson, Anthony D.; Crawford, Susan L.; Prowant, Matthew S.; Doctor, Steven R.

    2014-03-24

    PNNL conducted a technical assessment of the NDE issues and protocols that led to missed detections of several axially oriented flaws in a steam generator primary inlet dissimilar metal weld at North Anna Power Station, Unit 1 (NAPS-1). This particular component design exhibits a significant outside-diameter (OD) taper that is not included as a blind performance demonstration mock-up within the industry’s Performance Demonstration Initiative, administered by EPRI. For this reason, the licensee engaged EPRI to assist in the development of a technical justification to support the basis for a site-specific qualification. The service-induced flaws at NAPS-1 were eventually detected as a result of OD surface machining in preparation for a full structural weld overlay. The machining operation uncovered the existence of two through-wall flaws, based on the observance of primary water leaking from the dissimilar metal weld. A total of five axially oriented flaws were detected in varied locations around the weld circumference. The field volumetric examination that was conducted at NAPS-1 was a non-encoded, real-time manual ultrasonic examination. PNNL conducted both an initial assessment, and subsequently, a more rigorous technical evaluation (reported here), which has identified an array of NDE issues that may have led to the subject missed detections. These evaluations were performed through technical reviews and discussions with NRC staff, EPRI NDE Center personnel, industry and ISI vendor personnel, and ultrasonic transducer manufacturers, and laboratory tests, to better understand the underlying issues at North Anna.

  7. A FRAMEWORK TO DEVELOP FLAW ACCEPTANCE CRITERIA FOR STRUCTURAL INTEGRITY ASSESSMENT OF MULTIPURPOSE CANISTERS FOR EXTENDED STORAGE OF USED NUCLEAR FUEL

    SciTech Connect (OSTI)

    Lam, P.; Sindelar, R.; Duncan, A.; Adams, T.

    2014-04-07

    A multipurpose canister (MPC) made of austenitic stainless steel is loaded with used nuclear fuel assemblies and is part of the transfer cask system to move the fuel from the spent fuel pool to prepare for storage, and is part of the storage cask system for on-site dry storage. This weld-sealed canister is also expected to be part of the transportation package following storage. The canister may be subject to service-induced degradation especially if exposed to aggressive environments during possible very long-term storage period if the permanent repository is yet to be identified and readied. Stress corrosion cracking may be initiated on the canister surface in the welds or in the heat affected zone because the construction of MPC does not require heat treatment for stress relief. An acceptance criteria methodology is being developed for flaw disposition should the crack-like defects be detected by periodic Inservice Inspection. The external loading cases include thermal accident scenarios and cask drop conditions with the contribution from the welding residual stresses. The determination of acceptable flaw size is based on the procedure to evaluate flaw stability provided by American Petroleum Institute (API) 579 Fitness-for-Service (Second Edition). The material mechanical and fracture properties for base and weld metals and the stress analysis results are obtained from the open literature such as NUREG-1864. Subcritical crack growth from stress corrosion cracking (SCC), and its impact on inspection intervals and acceptance criteria, is not addressed.

  8. SU-E-T-581: On the Value of LET as a Radiation Quality Descriptor for RBE

    SciTech Connect (OSTI)

    Pater, P; Backstrom, G; Enger, S; Seuntjens, J; Naqa, I El; Villegas, F; Ahnesjo, A

    2015-06-15

    Purpose: To investigate the relationship between linear energy transfer (LET) and relative biological effectiveness (RBE) for protons and light ions, and the corresponding role of LET as a descriptor of radiation quality of hadron therapy. Methods: Monte Carlo (MC) proton and light ion (He, Li, C) tracks with LET < 30 eV nm{sup -1} were generated in an event-by-event mode. They were overlaid on a cell nucleus model containing 6×10{sup 9} nucleotide base pairs using an isotropic irradiation procedure that provides electronic equilibrium. Strand breaks (sbs) were scored in the DNA sugar-phosphate groups and further sub-classified into single or double sbs (ssbs or dsbs). Distributions of ssbs and dsbs for 2 Gy fractions were calculated to estimate RBE for the induction of initial dsbs with reference to {sup 60}Co. Additionally, sbs were classified based on their complexity (i.e. the number of sbs in each cluster). Results: An increase in LET for light ions of the same atomic number or a decrease in atomic number for ions of the same LET resulted in a lower kinetic energy of emitted secondary electrons. The clustering of DNA damage was more pronounced as reflected by the increase in proton RBE from ∼ 1.75 to 4 for LET values of 7 to 28 eV nm{sup -1}. A significant RBE decrease between protons, He, Li and C ions of the same LET was also noticed as function of the atomic number. Significant differences in ssbs and dsbs complexities were also seen for particles with the same LET, potentially supporting a clustering-based radiation quality descriptor. Conclusion: The LET-RBE relationships were simulated for proton and light ions and exhibited expected trends, including different RBEs for particles with the same LET but different atomic numbers. A complexity based radiation quality descriptor may allow better differentiation of RBE between radiation fields of similar LET. We would like to acknowledge support from the Fonds de recherche du Quebec Sante (FRQS), from the

  9. V-058: Microsoft Internet Explorer CDwnBindInfo Object Reuse...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    8: Microsoft Internet Explorer CDwnBindInfo Object Reuse Flaw Lets Remote Users Execute Arbitrary Code V-058: Microsoft Internet Explorer CDwnBindInfo Object Reuse Flaw Lets Remote...

  10. Field Testing: Independent, Accredited Testing and Validation for the Wind Industry (Fact Sheet)

    SciTech Connect (OSTI)

    Not Available

    2011-11-01

    This fact sheet describes the field testing capabilities at the National Wind Technology Center (NWTC). NREL's specialized facilities and personnel at the NWTC provide the U.S. wind industry with scientific and engineering support that has proven critical to the development of wind energy for U.S. energy needs. The NWTC's specialized field-testing capabilities have evolved over 30 years of continuous support by the U.S. Department of Energy Wind and Hydropower Technologies Program and long standing industry partnerships. The NWTC provides wind industry manufacturers, developers, and operators with turbine and component testing all in one convenient location. Although industry utilizes sophisticated modeling tools to design and optimize turbine configurations, there are always limitations in modeling capabilities, and testing is a necessity to ensure performance and reliability. Designs require validation and testing is the only way to determine if there are flaws. Prototype testing is especially important in capturing manufacturing flaws that might require fleet-wide retrofits. The NWTC works with its industry partners to verify the performance and reliability of wind turbines that range in size from 400 Watts to 3 megawatts. Engineers conduct tests on components and full-scale turbines in laboratory environments and in the field. Test data produced from these tests can be used to validate turbine design codes and simulations that further advance turbine designs.

  11. V-012: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting Attacks and May Let Remote Users Execute Arbitrary Code

    Broader source: Energy.gov [DOE]

    PROBLEM: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting Attacks and May Let Remote Users Execute Arbitrary Code

  12. Verification and Validation Supporting...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    ... Rep. BAW-1810, The Babcock & Wilcox Company, 1984 3 N. Hoerlik, B. Herman, B. Forget, and K. Smith. "Benchmark for Evaluation and Validation of Reactor Simulations (BEAVRS)," ...

  13. Model Verification and Validation

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    in the decision-making process. Validation should therefore involve the code developers, computer scientists, experimentalists, statisticians, analysts, and application owners....

  14. Shallow Flaws Under Biaxial Loading Conditions, Part II: Application of a Weibull Stress Analysis of the Cruciform Bend Specimen Using a Hydrostatic Stress Criterion

    SciTech Connect (OSTI)

    Bass, B.R.; McAfee, W.J.; Williams, P.T.

    1999-08-01

    Cruciform beam fracture mechanics specimensl have been developed in the Heavy Section Steel Technology (HSST) Program at Oak Ridge National Laboratory (ORNL) to introduce a prototypic, far- field, out-of-plane biaxird bending stress component in the test section that approximates the nonlinear biaxial stresses resulting from pressurized-thernxd-shock or pressure-temperature loading of a nuclear reactor pressure vessel (RPV). Matrices of cruciform beam tests were developed to investigate and quantify the effects of temperature, biaxial loading, and specimen size on fracture initiation toughness of two-dimensional (constant depth), shtdlow, surface flaws. Tests were conducted under biaxial load ratios ranging from uniaxial to equibiaxial. These tests demonstrated that biaxial loading can have a pronounced effect on shallow-flaw fracture toughness in the lower transition temperature region for RPV materials. Two and three- parameter Weibull models have been calibrated using a new scheme (developed at the University of Illinois) that maps toughness data from test specimens with distinctly different levels of crack-tip constraint to a small scale yielding (SSY) Weibull stress space. These models, using the new hydrostatic stress criterion in place of the more commonly used maximum principal stress in the kernel of the OW integral definition, have been shown to correlate the experimentally observed biaxiaI effect in cruciform specimens, thereby providing a scaling mechanism between uniaxial and biaxial loading states.

  15. Fatal Flaw Analysis of Utility-Scale Wind Turbine Generators at the West Haymarket Joint Public Agency. A Study Prepared in Partnership with the Environmental Protection Agency for the RE-Powering America's Land Initiative: Siting Renewable Energy on Potentially Contaminated Land and Mine Sites

    SciTech Connect (OSTI)

    Roberts, J. O.; Mosey, G.

    2013-08-01

    Fatal flaw analysis of utility-scale wind turbines at the West Haymarket Joint Public Agency brownfields site in Lincoln, Nebraska, funded by EPA.

  16. Web Feature Service Validator

    Energy Science and Technology Software Center (OSTI)

    2013-08-01

    This site allows state data contributors to validate their WFS services against a specified schema for tier 3 data. The application uses the USGIN models API at https://github.com/usgin/usginmodels.

  17. Verification and validation benchmarks.

    SciTech Connect (OSTI)

    Oberkampf, William Louis; Trucano, Timothy Guy

    2007-02-01

    Verification and validation (V&V) are the primary means to assess the accuracy and reliability of computational simulations. V&V methods and procedures have fundamentally improved the credibility of simulations in several high-consequence fields, such as nuclear reactor safety, underground nuclear waste storage, and nuclear weapon safety. Although the terminology is not uniform across engineering disciplines, code verification deals with assessing the reliability of the software coding, and solution verification deals with assessing the numerical accuracy of the solution to a computational model. Validation addresses the physics modeling accuracy of a computational simulation by comparing the computational results with experimental data. Code verification benchmarks and validation benchmarks have been constructed for a number of years in every field of computational simulation. However, no comprehensive guidelines have been proposed for the construction and use of V&V benchmarks. For example, the field of nuclear reactor safety has not focused on code verification benchmarks, but it has placed great emphasis on developing validation benchmarks. Many of these validation benchmarks are closely related to the operations of actual reactors at near-safety-critical conditions, as opposed to being more fundamental-physics benchmarks. This paper presents recommendations for the effective design and use of code verification benchmarks based on manufactured solutions, classical analytical solutions, and highly accurate numerical solutions. In addition, this paper presents recommendations for the design and use of validation benchmarks, highlighting the careful design of building-block experiments, the estimation of experimental measurement uncertainty for both inputs and outputs to the code, validation metrics, and the role of model calibration in validation. It is argued that the understanding of predictive capability of a computational model is built on the level of

  18. SU-E-T-354: Peak Temperature Ratio of TLD Glow Curves to Investigate the Spatial Dependence of LET in a Clinical Proton Beam

    SciTech Connect (OSTI)

    Reft, C [UniversityChicago, Chicago, IL (United States); Pankuch, M; Ramirez, H [ProCure Treatment Centers, Warrenville, IL (United States)

    2014-06-01

    Purpose: Use the ratio of the two high temperature peaks (HTR) in TLD 700 glow curves to investigate spatial dependence of the linear energy transfer (LET) in proton beams. Studies show that the relative biological effectiveness (RBE) depends upon the physical dose as well as its spatial distribution. Although proton therapy uses a spatially invariant RBE of 1.1, studies suggest that the RBE increases in the distal edge of a spread out Bragg peak (SOBP) due to the increased LET. Methods: Glow curve studies in TLD 700 show that the 280 C temperature peak is more sensitive to LET radiation than the 210 C temperature peak. Therefore, the areas under the individual temperature peaks for TLDs irradiated in a proton beam normalized to the peak ratio for 6 MV photons are used to determine the HTR to obtain information on its LET. TLD 700 chips with dimensions 0.310.310.038 cc are irradiated with 90 MeV protons at varying depths in a specially designed blue wax phantom to investigate LET spatial dependence. Results: Five TLDs were placed at five different depths of the percent depth dose curve (PDD) of range 16.2 cm: center of the SOPB and approximately at the 99% distal edge, 90%, 75% and 25% of the PDD, respectively. HTR was 1.3 at the center of the SOBP and varied from 2.2 to 3.9 which can be related to an LET variation from 0.5 to 18 KeV/? via calibration with radiation beams of varying LET. Conclusion: HTR data show a spatially invariant LET slightly greater than the 6 MV radiations in the SOBP, but a rapidly increasing LET at the end of the proton range. These results indicate a spatial variation in RBE with potential treatment consequences when selecting treatment margins to minimize the uncertainties in proton RBE.

  19. T-648: Avaya IP Office Manager TFTP Server Lets Remote Users Traverse the Directory

    Broader source: Energy.gov [DOE]

    The software does not properly validate user-supplied input. A remote user can supply a specially crafted request to view files on target system running the IP Office Manager software.

  20. CIPS Validation Data Plan

    SciTech Connect (OSTI)

    Nam Dinh

    2012-03-01

    This report documents analysis, findings and recommendations resulted from a task 'CIPS Validation Data Plan (VDP)' formulated as an POR4 activity in the CASL VUQ Focus Area (FA), to develop a Validation Data Plan (VDP) for Crud-Induced Power Shift (CIPS) challenge problem, and provide guidance for the CIPS VDP implementation. The main reason and motivation for this task to be carried at this time in the VUQ FA is to bring together (i) knowledge of modern view and capability in VUQ, (ii) knowledge of physical processes that govern the CIPS, and (iii) knowledge of codes, models, and data available, used, potentially accessible, and/or being developed in CASL for CIPS prediction, to devise a practical VDP that effectively supports the CASL's mission in CIPS applications.

  1. MOLECULAR MECHANISM OF SUPPRESSION OF NEOPLASTIC TRANSFORMATION BY LOW DOSES OF LOW LET RADIATION

    SciTech Connect (OSTI)

    J.LESIE REDPATH, PH.D.

    2011-03-29

    We are currently funded (9/01-8/04) by the DOE Low Dose Radiation Research Program to examine mechanisms underlying the suppression of neoplastic transformation in vitro by low doses of low LET radiation. For the new studies proposed under Notice 04-21, we intend to follow up on our observation that upregulation of DNA repair may be an important factor and that its importance is dose-dependent. The experimental system will be the human hybrid cell neoplastic transformation assay that we are currently using. We propose to test the following hypothesis: Down-regulation of DNA dsb repair will abrogate the low dose suppression of neoplastic transformation. Using the technique of RNA silencing, it is proposed to test the effect of down-regulation of the two major DNA dsb repair pathways, homologous recombination (HR) and non-homologous end-joining (NHEJ), on the dose response relationship for neoplastic transformation. Based on prior studies, we predict that this will result in abrogation of the suppressive effect at doses in the range 1 to 10 cGy, but not at lower doses. The proposed experiments will also help address the question as to which of the two DNA repair pathways may be the most important in causing suppression of transformation. HR is a pathway that is predominant in S and G2 phase cells and is known to be less error-prone than the NHEJ pathway that is predominant in G1 phase. We hypothesize that down-regulation of HR will result in the most effective abrogation of suppression. An important component of this study will be the determination of the how abrogation of DNA dsb repair impacts the spontaneous transformation frequency, presumably a consequence of endogeneous DNA damage. Experiments will be carried out using partially synchronized populations of cells enriched for G1 and S/G2 respectively. In addition to the endpoint of neoplastic transformation the impact of down-regulation of HR and NHEJ on the formation and disappearance of the DNA dsb marker

  2. Development and validation of bonded composite doubler repairs for commercial aircraft.

    SciTech Connect (OSTI)

    Roach, Dennis Patrick; Rackow, Kirk A.

    2007-07-01

    A typical aircraft can experience over 2,000 fatigue cycles (cabin pressurizations) and even greater flight hours in a single year. An unavoidable by-product of aircraft use is that crack, impact, and corrosion flaws develop throughout the aircraft's skin and substructure elements. Economic barriers to the purchase of new aircraft have placed even greater demands on efficient and safe repair methods. The use of bonded composite doublers offers the airframe manufacturers and aircraft maintenance facilities a cost effective method to safely extend the lives of their aircraft. Instead of riveting multiple steel or aluminum plates to facilitate an aircraft repair, it is now possible to bond a single Boron-Epoxy composite doubler to the damaged structure. The FAA's Airworthiness Assurance Center at Sandia National Labs (AANC), Boeing, and Federal Express completed a pilot program to validate and introduce composite doubler repair technology to the U.S. commercial aircraft industry. This project focused on repair of DC-10 fuselage structure and its primary goal was to demonstrate routine use of this repair technology using niche applications that streamline the design-to-installation process. As composite doubler repairs gradually appear in the commercial aircraft arena, successful flight operation data is being accumulated. These commercial aircraft repairs are not only demonstrating the engineering and economic advantages of composite doubler technology but they are also establishing the ability of commercial maintenance depots to safely adopt this repair technique. This report presents the array of engineering activities that were completed in order to make this technology available for widespread commercial aircraft use. Focused laboratory testing was conducted to compliment the field data and to address specific issues regarding damage tolerance and flaw growth in composite doubler repairs. Fatigue and strength tests were performed on a simulated wing repair using a

  3. FIMS Data Validation | Department of Energy

    Energy Savers [EERE]

    Information Systems FIMS Data Validation FIMS Data Validation FIMS Data Validation The Facility Information Management System (FIMS) is the Department's official repository of ...

  4. BISON Validation | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Validation BISON Validation January 29, 2013 - 11:54am Addthis BISON Validation Predictive Maturity Work continued on the previously developed discovery, accumulation, and assessment (DAA) process to plan, track, assess, and communicate VU activities and results. DAA was applied to the BISON sensitivity analysis described above, and the results were exported to Synopsis, the DAA management tool. [SNL, LANL, INL] Building on previous sensitivity studies of the LIFE-IV nuclear fuels code, a

  5. PV Validation and Bankability Workshop

    Broader source: Energy.gov [DOE]

    This document summarizes the information given on Aug. 29, 2011, on the survey results of the PV Validation and Bankability Workshop on Aug. 31, 2011.

  6. Collecting and Characterizing Validation Data

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Characterizing Validation Data to Support Advanced Simulation of Nuclear Reactor ... Boiling Flow Model Bayesian Framework for Data Integration Nuclear System Analysis - ...

  7. Software Verification and Validation Procedure

    SciTech Connect (OSTI)

    Olund, Thomas S.

    2008-09-15

    This Software Verification and Validation procedure provides the action steps for the Tank Waste Information Network System (TWINS) testing process. The primary objective of the testing process is to provide assurance that the software functions as intended, and meets the requirements specified by the client. Verification and validation establish the primary basis for TWINS software product acceptance.

  8. In-service Inspection Ultrasonic Testing of Reactor Pressure Vessel Welds for Assessing Flaw Density and Size Distribution per 10 CFR 50.61a, Alternate Fracture Toughness Requirements

    SciTech Connect (OSTI)

    Sullivan, Edmund J.; Anderson, Michael T.; Norris, Wallace

    2012-09-17

    Pressurized thermal shock (PTS) events are system transients in a pressurized water reactor (PWR) in which there is a rapid operating temperature cool-down that results in cold vessel temperatures with or without repressurization of the vessel. The rapid cooling of the inside surface of the reactor pressure vessel (RPV) causes thermal stresses that can combine with stresses caused by high pressure. The aggregate effect of these stresses is an increase in the potential for fracture if a pre-existing flaw is present in a material susceptible to brittle failure. The ferritic, low alloy steel of the reactor vessel beltline adjacent to the core, where neutron radiation gradually embrittles the material over the lifetime of the plant, can be susceptible to brittle fracture. The PTS rule, described in the Code of Federal Regulations, Title 10, Section 50.61 (§50.61), “Fracture Toughness Requirements for Protection against Pressurized Thermal Shock Events,” adopted on July 23, 1985, establishes screening criteria to ensure that the potential for a reactor vessel to fail due to a PTS event is deemed to be acceptably low. The U.S. Nuclear Regulatory Commission (NRC) completed a research program that concluded that the risk of through-wall cracking due to a PTS event is much lower than previously estimated. The NRC subsequently developed a rule, §50.61a, published on January 4, 2010, entitled “Alternate Fracture Toughness Requirements for Protection Against Pressurized Thermal Shock Events” (75 FR 13). Use of the new rule by licensees is optional. The §50.61a rule differs from §50.61 in that it requires licensees who choose to follow this alternate method to analyze the results from periodic volumetric examinations required by the ASME Code, Section XI, Rules for Inservice Inspection (ISI) of Nuclear Power Plants. These analyses are intended to determine if the actual flaw density and size distribution in the licensee’s reactor vessel beltline welds are bounded

  9. TASK PLAN: Tribal Issues Topic Group

    Office of Environmental Management (EM)

    Security Controls | Department of Energy 6: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls T-536: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls January 18, 2011 - 2:30pm Addthis PROBLEM: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls. PLATFORM: Cisco 5500 Series Adaptive Security Appliances (ASA) ABSTRACT: Cisco ASA 5500 Series Adaptive Security Appliances are affected by multiple

  10. Advanced Supply System Validation Workshop

    Broader source: Energy.gov [DOE]

    The Bioenergy Technologies Office (BETO) is hosting the Advanced Supply System Validation Workshop on February 3-4, 2015, in Golden, Colorado. The purpose of the workshop is to bring together a...