Powered by Deep Web Technologies
Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


1

Philosophy on Vulnerability Assessments  

NLE Websites -- All DOE Office Websites (Extended Search)

capabilities/vat/assess/ capabilities/vat/assess/ ARGONNE NATIONAL LABORATORY, Nuclear Engineering Division, 9700 South Cass Ave., Argonne, IL Philosophy on Vulnerability Assessments Argonne Vulnerability Assessment Team Roger G. Johnston, Ph.D., CPP , 630-252-6168 1. There are a number of conventional tools for finding security vulnerabilities. These include security surveys, risk management, design basis threat, CARVER Method, Delphi Method, software vulnerability assessment tools, infrastructure modeling, etc. 2. These tools have some value, and indeed we have used them all. 3. Experience has shown, however, that these methods do not usually result in dramatic improvements to security, nor do they reliably predict catastrophic security incidents that

2

Ecosystem Vulnerability Assessment - Patterns of Climate Change...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Ecosystem Vulnerability Assessment - Patterns of Climate Change Vulnerability in the Southwest Ecosystem Vulnerability Assessment - Patterns of Climate Change Vulnerability in the...

3

Guidelines for conducting vulnerability assessments. [Susceptibility of programs to unauthorized use of resources  

SciTech Connect

The US General Accounting Office and executive agency Inspectors General have reported losses of millions of dollars in government funds resulting from fraud, waste and error. The Administration and the Congress have initiated determined efforts to eliminate such losses from government programs and activities. Primary emphasis in this effort is on the strengthening of accounting and administrative controls. Accordingly, the Office of Management and Budget (OMB) issued Circular No. A-123, Internal Control Systems, on October 28, 1981. The campaign to improve internal controls was endorsed by the Secretary of Energy in a memorandum to Heads of Departmental Components, dated March 13, 1981, Subject: Internal Control as a Deterrent to Fraud, Waste and Error. A vulnerability assessment is a review of the susceptibility of a program or function to unauthorized use of resources, errors in reports and information, and illegal or unethical acts. It is based on considerations of the environment in which the program or function is carried out, the inherent riskiness of the program or function, and a preliminary evaluation as to whether adequate safeguards exist and are functioning.

Not Available

1982-06-01T23:59:59.000Z

4

Vulnerability Assessment Team (VAT) - Nuclear Engineering Division  

NLE Websites -- All DOE Office Websites (Extended Search)

Vulnerability Assessment Team Vulnerability Assessment Team VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms

5

Assessing Climate Change Impacts, Vulnerability and Adaptation...  

Open Energy Info (EERE)

The Case of Pantabangan-Carranglan Watershed Jump to: navigation, search Name Assessing Climate Change Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan...

6

Useful Resources- Vulnerability Assessment Team - Nuclear Engineering  

NLE Websites -- All DOE Office Websites (Extended Search)

Selected Publications Selected Publications VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

7

Definitions, Seals - Vulnerability Assessment Team - Nuclear Engineering  

NLE Websites -- All DOE Office Websites (Extended Search)

Definitions Definitions VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

8

Safety - Vulnerability Assessment Team - Nuclear Engineering Division  

NLE Websites -- All DOE Office Websites (Extended Search)

Safety Safety VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

9

CDKN-Colombia-Cartagena Vulnerability Assessment | Open Energy Information  

Open Energy Info (EERE)

Cartagena Vulnerability Assessment Cartagena Vulnerability Assessment Jump to: navigation, search Name CDKN-Colombia-Cartagena Vulnerability Assessment Agency/Company /Organization Climate and Development Knowledge Network (CDKN), United Kingdom Department for International Development Sector Climate Topics Background analysis, Low emission development planning, Pathways analysis Website http://resilient-cities.iclei. Country Colombia UN Region South America References CDKN-Colombia-Cartagena Vulnerability Assessment[1] CDKN-Colombia-Cartagena Vulnerability Assessment Screenshot This article is a stub. You can help OpenEI by expanding it. References ↑ "CDKN-Colombia-Cartagena Vulnerability Assessment" Retrieved from "http://en.openei.org/w/index.php?title=CDKN-Colombia-Cartagena_Vulnerability_Assessment&oldid=407543

10

An assessment of fire vulnerability for aged electrical relays  

SciTech Connect

There has been some concern that, as nuclear power plants age, protective measures taken to control and minimize the impact of fire may become ineffective, or significantly less effective, and hence result in an increased fire risk. One objective of the Fire Vulnerability of Aged Electrical Components Program is to assess the effects of aging and service wear on the fire vulnerability of electrical equipment. An increased fire vulnerability of components may lead to an overall increase in fire risk to the plant. Because of their widespread use in various electrical safety systems, electromechanical relays were chosen to be the initial components for evaluation. This test program assessed the impact of operational and thermal aging on the vulnerability of these relays to fire-induced damage. Only thermal effects of a fire were examined in this test program. The impact of smoke, corrosive materials, or fire suppression effects on relay performance were not addressed in this test program. The purpose of this test program was to assess whether the fire vulnerability of electrical relays increased with aging. The sequence followed for the test program was to: identify specific relay types, develop three fire scenarios, artificially age several relays, test the unaged and aged relays in the fire exposure scenarios, and compare the results. The relays tested were Agastat GPI, General Electric (GE) HMA, HGA, and HFA. At least two relays of each type were artificially aged and at least two relays of each type were new. Relays were operationally aged by cycling the relay under rated load for 2,000 operations. These relays were then thermally aged for 60 days with their coil energized.

Vigil, R.A. [Sandia National Labs., Albuquerque, NM (United States)]|[Science and Engineering Associates, Inc., Albuquerque, NM (United States); Nowlen, S.P. [Sandia National Labs., Albuquerque, NM (United States)

1995-03-01T23:59:59.000Z

11

Developing new methodology for nuclear power plants vulnerability assessment  

Science Journals Connector (OSTI)

The fundamental aim of an efficient regulatory emergency preparedness and response system is to provide sustained emergency readiness and to prevent emergency situations and accidents. But when an event occurs, the regulatory mission is to mitigate consequences and to protect people and the environment against nuclear and radiological damage. The regulatory emergency response system, which would be activated in the case of a nuclear and/or radiological emergency and release of radioactivity to the environment, is an important element of a comprehensive national regulatory system of nuclear and radiation safety. In the past, national emergency systems explicitly did not include vulnerability assessments of the critical nuclear infrastructure as an important part of a comprehensive preparedness framework. But after the huge terrorist attack on 11/09/2001, decision-makers became aware that critical nuclear infrastructure could also be an attractive target to terrorism, with the purpose of using the physical and radioactive properties of the nuclear material to cause mass casualties, property damage, and detrimental economic and/or environmental impacts. The necessity to evaluate critical nuclear infrastructure vulnerability to threats like human errors, terrorist attacks and natural disasters, as well as preparation of emergency response plans with estimation of optimized costs, are of vital importance for assurance of safe nuclear facilities operation and national security. In this paper presented new methodology and solution methods for vulnerability assessment can help the overall national energy sector to identify and understand the terrorist threats to and vulnerabilities of its critical infrastructure. Moreover, adopted methodology could help national regulators and agencies to develop and implement a vulnerability awareness and education programs for their critical assets to enhance the security and a safe operation of the entire energy infrastructure. New methods can also assist nuclear power plants to develop, validate, and disseminate assessment and surveys of new efficient countermeasures. Consequently, concise description of developed new quantitative method and adapted new methodology for nuclear regulatory vulnerability assessment of nuclear power plants are presented.

Venceslav Kostadinov

2011-01-01T23:59:59.000Z

12

Colombia-Cartagena Vulnerability Assessment | Open Energy Information  

Open Energy Info (EERE)

Colombia-Cartagena Vulnerability Assessment Colombia-Cartagena Vulnerability Assessment Jump to: navigation, search Name Colombia-CDKN-Cartagena Vulnerability Assessment Agency/Company /Organization Climate and Development Knowledge Network (CDKN), United Kingdom Department for International Development Sector Climate Topics Background analysis, Low emission development planning, Pathways analysis Website http://resilient-cities.iclei. Country Colombia UN Region South America References CDKN-Colombia-Cartagena Vulnerability Assessment[1] Colombia-CDKN-Cartagena Vulnerability Assessment Screenshot This article is a stub. You can help OpenEI by expanding it. References ↑ "CDKN-Colombia-Cartagena Vulnerability Assessment" Retrieved from "http://en.openei.org/w/index.php?title=Colombia-Cartagena_Vulnerability_Assessment&oldid=699760"

13

Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Guide to Critical Infrastructure Protection Cyber Vulnerability Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment This document describes a customized process for cyber vulnerability assessment in compliance with the Critical Infrastructure Protection standards adopted by the North American Electric Reliability Corporation in 2006. This guide covers the planning, execution, and reporting process. Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment More Documents & Publications Wireless System Considerations When Implementing NERC Critical Infrastructure Protection Standards New No-Cost ANTFARM Tool Maps Control System Networks to Help Implement Cyber Security Standards "Cybersecurity for State Regulators" - NARUC Primer (June 2012)

14

Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Guide to Critical Infrastructure Protection Cyber Vulnerability Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment This document describes a customized process for cyber vulnerability assessment in compliance with the Critical Infrastructure Protection standards adopted by the North American Electric Reliability Corporation in 2006. This guide covers the planning, execution, and reporting process. Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment More Documents & Publications Wireless System Considerations When Implementing NERC Critical Infrastructure Protection Standards New No-Cost ANTFARM Tool Maps Control System Networks to Help Implement Cyber Security Standards "Cybersecurity for State Regulators" - NARUC Primer (June

15

Antioch University and EPA Webinar: Assessing Vulnerability of...  

Energy Savers (EERE)

Antioch University and EPA Webinar: Assessing Vulnerability of Water Conveyance Infrastructure from a Changing Climate in the Context of a Changing Landscape Antioch University and...

16

India-Vulnerability Assessment and Enhancing Adaptive Capacities to Climate  

Open Energy Info (EERE)

Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Change Jump to: navigation, search Name India-Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Change Agency/Company /Organization Swiss Agency for Development and Cooperation Sector Energy, Land, Water Focus Area Agriculture Topics Co-benefits assessment, Background analysis Resource Type Lessons learned/best practices Website http://www.intercooperation.or Country India Southern Asia References India-Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Change[1] India-Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Change Screenshot Contents 1 Introduction [1] 2 Community-based Institutions [2] 3 Pasture Land Development [3]

17

Assessing Climate Change Impacts, Vulnerability and Adaptation: The Case of  

Open Energy Info (EERE)

Impacts, Vulnerability and Adaptation: The Case of Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan Watershed Jump to: navigation, search Name Assessing Climate Change Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan Watershed Agency/Company /Organization World Agroforestry Centre Sector Land Focus Area Forestry Topics Adaptation, Background analysis, Co-benefits assessment Resource Type Publications Website http://www.worldagroforestry.o Country Philippines UN Region South-Eastern Asia References Assessing Climate Change Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan Watershed[1] Assessing Climate Change Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan Watershed Screenshot This article is a stub. You can help OpenEI by expanding it.

18

New Seals - Vulnerability Assessment Team - Nuclear Engineering Division  

NLE Websites -- All DOE Office Websites (Extended Search)

More Information More Information VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

19

Insanely Fast Microprocessor Shop - Vulnerability Assessment Team - Nuclear  

NLE Websites -- All DOE Office Websites (Extended Search)

Insanely Fast Microprocessor Shop Insanely Fast Microprocessor Shop VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms

20

About Seals - Vulnerability Assessment Team - Nuclear Engineering Division  

NLE Websites -- All DOE Office Websites (Extended Search)

Seals Seals VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


21

Findings and Lessons, Seals - Vulnerability Assessment Team - Nuclear  

NLE Websites -- All DOE Office Websites (Extended Search)

Findings and Lessons Learned Findings and Lessons Learned VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms

22

Current Projects: Product Authenticity Tags - Vulnerability Assessment Team  

NLE Websites -- All DOE Office Websites (Extended Search)

Product Authenticity Tags Product Authenticity Tags VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

23

Common Myths about Tamper Indicating Seals - Vulnerability Assessment Team  

NLE Websites -- All DOE Office Websites (Extended Search)

Common Myths about Tamper Common Myths about Tamper Indicating Seals VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms

24

Rapid Sampling from Sealed Containers - Vulnerability Assessment Team -  

NLE Websites -- All DOE Office Websites (Extended Search)

Nonproliferation and Nonproliferation and National Security > VAT > Current Projects > Rapid Sampling Tools > ... from Sealed Containers VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Tamper & Intrusion Detection Rapid Sampling from Sealed Containers Demo video Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned

25

OLADE-Central America Climate Change Vulnerability Program | Open Energy  

Open Energy Info (EERE)

OLADE-Central America Climate Change Vulnerability Program OLADE-Central America Climate Change Vulnerability Program Jump to: navigation, search Name OLADE-Central America Climate Change Vulnerability Program Agency/Company /Organization Latin America Energy Organization Partner Ministries of Energy and Energy Enterprises Sector Energy, Land Topics Background analysis Website http://www.olade.org/proyecto_ Program Start 2010 Program End 2011 Country Belize, Costa Rica, El Salvador, Guatemala, Honduras, Nicaragua, Panama Central America, Central America, Central America, Central America, Central America, Central America, Central America References OLADE Energy and Climate Change Projects[1] OLADE is a Latin American organization working with Central American countries on climate change vulnerability for hydroelectric systems and

26

Assessing Vulnerabilities, Risks, and Consequences of Damage to Critical Infrastructure  

SciTech Connect

Since the publication of 'Critical Foundations: Protecting America's Infrastructure,' there has been a keen understanding of the complexity, interdependencies, and shared responsibility required to protect the nation's most critical assets that are essential to our way of life. The original 5 sectors defined in 1997 have grown to 18 Critical Infrastructures and Key Resources (CIKR), which are discussed in the 2009 National Infrastructure Protection Plan (NIPP) and its supporting sector-specific plans. The NIPP provides the structure for a national program dedicated to enhanced protection and resiliency of the nation's infrastructure. Lawrence Livermore National Laboratory (LLNL) provides in-depth, multi-disciplinary assessments of threat, vulnerability, and consequence across all 18 sectors at scales ranging from specific facilities to infrastructures spanning multi-state regions, such as the Oil and Natural Gas (ONG) sector. Like many of the CIKR sectors, the ONG sector is comprised of production, processing, distribution, and storage of highly valuable and potentially dangerous commodities. Furthermore, there are significant interdependencies with other sectors, including transportation, communication, finance, and government. Understanding the potentially devastating consequences and collateral damage resulting from a terrorist attack or natural event is an important element of LLNL's infrastructure security programs. Our work began in the energy sector in the late 1990s and quickly expanded other critical infrastructure sectors. We have performed over 600 physical assessments with a particular emphasis on those sectors that utilize, store, or ship potentially hazardous materials and for whom cyber security is important. The success of our approach is based on building awareness of vulnerabilities and risks and working directly with industry partners to collectively advance infrastructure protection. This approach consists of three phases: The Pre-Assessment Phase brings together infrastructure owners and operators to identify critical assets and help the team create a structured information request. During this phase, we gain information about the critical assets from those who are most familiar with operations and interdependencies, making the time we spend on the ground conducting the assessment much more productive and enabling the team to make actionable recommendations. The Assessment Phase analyzes 10 areas: Threat environment, cyber architecture, cyber penetration, physical security, physical penetration, operations security, policies and procedures, interdependencies, consequence analysis, and risk characterization. Each of these individual tasks uses direct and indirect data collection, site inspections, and structured and facilitated workshops to gather data. Because of the importance of understanding the cyber threat, LLNL has built both fixed and mobile cyber penetration, wireless penetration and supporting tools that can be tailored to fit customer needs. The Post-Assessment Phase brings vulnerability and risk assessments to the customer in a format that facilitates implementation of mitigation options. Often the assessment findings and recommendations are briefed and discussed with several levels of management and, if appropriate, across jurisdictional boundaries. The end result is enhanced awareness and informed protective measures. Over the last 15 years, we have continued to refine our methodology and capture lessons learned and best practices. The resulting risk and decision framework thus takes into consideration real-world constraints, including regulatory, operational, and economic realities. In addition to 'on the ground' assessments focused on mitigating vulnerabilities, we have integrated our computational and atmospheric dispersion capability with easy-to-use geo-referenced visualization tools to support emergency planning and response operations. LLNL is home to the National Atmospheric Release Advisory Center (NARAC) and the Interagency Modeling and Atmospheric Assessment Center (IMAAC). NA

Suski, N; Wuest, C

2011-02-04T23:59:59.000Z

27

The Journal of Physical Security - Vulnerability Assessment Team - Argonne  

NLE Websites -- All DOE Office Websites (Extended Search)

Current Projects > The Journal of Physical Current Projects > The Journal of Physical Security VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms

28

Common Cyber Security Vulnerabilities Observed in Control System...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program Common Cyber Security Vulnerabilities Observed in Control System Assessments by...

29

TO APPEAR IN IEEE TRANSACTIONS ON POWER SYSTEMS 1 Vulnerability Assessment of Cybersecurity for  

E-Print Network (OSTI)

TO APPEAR IN IEEE TRANSACTIONS ON POWER SYSTEMS 1 Vulnerability Assessment of Cybersecurity Govindarasu, Member, IEEE Abstract--Vulnerability assessment is a requirement of NERC's cybersecurity within the substation networks. Countermeasures are identified for improvement of the cybersecurity

Manimaran, Govindarasu

30

Climate Change Vulnerability Assessment for Idaho National Laboratory  

SciTech Connect

The University of Idaho (UI) was asked to participate in the development of a climate change vulnerability assessment for Idaho National Laboratory (INL). This report describes the outcome of that assessment. The climate change happening now, due in large part to human activities, is expected to continue in the future. UI and INL used a common framework for assessing vulnerability that considers exposure (future climate change), sensitivity (system or component responses to climate), impact (exposure combined with sensitivity), and adaptive capacity (capability of INL to modify operations to minimize climate change impacts) to assess vulnerability. Analyses of climate change (exposure) revealed that warming that is ongoing at INL will continue in the coming decades, with increased warming in later decades and under scenarios of greater greenhouse gas emissions. Projections of precipitation are more uncertain, with multi model means exhibiting somewhat wetter conditions and more wet days per year. Additional impacts relevant to INL include estimates of more burned area and increased evaporation and transpiration, leading to reduced soil moisture and plant growth.

Christopher P. Ischay; Ernest L. Fossum; Polly C. Buotte; Jeffrey A. Hicke; Alexander Peterson

2014-10-01T23:59:59.000Z

31

A watershed-based method for environmental vulnerability assessment with a case study of the Mid-Atlantic region  

SciTech Connect

The paper presents a method for environmental vulnerability assessment with a case study of the Mid-Atlantic region. The method is based on the concept of 'self-/peer-appraisal' of a watershed in term of vulnerability. The self-/peer-appraisal process is facilitated by two separate linear optimization programs. The analysis provided insights on the environmental conditions, in general, and the relative vulnerability pattern, in particular, of the Mid-Atlantic region. The suggested method offers a simple but effective and objective way to perform a regional environmental vulnerability assessment. Consequently the method can be used in various steps in environmental assessment and planning. - Highlights: Black-Right-Pointing-Pointer We present a method for regional environmental vulnerability assessment. Black-Right-Pointing-Pointer It is based on the self-/peer-appraisal concept in term of vulnerability. Black-Right-Pointing-Pointer The analysis is facilitated by two separate linear optimization programs. Black-Right-Pointing-Pointer The method provides insights on the regional relative vulnerability pattern.

Tran, Liem T., E-mail: ltran1@utk.edu [Department of Geography, University of Tennessee, Knoxville, TN (United States); O& #x27; Neill, Robert V. [OTIE and Associates, Oak Ridge, TN (United States); Smith, Elizabeth R. [U.S. Environmental Protection Agency, Office of Research and Development, National Exposure Research Laboratory, Research Triangle Park, NC (United States)

2012-04-15T23:59:59.000Z

32

Argonne's Vulnerability  

NLE Websites -- All DOE Office Websites (Extended Search)

finding finding and fixing security flaws Argonne's Vulnerability assessment Team VAT researchers spend their workdays devising and demonstrating ways to defeat a wide variety of security devices, systems, and programs, ranging from electronic voting machines and global positioning systems (GPS) to nuclear safeguards programs and biometrics-based access control. This involves analyzing the security features, reverse-engineering the technology or

33

ISS-011, Vulnerability Assessment Standard 1/3 UCIT INFORMATION SECURITY STANDARDS  

E-Print Network (OSTI)

ISS-011, Vulnerability Assessment Standard 1/3 UCIT INFORMATION SECURITY STANDARDS Vulnerability Assessment Standard Rationale 1 To enable timely identification and mitigation of vulnerabilities and security flaws affecting computing devices within UofC's computing environment. Scope 2 2.1 This standard

Habib, Ayman

34

Using vulnerability assessments to design facility safeguards and security systems  

SciTech Connect

The Weapons Complex Reconfiguration (WCR) Program is meant to prepare the Department of Energy (DOE) weapons complex to meet the needs of the next century through construction of now facilities or upgrades-in-place at existing facilities. This paper describes how a vulnerability (VA) was used to identify potential S&S features for the conceptual design for a plutonium storage facility as part of the WCR Program. We distinguish those features of the design that need to be investigated at the conceptual stage from those that can be evaluated later. We also examined what protection features may allow reduced S&S operating costs, with the main focus on protective force costs. While some of these concepts hold the promise for significantly reducing life-cycle protective force costs, their use depends on resolving long-standing tradeoffs between S&S and safety, which are discussed in the study.

Snell, M.; Jaeger, C.

1994-08-01T23:59:59.000Z

35

SP 800-40 Version 2.0. Creating a Patch and Vulnerability Management Program  

Science Journals Connector (OSTI)

This document provides guidance on creating a security patch and vulnerability management program and testing the effectiveness of that program. The primary audience is security managers who are responsible for designing and implementing the program. ... Keywords: Computer security, security patches, vulnerability management

Peter M. Mell; Tiffany Bergeron; David Henning

2005-11-01T23:59:59.000Z

36

Fuzzy integrated vulnerability assessment model for critical facilities in combating the terrorism  

Science Journals Connector (OSTI)

Critical facility vulnerability assessment is a highly complex strategic activity in combating the terrorism and necessitates a structured quantified methodology to support the decision-making process in defense planning. In the system perspective, the critical facility, such as airport, dam, governmental facility, harbor, nuclear power plant, oil plant etc., can be defined as a system that relies on a group of different interdependent logical and physical entities as system functions and system components. The aim of this paper is to present a realistic approach to determine the vulnerability of such a system defended against the terrorist attack under multiple criteria which can be both qualitative and quantitative by considering these interdependencies. The proposed approach, called fuzzy integrated vulnerability assessment model (FIVAM), is based on fuzzy set theory, Simple Multi-Attribute Rating Technique (SMART) and Fuzzy Cognitive Maps (FCM) methodology in a group decision-making environment. The FIVAM approach is presented step-by-step and applied to a simple case study on airport vulnerability assessment. The results of the application are compared to those observed through a classical vulnerability assessment model to illustrate the effectiveness of the FIVAM. Furthermore, FIVAM provides a framework to identify the hidden vulnerabilities caused by the functional interdependencies within the system. The results also show that FIVAM quantifies the vulnerability of the system, system functions and system components, and determines the most critical functions and components by simulating the system behavior.

Ilker Akgun; Ahmet Kandakoglu; Ahmet Fahri Ozok

2010-01-01T23:59:59.000Z

37

Department of Energy Plutonium ES&H Vulnerability Assessment Savannah River Site interim compensatory measures  

SciTech Connect

The Savannah River Site (SRS) has recently completed a self-assessment of potential vulnerabilities associated with plutonium and other transuranic materials stored at the site. An independent Working Group Assessment Team (WGAT) appointed by DOE/ES&H also performed an independent assessment, and reviewed and validated the site self-assessment. The purpose of this report is to provide a status of interim compensatory measures at SRS to address hazards in advance of any corrective actions. ES&H has requested this status for all vulnerabilities ranked medium or higher with respect to potential consequences to workers, environment, and the public.

Bickford, W.E.

1994-09-15T23:59:59.000Z

38

Seismic vulnerability assessment of a high voltage disconnect switch  

Science Journals Connector (OSTI)

Abstract This paper deals with the seismic vulnerability of high voltage equipment typically installed in electric substations. In particular, the seismic response of a 380kV vertical disconnect switch has been investigated based on the results of an experimental campaign carried out at Roma Tre University. According to a series of non-linear analyses, the influence of the most significant parameters on the seismic behavior of this apparatus has been analyzed and the corresponding fragility curves have been evaluated by using the Effective Fragility Analysis method. The results showed a limited vulnerability of the disconnect switch, whose most critical parts are the bottom joint of the ceramic support column and the steel column base.

Fabrizio Paolacci; Renato Giannini; Silvia Alessandri; Gianmarco De Felice

2014-01-01T23:59:59.000Z

39

Knowledge Management and Visualization in Support of Vulnerability Assessment of Electricity Production  

SciTech Connect

With the rapid growth in demand of electricity, vulnerability assessment of electricity production and its availability has become essential to our economy, national defense, and quality of life. The main focus to date has generally been on protecting power plants and energy transmission systems. However, the extraction and delivery of fuels is also a critical component of the value chain for electricity production. A disruption at any point in the infrastructure could result in lost power production and delivery. The need for better analysis of fuel delivery vulnerabilities is pressing. Therefore, the purpose of this paper is to present the preliminary results of a research project that aims to analyze the vulnerability associated with delivery of fuels and to ensure availability of fuel supplies, by providing insight into likely vulnerability problems so that solutions and preventative methods may be devised. In this research project, a framework for electricity production vulnerability assessment was proposed. Different data sources were integrated into a data warehouse to allow interactive analysis of enormous historical datasets for coal transactions and coal transportation. By summarizing and slicing the historical datasets into different data cubes, the enormous datasets were able to be analyzed and visualized. An interactive GIS interface allows users to interact with it to perform different queries and then visualize the results. The analyses help decision makers understand the impact of fuel delivery disruption and the vulnerabilities in the coal transportation system. Thus, solutions and policies might be advised to avoid disruptions.

Dodrill, Keith; Garrett, J.H. (Carnegie Mellon); Matthews, S. (Carnegie Mellon); Shih, C-Y. (Carnegie Mellon); Soibelman, L. (Carnegie Mellon); McSurdy, S.

2007-01-01T23:59:59.000Z

40

Seismic vulnerability assessment through explicit consideration of uncertainties in structural capacities and structural demands  

Science Journals Connector (OSTI)

Earthquakes are among the most important natural hazards confronting engineers, regulatory authorities, and the public at large. The assessment of structural seismic vulnerability has become the subject of intensive research. In this paper, a mathematical framework for seismic vulnerability assessment of building structures is presented, and the concept of vulnerability function is introduced and mathematically described, which is integrally related to the fragility assessment and reflects the susceptibility of a system to serious consequences. The limit state of a building structure is stated as the structural demand exceeding the structural capacity, so the methodology is developed based on a systematic treatment of uncertainties in seismic hazard, structural demands due to seismic hazard, and capacities of building structures in resisting limit states. The methods and assessment procedures are illustrated through a steel building frame, showing the presented methodology is an efficient tool in support of seismic vulnerability assessment. The explicit consideration of uncertainty is an integral part of the engineering risk management and decision process, and the methodology can also be applied to other buildings, bridges or civil infrastructure systems.

Quanwang Li; Jiankang Sun; Jiansheng Fan

2012-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


41

A METHOD FOR RAPID VULNERABILITY ASSESSMENT OF STRUCTURES LOADED BY OUTSIDE BLASTS  

E-Print Network (OSTI)

the structural reliability information for the vulnerability analysis. 1 Corresponding Author: Jamova 39, SI-1000 , Matjaz Leskovar, Marko Cepin, Borut Mavko "Jozef Stefan" Institute, Reactor Engineering Division Keywords blast loads, buildings, rapid assessment, structural reliability ABSTRACT The blast loads have in most

Cizelj, Leon

42

Assessment of U.S. Agriculture Sector and Human Vulnerability to a Rift Valley Fever Outbreak  

E-Print Network (OSTI)

on the assessment of the U.S. agricultural sector and human vulnerability to a Rift Valley Fever (RVF) outbreak and the value of a select set of alternative disease control strategies. RVF is a vector-borne, zoonotic disease that affects both livestock and humans...

Hughes, Randi Catherine

2011-08-08T23:59:59.000Z

43

Energy Vulnerability Assessment for the US Pacific Islands. Technical Appendix 2  

SciTech Connect

The study, Energy Vulnerability Assessment of the US Pacific Islands, was mandated by the Congress of the United States as stated in House Resolution 776-220 of 1992, Section 1406. The resolution states that the US Secretary of Energy shall conduct a study of the implications of the unique vulnerabilities of the insular areas to an oil supply disruption. Such study shall outline how the insular areas shall gain access to vital oil supplies during times of national emergency. The resolution defines insular areas as the US Virgin Islands, Puerto Rico, Guam, American Samoa, the Commonwealth of the Northern Mariana Islands, and Palau. The US Virgin Islands and Puerto Rico are not included in this report. The US Department of Energy (USDOE) has broadened the scope of the study contained in the House Resolution to include emergency preparedness and response strategies which would reduce vulnerability to an oil supply disruption as well as steps to ameliorate adverse economic consequences. This includes a review of alternative energy technologies with respect to their potential for reducing dependence on imported petroleum. USDOE has outlined the four tasks of the energy vulnerability assessment as the following: (1) for each island, determine crude oil and refined product demand/supply, and characterize energy and economic infrastructure; (2) forecast global and regional oil trade flow patterns, energy demand/supply, and economic activities; (3) formulate oil supply disruption scenarios and ascertain the general and unique vulnerabilities of these islands to oil supply disruptions; and (4) outline emergency preparedness and response options to secure oil supplies in the short run, and reduce dependence on imported oil in the longer term.

Fesharaki, F.; Rizer, J.P.; Greer, L.S.

1994-05-01T23:59:59.000Z

44

Biomedical Engineering Program Assessment Plan Biomedical Engineering Program Assessment Plan  

E-Print Network (OSTI)

1 Biomedical Engineering Program Assessment Plan Biomedical Engineering Program in science and mathematics to address engineering problems in a biomedical context. a. Demonstrate a working sciences. b. Demonstrate ability to apply basic science concepts as foundations to biomedical engineering

Cantlon, Jessica F.

45

Climate Change Vulnerability of Native and Alien Freshwater Fishes of California: A Systematic Assessment  

E-Print Network (OSTI)

Climate Change Vulnerability of Native and Alien Freshwater Fishes of California: A Systematic and climate change vulnerability scores were derived for 121 native and 43 alien fish species. The two scores baseline and greater climate change vulnerability than did alien species. Fifty percent of California

46

Development of an ASTM standard guide on performing vulnerability assessments for nuclear facilities  

SciTech Connect

This paper describes an effort undertaken by subcommittee C26.12 (Safeguards) of the American Society for Testing and Materials (ASTM) to develop a standard guide for performing vulnerability assessments (VAs). VAs are performed to determine the effectiveness of safeguards and security systems for both domestic and international nuclear facilities. These assessments address a range of threats, including theft of nuclear material and sabotage, and use an array of methods. The approach to performing and documenting VAs is varied and is largely dependent upon the tools used to perform them. This diversity can lead to tools being misused, making validation of VAs more difficult. The development of a standard guide for performing VAs would, if generally accepted, alleviate these concerns. ASTM provides a forum for developing guides that includes a high level of peer review to assure that the result is acceptable to all potential users. Additionally, the ASTM is widely recognized for setting standards, and endorsement by the Society may increase the likelihood of acceptance by the nuclear community. The goal of this work is to develop a guide that is independent of the tools being used to perform the VA and applicable to the spectrum of threats described above.

Wilkey, D.D.

1995-09-01T23:59:59.000Z

47

NSTB Summarizes Vulnerable Areas  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

NSTB Summarizes Vulnerable Areas NSTB Summarizes Vulnerable Areas Commonly Found in Energy Control Systems Experts at the National SCADA Test Bed (NSTB) discovered some common areas of vulnerability in the energy control systems assessed between late 2004 and early 2006. These vulnerabilities ranged from conventional IT security issues to specific weaknesses in control system protocols. The paper "Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems" describes the vulnerabilities and recommended strategies for mitigating them. It should be of use to asset owners and operators, control system vendors, system integrators, and third-party vendors interested in enhancing the security characteristics of current and future products.

48

CRAD, Self-Assessment Program Assessment Plan | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Self-Assessment Program Assessment Plan Self-Assessment Program Assessment Plan CRAD, Self-Assessment Program Assessment Plan Performance Objective: Management should ensure that effective management and independent self-assessments are being conducted periodically by technically qualified personnel. [10 CFR 830.122, subpart A & DOE O 414.1A, Quality Assurance] Criteria: Managers shall assess their management processes and be actively involved in the assessment process to ensure results contribute to improved performance of programs, systems, and work processes. DOE O 414.1A, Criterion 9 (a) An effective assessment and safety management program shall focus on achieving DOE/NNSA expectations through federal regulations and standards. DOE O 414.1A, Criterion 9 (a) An effective assessment supports management's goal to protect

49

CRAD, Self-Assessment Program Assessment Plan | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Self-Assessment Program Assessment Plan Self-Assessment Program Assessment Plan CRAD, Self-Assessment Program Assessment Plan Performance Objective: Management should ensure that effective management and independent self-assessments are being conducted periodically by technically qualified personnel. [10 CFR 830.122, subpart A & DOE O 414.1A, Quality Assurance] Criteria: Managers shall assess their management processes and be actively involved in the assessment process to ensure results contribute to improved performance of programs, systems, and work processes. DOE O 414.1A, Criterion 9 (a) An effective assessment and safety management program shall focus on achieving DOE/NNSA expectations through federal regulations and standards. DOE O 414.1A, Criterion 9 (a) An effective assessment supports management's goal to protect

50

Assessment of government tribology programs  

SciTech Connect

An assessment has been made to determine current tribology research and development work sponsored or conducted by the government. Data base surveys and discussions were conducted to isolate current projects sponsored primarily by 21 different government organizations. These projects were classified by subject, objective, energy relevance, type of research, phenomenon being investigated, variables being studied, type of motion, materials and application. An abstract of each project was prepared which included the classification, sponsor, performing organization and a project description. It was found that current work is primarily materials oriented to meet military requirements. Other than the high temperature programs very few of the tribology projects accomplish energy related objectives.

Peterson, M.B.; Levinson, T.M.

1985-09-01T23:59:59.000Z

51

CHEMICAL ENGINEERING PROGRAM ASSESSMENT PLAN Program Learning Objectives  

E-Print Network (OSTI)

education necessary to understand the impact of engineering solutions in a global, economic, environmental20 CHEMICAL ENGINEERING PROGRAM ASSESSMENT PLAN Program Learning Objectives of mathematics, science, and engineering (b) an ability to design and conduct experiments, as well

Cantlon, Jessica F.

52

Optics and Optical Engineering Program Assessment Plan Program Learning Objectives  

E-Print Network (OSTI)

Optics and Optical Engineering Program Assessment Plan Program Learning, and processes that underlie optics and optical engineering. 2. Strong understanding of the fundamental science, mathematics, and processes that underlie optics and optical

Cantlon, Jessica F.

53

Property-Assessed Clean Energy Programs  

Energy.gov (U.S. Department of Energy (DOE))

The property-assessed clean energy (PACE) model is an innovative mechanism for financing energy efficiency and renewable energy improvements on private property. PACE programs allow local...

54

Property-Assessed Clean Energy Programs | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Financing Financing Structures Property-Assessed Clean Energy Programs Property-Assessed Clean Energy Programs The property-assessed clean energy (PACE) model is an...

55

V-074: IBM Informix Genero libpng Integer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: IBM Informix Genero libpng Integer Overflow Vulnerability 4: IBM Informix Genero libpng Integer Overflow Vulnerability V-074: IBM Informix Genero libpng Integer Overflow Vulnerability January 22, 2013 - 12:11am Addthis PROBLEM: IBM Informix Genero libpng Integer Overflow Vulnerability PLATFORM: IBM Informix Genero releases prior to 2.41 - all platforms ABSTRACT: A vulnerability has been reported in libpng. REFERENCE LINKS: IBM Security Bulletin: 1620982 Secunia Advisory SA51905 Secunia Advisory SA48026 CVE-2011-3026 IMPACT ASSESSMENT: Medium DISCUSSION: The libpng library used by IBM Informix Genero contains an integer overflow vulnerability. If you use IBM Informix Genero to handle PNG (Portable Network Graphics) image files and an attacker causes your IBM Informix Genero program to open or display a malicious PNG file, your IBM Informix

56

CRAD, Self-Assessment Program Assessment Plan | Department of...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

DOE O 414.1A, Criterion 10 (a) An effective self-assessment program must have a clear document trail evidencing a culture of Lessons Learned. DOE O 414.1A, Criterion 10 (a)...

57

Technical Qualification Program Self-Assessment Report - NNSA...  

Office of Environmental Management (EM)

Technical Qualification Program Self-Assessment Report - NNSA Production Office - 2014 Technical Qualification Program Self-Assessment Report - NNSA Production Office - 2014 In...

58

Senior Technical Safety Manager Qualification Program Self-Assessment...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Senior Technical Safety Manager Qualification Program Self-Assessment - Chief of Nuclear Safety Senior Technical Safety Manager Qualification Program Self-Assessment - Chief of...

59

ASSESSMENT OF SRSO TRAINING & QUALIFICATION PROGRAM  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

ASSESSMENT OF SRSO TRAINING & QUALIFICATION PROGRAM ASSESSMENT OF SRSO TRAINING & QUALIFICATION PROGRAM This self assessment evaluates the effective implementation of the Technical Qualification Programs (TQP). The Federal Technical Capability Panel (FTCP) also reviews the results of the TQP self- assessments and determines if further action is necessary on a Departmental level. Federal Technical Capability: LOIs a. FTC-1. Executive Commitment and Line Management Ownership. Line management is actively involved in all aspects of technical employee recruitment, retention, development, and deployment. 1.1 Line managers are aware of the requirements and administrative flexibilities associated with recruiting, hiring, and retaining high-quality technical employees. 1.2 Senior line management supports the continuous technical

60

Environmental Compliance Audit& Assessment Program Manual  

SciTech Connect

This document describes the elements, schedule, roles, and responsibilities of the Lawrence Berkeley National Laboratory (LBNL) Environmental Compliance Audit & Assessment Program (ECAAP). The ECAAP has been developed to meet the requirements of DOE Order 450.1A,1 and Executive Order 13423.2 These referenced Orders stipulate that government agencies must develop environmental compliance audit programs to monitor and improve compliance with environmental regulations. As stated specifically in the DOE Order, as a part of a DOE facility's Environmental Management System (EMS), 'An environmental compliance audit and review program that identifies compliance deficiencies and root causes of non-compliance' shall be developed and implemented. The ECAAP has also been developed to satisfy LBNL's institutional technical assurance assessment requirements promulgated in the Environment, Safety and Health (ES&H) Self-Assessment Program (LBNL/PUB-5344) and described by the ES&H Technical Assurance Program (TAP) Manual (LBNL/PUB-913E). The ES&H TAP Manual provides the framework for systematic reviews of ES&H programs with the intent to provide assurance that these programs comply with their guiding regulations, are effective, and are properly implemented. As required by the DOE and Executive Orders and by LBNL's TAP, the goal of the ECAAP is to identify environmental regulatory compliance deficiencies and to determine their respective causes. The ECAAP then provides a means of correcting any deficiencies identified, and leads to continually improving environmental compliance performance.

Thorson, Patrick; Baskin, David; Borglin, Ned; Fox, Robert; Wahl, Linnea; Hatayama, Howard; Pauer, Ronald

2009-03-13T23:59:59.000Z

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


61

Microsoft Word - Assessment-B-ProgramCriteria  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

ATTACHMENT B ATTACHMENT B PROGRAM ASSESSMENT CRITERIA Identify the following for all sites: Program Management * Number FTE's devoted to Records Management o Full-time Federal and Contractor o Part-time Federal and Contractor Percent of time spent on Records Management duties * Percentage of time each Records Management employee is assigned to: o Program Management o Operations Training/Assistance Schedule Application Records Holding/Storage Area Activities EEOICPA Claims * Monthly Claim Volume Other, specify o Contractor Oversight * Manpower/Support Costs o Series and Grade levels for Federal FTE's o Contractor costs * Records Management Expertise o Federal and Contractor Records-related Training received within the last three

62

Numerical simulation of dynamic response of a long-span bridge to assess its vulnerability to non-synoptic wind  

Science Journals Connector (OSTI)

Abstract Winds generated by non-synoptic events such as those from tornadoes, microbursts or gust fronts, that are non-stationary or transient in nature and extreme in magnitude, can cause major damage to flexible structures. In this paper, a time-domain method is used to simulate the response of a long-span bridge subject to winds generated by a particular type of non-synoptic wind phenomenon such as a microburst to assess the vulnerability of the bridge to such winds. The self-excited or motion-induced and buffeting or turbulence-induced wind loads on the structure were modeled and simulated by Rational Functions and buffeting indicial functions, respectively. Wind from a translating microburst was simulated using empirical relationships that were derived from measurements of a laboratory-simulated microburst and the bridge response calculated to compare it with those induced by an equivalent straight-line wind that is used for structural design. It is shown that microburst induced structural vibration could be larger or smaller than the vibration induced by straight-line wind of equivalent magnitude depending on the relative size of the microburst with respect to the bridge span.

Bochao Cao; Partha P. Sarkar

2015-01-01T23:59:59.000Z

63

Program Assessment, Program Review, Program Prioritization What's the Difference? Each academic department is required to have an Assessment Plan and submit periodic assessment updates. Additionally, each department is  

E-Print Network (OSTI)

in a program review. A department's failure to have or follow through with their assessment plan strategic plan is part of the review. The department's alignment with institutional prioritiesProgram Assessment, Program Review, Program Prioritization ­ What's the Difference? Each academic

Maxwell, Bruce D.

64

Technical Qualification Program Self-Assessment Report - Pacific Northwest  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Technical Qualification Program Self-Assessment Report - Pacific Technical Qualification Program Self-Assessment Report - Pacific Northwest Site Office Technical Qualification Program Self-Assessment Report - Pacific Northwest Site Office This self-assessment evaluated how well the Technical Qualification and Federal Capability Programs were implemented at the Pacific Northwest Site Office. The assessment was conducted in accordance with the SCMS: Quality Assurance and Oversight: Subject Area: Assessments, Procedure 2, Performing Assessments and SCMS: Quality Assurance and Oversight: Subject Area: Issues Management, Procedure 1, Managing Issues Identified in Oversight Activities. PNSO TQP Self-Assessment More Documents & Publications Technical Qualification Program Self-Assessment Report - Livermore Field Office Technical Qualification Program and FTCP Assessment CRADs

65

Combining particle-tracking and geochemical data to assess public supply well vulnerability to arsenic and uranium q  

E-Print Network (OSTI)

. Bhattacharya, Associate Editor Keywords: Vulnerability Particle-tracking Arsenic Uranium Classification tree through aquifer systems and also through specific redox and pH zones within aquifers. Time were generally strongest for variables computed for distinct redox zones. Classification tree analysis

66

Better Buildings Neighborhood Program: Step 9: Assess Your Progress  

NLE Websites -- All DOE Office Websites (Extended Search)

9: Assess 9: Assess Your Progress to someone by E-mail Share Better Buildings Neighborhood Program: Step 9: Assess Your Progress on Facebook Tweet about Better Buildings Neighborhood Program: Step 9: Assess Your Progress on Twitter Bookmark Better Buildings Neighborhood Program: Step 9: Assess Your Progress on Google Bookmark Better Buildings Neighborhood Program: Step 9: Assess Your Progress on Delicious Rank Better Buildings Neighborhood Program: Step 9: Assess Your Progress on Digg Find More places to share Better Buildings Neighborhood Program: Step 9: Assess Your Progress on AddThis.com... Getting Started Driving Demand Set Goals & Objectives Create an Evaluation Plan Conduct Audience Research Identify Target Audiences & Behavior Changes Create Effective Messages

67

Federal Energy Management Program: Assess Potential Agency Size Changes  

NLE Websites -- All DOE Office Websites (Extended Search)

Assess Potential Assess Potential Agency Size Changes that Impact Greenhouse Gas Emissions to someone by E-mail Share Federal Energy Management Program: Assess Potential Agency Size Changes that Impact Greenhouse Gas Emissions on Facebook Tweet about Federal Energy Management Program: Assess Potential Agency Size Changes that Impact Greenhouse Gas Emissions on Twitter Bookmark Federal Energy Management Program: Assess Potential Agency Size Changes that Impact Greenhouse Gas Emissions on Google Bookmark Federal Energy Management Program: Assess Potential Agency Size Changes that Impact Greenhouse Gas Emissions on Delicious Rank Federal Energy Management Program: Assess Potential Agency Size Changes that Impact Greenhouse Gas Emissions on Digg Find More places to share Federal Energy Management Program: Assess

68

Energy vulnerability relationships  

SciTech Connect

The US consumption of crude oil resources has been a steadily growing indicator of the vitality and strength of the US economy. At the same time import diversity has also been a rapidly developing dimension of the import picture. In the early 1970`s, embargoes of crude oil from Organization of Producing and Exporting Countries (OPEC) created economic and political havoc due to a significant lack of diversity and a unique set of economic, political and domestic regulatory circumstances. The continued rise of imports has again led to concerns over the security of our crude oil resource but threats to this system must be considered in light of the diversity and current setting of imported oil. This report develops several important issues concerning vulnerability to the disruption of oil imports: (1) The Middle East is not the major supplier of oil to the United States, (2) The US is not vulnerable to having its entire import stream disrupted, (3) Even in stable countries, there exist vulnerabilities to disruption of the export stream of oil, (4) Vulnerability reduction requires a focus on international solutions, and (5) DOE program and policy development must reflect the requirements of the diverse supply. Does this increasing proportion of imported oil create a {open_quotes}dependence{close_quotes}? Does this increasing proportion of imported oil present a vulnerability to {open_quotes}price shocks{close_quotes} and the tremendous dislocations experienced during the 1970`s? Finally, what is the vulnerability of supply disruptions from the current sources of imported oil? If oil is considered to be a finite, rapidly depleting resource, then the answers to these questions must be {open_quotes}yes.{close_quotes} However, if the supply of oil is expanding, and not limited, then dependence is relative to regional supply sources.

Shaw, B.R.; Boesen, J.L.

1998-02-01T23:59:59.000Z

69

Vulnerability in Climate Change Research: A Comprehensive Conceptual Framework  

E-Print Network (OSTI)

hazards assessments, for instance, have regarded naturaladdressing natural hazards and vulnerability assessments ad-assessment developed by Klein and Nicholls (1999) sees natural

Fssel, HansMartin

2005-01-01T23:59:59.000Z

70

ASSESSMENT OF TECHNICAL QUALIFICATION AND FEDERAL TECHNICAL CAPABILITY PROGRAMS  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

And TQP Assessment Crads 11 2012 Smooth (2) 1 11/29/12 And TQP Assessment Crads 11 2012 Smooth (2) 1 11/29/12 ASSESSMENT OF TECHNICAL QUALIFICATION AND FEDERAL TECHNICAL CAPABILITY PROGRAMS This document provides guidance and objectives and criteria to support assessments required by DOE O 426.1 Federal Technical Capability (FTC), Section 4. REQUIREMENTS, paragraph b. FTC Program Implementation, subparagraph (7) Self- Assessment. This FTC Order paragraph requires self-assessment of TQP and FTC Program implementation within one's organization. To ensure effective implementation of the Technical Qualification Programs (TQP), Headquarters and field elements conduct self-assessments of these programs. The Federal Technical Capability Panel (FTCP) also reviews the results of the TQP self-assessments and determines if further action is

71

City of Aspen - Energy Assessment Rebate Program | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

City of Aspen - Energy Assessment Rebate Program City of Aspen - Energy Assessment Rebate Program City of Aspen - Energy Assessment Rebate Program < Back Eligibility Commercial Residential Savings Category Home Weatherization Commercial Weatherization Sealing Your Home Design & Remodeling Windows, Doors, & Skylights Ventilation Appliances & Electronics Commercial Lighting Lighting Heating & Cooling Commercial Heating & Cooling Maximum Rebate $225 Program Info State Colorado Program Type Utility Rebate Program Rebate Amount Up to $225 Provider City of Aspen Community Development The City of Aspen encourages interested residents and businesses to increase the energy efficiency of homes and offices through the Energy Assessment Program. Participating homes and offices must located within the city and have a BPI-certified energy assessment performed on the property

72

Technical Qualification Program Self-Assessment Report - Nevada Site Office  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Technical Qualification Program Self-Assessment Report - Nevada Technical Qualification Program Self-Assessment Report - Nevada Site Office Technical Qualification Program Self-Assessment Report - Nevada Site Office An accreditation assessment of the National Nuclear Security Administration Nevada Site Office (NNSA/NSO) Technical Qualification Program (TQP) was conducted during the week of October 5-8, 2009. The accreditation of the TQP will enable NSO to demonstrate that they have an effective program in place to ensure the technical competency of the individuals performing these activities. In order to initiate the accreditation process, a comprehensive self-assessment of the TQP against the objectives and supporting criteria is required. This report documents the details and conclusions of that self-assessment. NNSA-NSO TQP Self-Assessment, October 2009

73

UNEP Risoe Technology Needs Assessment Program | Open Energy Information  

Open Energy Info (EERE)

Needs Assessment Program Needs Assessment Program Jump to: navigation, search Name UNEP Risoe-Technology Needs Assessment Program Agency/Company /Organization UNEP-Risoe Centre Sector Energy Topics Background analysis, Low emission development planning, -Roadmap, Pathways analysis Website http://tech-action.org/ Country Argentina, Bangladesh, Cambodia, Costa Rica, Georgia (country), Guatemala, Indonesia, Ivory Coast, Kenya, Mali, Morocco, Peru, Senegal, Thailand, Vietnam South America, Southern Asia, South-Eastern Asia, Central America, Western Asia, Central America, South-Eastern Asia, Western Africa, Eastern Africa, Western Africa, Northern Africa, South America, Western Africa, South-Eastern Asia, South-Eastern Asia References UNEP Risoe-Technology Needs Assessment Program[1]

74

Technical Qualification Program Self-Assessment Report - Livermore Field  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Livermore Livermore Field Office Technical Qualification Program Self-Assessment Report - Livermore Field Office The purpose of the Livermore Field Office (LFO) Teclmical Qualification Program (TQP) is to ensure that federal teclmical personnel with safety oversight responsibilities at defense nuclear facilities at Lawrence Livermore National Laboratory possess competence commensurate with responsibilities. LFO is committed to ensuring it has the necessary teclmical capabilities to provide the kind of management, direction, and guidance essential to safe operation ofDOE's defense nuclear facilities. LFO TQP Self-Assessment, May 2013 More Documents & Publications Technical Qualification Program Self-Assessment Report - Nevada Site Office Technical Qualification Program Self-Assessment Report - Sandia Site Office

75

Technical Qualification Program Self-Assessment Report - Sandia...  

Energy Savers (EERE)

Program (TQP) as measured by the current Federal Technical Capability Panel criteria review and approach documents (CRADs) included in the assessment plan. SSO TQP...

76

Kenya-UNEP Risoe Technology Needs Assessment Program | Open Energy...  

Open Energy Info (EERE)

Country Kenya Eastern Africa References UNEP Risoe-Technology Needs Assessment Program1 Abstract UNEP DTIE in collaboration with the UNEP Risoe Centre will provide targeted...

77

Peru-UNEP Risoe Technology Needs Assessment Program | Open Energy...  

Open Energy Info (EERE)

UNEP Risoe-Technology Needs Assessment Program1 Abstract UNEP DTIE in collaboration with the UNEP Risoe Centre will provide targeted financial, technical and methodological...

78

Senior Technical Safety Manager Qualification Program Self-Assessment -  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Senior Technical Safety Manager Qualification Program Senior Technical Safety Manager Qualification Program Self-Assessment - Chief of Nuclear Safety Senior Technical Safety Manager Qualification Program Self-Assessment - Chief of Nuclear Safety A self-assessment of the CNS Senior Technical Safety Manager (STSM) Qualification Program was conducted during the week of July 8, 2013, when all STSM-qualified staff members were present in Germantown, Maryland. This was the first self-assessment that CNS has conducted. In accordance CNS Standard Operating Procedure SOP-016, Senior Technical Safety Manager Qualification Program, a self-assessment is required once every four years. Chief of Nuclear Safety STSM Self-Assessment, August 2013 More Documents & Publications 2010 Annual Workforce Analysis and Staffing Plan Report - Chief of Nuclear

79

Self-assessment program implementation plan. Revision A  

SciTech Connect

This implementation plan identifies and describes the tasks that must be completed in order to successfully implement a Self-Assessment (SA) Program. The purpose of the Self-Assessment Program is to comply with applicable Department of Energy (DOE) directives and orders, Federal, State, and local regulations, operate the Pinellas Plant according to best management practices, and achieve excellence in all operating areas. The Self-Assessment Program will be applied to the Pinellas Plant facility which includes buildings, grounds, equipment, operations, and activities under the control of line management. Furthermore, all applicable disciplines under environmental protection, safety, health and management will be covered by the program. The Self-Assessment Program has been designed to accomplish the following tasks: define the scope of the Self-Assessment Program; assign organizational roles and responsibilities; address EH and S functional elements and management issues; develop a Self-Assessment program charter and policy; identify all applicable EH and S codes, regulations and standards; develop self-assessment procedures and instructions; generate a Self-Assessment Manual; develop a master schedule for facility appraisals and audits; design checklists and report formats for recording appraisal data; implement an assessment tracking and reporting system; implement a root cause analysis and corrective action system; implement a trend analysis and lessons learned system; and establish a formal training program.

Quets, A.L.

1991-10-23T23:59:59.000Z

80

NANA Wind Resource Assessment Program Final Report  

SciTech Connect

NANA Regional Corporation (NRC) of northwest Alaska is located in an area with abundant wind energy resources. In 2007, NRC was awarded grant DE-FG36-07GO17076 by the US Department of Energy's Tribal Energy Program for funding a Wind Resource Assessment Project (WRAP) for the NANA region. The NANA region, including Kotzebue Electric Association (KEA) and Alaska Village Electric Cooperative (AVEC) have been national leaders at developing, designing, building, and operating wind-diesel hybrid systems in Kotzebue (starting in 1996) and Selawik (2002). Promising sites for the development of new wind energy projects in the region have been identified by the WRAP, including Buckland, Deering, and the Kivalina/Red Dog Mine Port Area. Ambler, Shungnak, Kobuk, Kiana, Noorvik & Noatak were determined to have poor wind resources at sites in or very near each community. However, all five of these communities may have better wind resources atop hills or at sites with slightly higher elevations several miles away.

Jay Hermanson

2010-09-23T23:59:59.000Z

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


81

Technical Qualification Program Self-Assessment Report - Livermore Field  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Technical Qualification Program Self-Assessment Report - Livermore Technical Qualification Program Self-Assessment Report - Livermore Field Office Technical Qualification Program Self-Assessment Report - Livermore Field Office The purpose of the Livermore Field Office (LFO) Teclmical Qualification Program (TQP) is to ensure that federal teclmical personnel with safety oversight responsibilities at defense nuclear facilities at Lawrence Livermore National Laboratory possess competence commensurate with responsibilities. LFO is committed to ensuring it has the necessary teclmical capabilities to provide the kind of management, direction, and guidance essential to safe operation ofDOE's defense nuclear facilities. LFO TQP Self-Assessment, May 2013 More Documents & Publications Technical Qualification Program Self-Assessment Report - Pacific Northwest

82

Argentina-UNEP Risoe Technology Needs Assessment Program | Open Energy  

Open Energy Info (EERE)

Argentina-UNEP Risoe Technology Needs Assessment Program Argentina-UNEP Risoe Technology Needs Assessment Program Jump to: navigation, search Name Argentina-UNEP Risoe-Technology Needs Assessment Program Agency/Company /Organization UNEP-Risoe Centre Sector Climate, Energy, Land, Water Focus Area Renewable Energy, Non-renewable Energy, Agriculture, Biomass, - Waste to Energy, Industry, - Industrial Processes, Transportation Topics Adaptation, Background analysis, Low emission development planning, -Roadmap, Pathways analysis Website http://tech-action.org/index.p Program Start 2009 Program End 2013 Country Argentina South America References UNEP Risoe-Technology Needs Assessment Program[1] Abstract UNEP DTIE in collaboration with the UNEP Risoe Centre will provide targeted financial, technical and methodological support to assist a total of 35 to 45 countries to conduct TNA projects

83

Indonesia-UNEP Risoe Technology Needs Assessment Program | Open Energy  

Open Energy Info (EERE)

Indonesia-UNEP Risoe Technology Needs Assessment Program Indonesia-UNEP Risoe Technology Needs Assessment Program Jump to: navigation, search Name Argentina-UNEP Risoe-Technology Needs Assessment Program Agency/Company /Organization UNEP-Risoe Centre Sector Energy Topics Background analysis, Low emission development planning, -Roadmap, Pathways analysis Website http://tech-action.org/ Country Indonesia South-Eastern Asia References UNEP Risoe-Technology Needs Assessment Program[1] Abstract UNEP DTIE in collaboration with the UNEP Risoe Centre will provide targeted financial, technical and methodological support to assist a total of 35 to 45 countries to conduct TNA projects Overview "Technology needs assessment (TNA) is a set of country-driven activities that identifies and determines the mitigation and adaptation technology

84

Morocco-UNEP Risoe Technology Needs Assessment Program | Open Energy  

Open Energy Info (EERE)

Morocco-UNEP Risoe Technology Needs Assessment Program Morocco-UNEP Risoe Technology Needs Assessment Program Jump to: navigation, search Name Morocco-UNEP Risoe-Technology Needs Assessment Program Agency/Company /Organization UNEP-Risoe Centre Sector Energy Topics Background analysis, Low emission development planning, -Roadmap, Pathways analysis Website http://tech-action.org/ Country Morocco Northern Africa References UNEP Risoe-Technology Needs Assessment Program[1] Abstract UNEP DTIE in collaboration with the UNEP Risoe Centre will provide targeted financial, technical and methodological support to assist a total of 35 to 45 countries to conduct TNA projects Overview "Technology needs assessment (TNA) is a set of country-driven activities that identifies and determines the mitigation and adaptation technology

85

Thailand-UNEP Risoe Technology Needs Assessment Program | Open Energy  

Open Energy Info (EERE)

Thailand-UNEP Risoe Technology Needs Assessment Program Thailand-UNEP Risoe Technology Needs Assessment Program Jump to: navigation, search Name Thailand-UNEP Risoe-Technology Needs Assessment Program Agency/Company /Organization UNEP-Risoe Centre Sector Energy Topics Background analysis, Low emission development planning, -Roadmap, Pathways analysis Website http://tech-action.org/ Country Thailand South-Eastern Asia References UNEP Risoe-Technology Needs Assessment Program[1] Abstract UNEP DTIE in collaboration with the UNEP Risoe Centre will provide targeted financial, technical and methodological support to assist a total of 35 to 45 countries to conduct TNA projects Overview "Technology needs assessment (TNA) is a set of country-driven activities that identifies and determines the mitigation and adaptation technology

86

Cambodia-UNEP Risoe Technology Needs Assessment Program | Open Energy  

Open Energy Info (EERE)

Cambodia-UNEP Risoe Technology Needs Assessment Program Cambodia-UNEP Risoe Technology Needs Assessment Program Jump to: navigation, search Name Cambodia-UNEP Risoe-Technology Needs Assessment Program Agency/Company /Organization UNEP-Risoe Centre Sector Energy Topics Background analysis, Low emission development planning, -Roadmap, Pathways analysis Website http://tech-action.org/ Country Cambodia South-Eastern Asia References UNEP Risoe-Technology Needs Assessment Program[1] Abstract UNEP DTIE in collaboration with the UNEP Risoe Centre will provide targeted financial, technical and methodological support to assist a total of 35 to 45 countries to conduct TNA projects Overview "Technology needs assessment (TNA) is a set of country-driven activities that identifies and determines the mitigation and adaptation technology

87

Mali-UNEP Risoe Technology Needs Assessment Program | Open Energy  

Open Energy Info (EERE)

Mali-UNEP Risoe Technology Needs Assessment Program Mali-UNEP Risoe Technology Needs Assessment Program Jump to: navigation, search Name Mali-UNEP Risoe-Technology Needs Assessment Program Agency/Company /Organization UNEP-Risoe Centre Sector Energy Topics Background analysis, Low emission development planning, -Roadmap, Pathways analysis Website http://tech-action.org/ Country Mali Western Africa References UNEP Risoe-Technology Needs Assessment Program[1] Abstract UNEP DTIE in collaboration with the UNEP Risoe Centre will provide targeted financial, technical and methodological support to assist a total of 35 to 45 countries to conduct TNA projects Overview "Technology needs assessment (TNA) is a set of country-driven activities that identifies and determines the mitigation and adaptation technology

88

Georgia-UNEP Risoe Technology Needs Assessment Program | Open Energy  

Open Energy Info (EERE)

Georgia-UNEP Risoe Technology Needs Assessment Program Georgia-UNEP Risoe Technology Needs Assessment Program Jump to: navigation, search Name Georgia-UNEP Risoe-Technology Needs Assessment Program Agency/Company /Organization UNEP-Risoe Centre Sector Energy Topics Background analysis, Low emission development planning, -Roadmap, Pathways analysis Website http://tech-action.org/ Country Georgia References UNEP Risoe-Technology Needs Assessment Program[1] Abstract UNEP DTIE in collaboration with the UNEP Risoe Centre will provide targeted financial, technical and methodological support to assist a total of 35 to 45 countries to conduct TNA projects Overview "Technology needs assessment (TNA) is a set of country-driven activities that identifies and determines the mitigation and adaptation technology

89

Federal Technical Capability Program Assessment Guidance and Criteria  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

TECHNICAL CAPABILITY PROGRAM TECHNICAL CAPABILITY PROGRAM FEDERAL TECHNICAL CAPABILITY PROGRAM ASSESSMENT GUIDANCE AND CRITERIA Federal Technical Capability Panel and the Office of Human Resources and Administration U.S. Department of Energy Washington, D.C. 20585 September 1998 Federal Technical Capability Program Assessment Guidance and Criteria 1 September 15, 1998 INTRODUCTION The Federal Technical Capability Program provides for the recruitment, deployment, development and retention of federal personnel with the demonstrated technical capability to safely accomplish the Department' s missions and responsibilities. The Federal Technical Capability Panel (Panel) reports to the Deputy Secretary and oversees and resolves issues affecting the Federal Technical Capability Program. The Panel periodically assesses the effectiveness of the four functions of the

90

Assessment of the basic energy sciences program. Volume II. Appendices  

SciTech Connect

A list of experts reviewing the Basic Energy Sciences (BES) program and their organizations are given. The assessment plan is explained; the program examined the following: quality of science being conducted in the program, quality of performers supported by the Basic Energy Sciences (BES) program, and the impact of the research on mission oriented needs. The intent of the assessment is to provide an indication of general status relative to these questions for the BES divisions. The approach to the assessment is described. The sampling plan which was used as a guide in determining the sample size and selecting the sample to evaluate the research program of the Office of Basic Energy Sciences are discussed. Special analyses were conducted on the dispersion of reviewers' ratings, the ratings of the lower funded projects, and the amount of time the principal investigator devoted to the project. These are presented in the final appendix together with histograms for individual rating variables for each program area. (MCW)

Not Available

1982-03-01T23:59:59.000Z

91

Facility Representative Program Assessment Criteria, Review, and Approach Document (CRAD)  

NLE Websites -- All DOE Office Websites (Extended Search)

STD-1063-2011 STD-1063-2011 Appendix B B-1 FACILITY REPRESENTATIVE PROGRAM ASSESSMENT GUIDE The DOE has implemented its FR Program, and is looking to continuously improve the program's effectiveness DOE-wide. An effective FR Program has many elements, as described in this Standard. These elements are intended to yield a program that provides DOE facilities with well-trained FRs who spend appropriate amounts of time in their facilities and can work effectively with their contractor management counterparts. The program, to be effective, needs the functional support of management. To maintain the continued support of DOE management, the FR program needs to demonstrate its continued performance and effectiveness, which is to be assessed periodically using

92

Technical assessment of the Office of Industrial Programs' Advanced Heat Exchanger Program  

SciTech Connect

The DOE's AHX Program is an integral part of the OIP's Waste Heat Recovery Program whose goals are to increase the end-use energy efficiency of industry and agricultural operations, and to expand the energy options for manufacturing processes by providing technologies which use various fuels including coal, renewables, oil, and natural gas. The OIP and PNL convened a panel of industry experts to conduct a technical assessment of OIP's AHX program. This report documents the results of the panel's assessment.

Rinker, F.G.; Bergles, A.E.; Marciniak, T.J.; Batman, J.

1987-02-01T23:59:59.000Z

93

Second Line of Defense Spares Program Assessment  

SciTech Connect

The Office of the Second Line of Defense (SLD) is part of the Department of Energys (DOE) National Nuclear Security Administration (NNSA). The SLD Program accomplishes its critical global security mission by forming cooperative relationships with partner countries to install passive radiation detection systems that augment traditional inspection and law enforcement measures by alerting border officials to the presence of special nuclear or other radiological materials in cross-border traffic. An important tenet of the program is to work collaboratively with these countries to establish the necessary processes, procedures, infrastructure and conditions that will enable them to fully assume the financial and technical responsibilities for operating the equipment. As the number of operational deployments grows, the SLD Program faces an increasingly complex logistics process to promote the timely and efficient supply of spare parts.

Henderson, Dale L.; Muller, George; Mercier, Theresa M.; Brigantic, Robert T.; Perkins, Casey J.; Cooley, Scott K.

2012-11-20T23:59:59.000Z

94

Building Energy Codes Program: National Benefits Assessment, 1992-2040 |  

NLE Websites -- All DOE Office Websites (Extended Search)

Program: National Benefits Assessment, 1992-2040 Program: National Benefits Assessment, 1992-2040 Commercial and residential buildings account for approximately 41% of all energy consumption and 72% of electricity usage in the United States. Building energy codes and standards set minimum requirements for energy-efficient design and construction for new and renovated buildings, assuring reductions in energy use and greenhouse gas emissions over the life of buildings. The U.S. Department of Energy (DOE), through the Building Energy Codes Program (BECP or the Program), supports the improvement of energy efficiency in buildings. BECP periodically assesses the impacts of its activities by estimating historical and projected energy savings, consumer savings, and avoided emissions. The Pacific Northwest National Laboratory (PNNL) conducted the

95

PRIVACY IMPACT ASSESSMENT: INL Education Programs PIA Template  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Education Education Programs PIA Template Version 3 - May, 2009 Department of Energy Privacy Impact Assessment (PIA) Guidance is provided in the template. See DOE Order 206.1, Department of Energy Privacy Program, Appendix A, Privacy Impact Assessments, for requirements and additional guidance for conducting a PIA: http://www.directives.doe.gov/pdfs/doe/doetextlneword/206/o2061.pdf Please complete electronically: no hand-written submissions will be accepted. This template may not be modified. MODULE I - PRIVACY NEEDS ASSESSMENT Date Departmental Elernent'& (Site 24/Jun/09 Idaho National Laboratory Information Operations and Research Center (IORC) Nameofll,f..,rrnatlon INL Education Programs System or IfPi'()ject Business Enclave Exhibit Proj.ctlUO NA NewPIA D Update [~] DOE PIA - INL Education Program Finallxw.doc N T "tl I Contact Information arne,

96

Self-Assessment Program Assessment plan - Developed By NNSA/Nevada Site Office Facility Representative Division  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

SELF-ASSESSMENT SELF-ASSESSMENT Assessment Plan NNSA/Nevada Site Office Independent Oversight Division Performance Objective: Management should ensure that effective management and independent self- assessments are being conducted periodically by technically qualified personnel. [10 CFR 830.122, subpart A & DOE O 414.1A, Quality Assurance] Criteria: Managers shall assess their management processes and be actively involved in the assessment process to ensure results contribute to improved performance of programs, systems, and work processes. DOE O 414.1A, Criterion 9 (a) An effective assessment and safety management program shall focus on achieving DOE/NNSA expectations through federal regulations and standards. DOE O 414.1A, Criterion 9 (a) An effective assessment supports management's goal to protect people and

97

E-Print Network 3.0 - assessment program final Sample Search...  

NLE Websites -- All DOE Office Websites (Extended Search)

Data in Your Program Review... Creativity: Student Writing Showcase Judith Chitwood Creativity: Dance Program Assessment Christine Herrmann... in Your Program's Review Cycle...

98

E-Print Network 3.0 - assessment program cariogram Sample Search...  

NLE Websites -- All DOE Office Websites (Extended Search)

Data in Your Program Review... Creativity: Student Writing Showcase Judith Chitwood Creativity: Dance Program Assessment Christine Herrmann... in Your Program's Review Cycle...

99

V-131: Adobe Shockwave Player Multiple Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Adobe Shockwave Player Multiple Vulnerabilities 1: Adobe Shockwave Player Multiple Vulnerabilities V-131: Adobe Shockwave Player Multiple Vulnerabilities April 11, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Adobe Shockwave Player PLATFORM: The vulnerabilities are reported in versions 12.0.0.112 and prior ABSTRACT: This update addresses vulnerabilities that could allow an attacker to run malicious code on the affected system REFERENCE LINKS: Secunia Advisory: SA52981 Adobe Security Bulletin CVE-2013-1383 CVE-2013-1384 CVE-2013-1385 CVE-2013-1386 IMPACT ASSESSMENT: High DISCUSSION: This update resolves : 1) A buffer overflow vulnerability that could lead to code execution 2) Memory corruption vulnerabilities that could lead to code execution 3) Memory leakage vulnerability that could be exploited to reduce the

100

Performance assessment implementation plan for the geologic repository program  

SciTech Connect

Performance assessment is a major constituent of the program being conducted in the Civilian Radioactive Waste Management (CRWM) Program of the US Department of Energy (DOE) to develop a geologic repository. Performance assessment is the set of activities needed for quantitative evaluations of repository-system performance to access compliance with regulations and to support the development of the geologic repository. To define the strategy for these evaluations, the DOE has developed this performance assessment strategy plan. This document discusses the need for such a strategy, the objectives and scope of the strategy plan, the relationship of the plan to other program plans. Additionally, it defines performance assessment and describes the roles of performance assessment in this program, discusses concepts and general strategies needed for performance assessment, outlines the content of the Safety Analysis Report, summarizes the requirements for the repository Environmental Impact Statement, discusses the requirements that apply to the site-suitability analyses and describes the site characterization. 10 figs., 7 tabs.

NONE

1990-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


101

Guatemala-UNEP Risoe Technology Needs Assessment Program | Open Energy  

Open Energy Info (EERE)

form form View source History View New Pages Recent Changes All Special Pages Semantic Search/Querying Get Involved Help Apps Datasets Community Login | Sign Up Search Page Edit with form History Facebook icon Twitter icon » Guatemala-UNEP Risoe Technology Needs Assessment Program Jump to: navigation, search Name Guatemala-UNEP Risoe-Technology Needs Assessment Program Agency/Company /Organization UNEP-Risoe Centre Sector Energy Topics Background analysis, Low emission development planning, -Roadmap, Pathways analysis Website http://tech-action.org/ Country Guatemala Central America References UNEP Risoe-Technology Needs Assessment Program[1] Abstract UNEP DTIE in collaboration with the UNEP Risoe Centre will provide targeted financial, technical and methodological support to assist a total of 35 to 45 countries to conduct TNA projects

102

2009 Voluntary Protection Programs Participants' Association (VPPPA) Presentation: Getting the most out of your Safety Assessment  

Energy.gov (U.S. Department of Energy (DOE))

2009 Voluntary Protection Programs Participants' Association (VPPPA) Presentation: Getting the most out of your Safety Assessment

103

2009 Voluntary Protection Programs Participants' Association (VPPPA) Presentation: Conducting your Annual VPP Self Assessment  

Energy.gov (U.S. Department of Energy (DOE))

2009 Voluntary Protection Programs Participants' Association (VPPPA) Presentation: Conducting your Annual VPP Self Assessment

104

Self-Assessment Standard for DOE Contractor Criticality Safety Programs  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

10 10 March 2010 DOE STANDARD SELF-ASSESSMENT STANDARD FOR DOE CONTRACTOR CRITICALITY SAFETY PROGRAMS DISTRIBUTION STATEMENT A. Approved for public release; distribution is unlimited. NOT MEASUREMENT SENSITIVE This document is available on the Department of Energy Technical Standards Program Web Page at http://www.hss.energy.gov/nuclearsafety/ns/techstds/ DOE-STD-1158-2010 iii TABLE OF CONTENTS FOREWORD ................................................................................................................... v ACKNOWLEDGEMENT ..................................................................................................vi DEFINITIONS ................................................................................................................ vii

105

Environmental Assessment : Squawfish Management Program : Final.  

SciTech Connect

Bonneville Power Administration (BPA) proposes to decrease the number of northern squawfish (Ptychocheilus oregonensis) in reservoirs in the Columbia River system. The goal of the Squawfish Management Program is to reduce losses of outmigrating juvenile salmon and steelhead (salmonids) to northern squawfish predation. The objective is to reduce the number of northern squawfish that feed on juvenile salmonids (smolts) by 10 to 20 percent to alter the age and size structure of the northern squawfish population. The hypothesis, based on computer modeling, indicates that sustained northern squawfish harvest (5 to 10 years) and the resultant population restructuring may reduce losses of juvenile salmonids to predation by up to 50 percent or more within 10 years. The proposed action would target northern squawfish 11 inches and longer, the size in which northern squawfish being preying significantly on juvenile salmonids. BPA proposes to fund three types of fisheries to harvest northern squawfish. BPA also proposes to fund monitoring activities of these fisheries to determine whether desired or other results occur. The three fisheries methods proposed are: (1) commercial Tribal fishing; (2) sport reward fishing; and (3) fishing from restricted areas of each dam ( dam angling''). These fisheries were tested in 1990 and 1991.

United States. Bonneville Power Administration.

1992-05-01T23:59:59.000Z

106

Chemical Stockpile Disposal Program rapid accident assessment  

SciTech Connect

This report develops a scheme for the rapid assessment of a release of toxic chemicals resulting from an accident in one of the most chemical weapon demilitarization plants or storage areas. The system uses such inputs as chemical and pressure sensors monitoring the plant and reports of accidents radioed to the Emergency Operations Center by work parties or monitoring personnel. A size of release can be estimated from previous calculations done in the risk analysis, from back calculation from an open-air chemical sensor measurement, or from an estimated percentage of the inventory of agent at the location of the release. Potential consequences of the estimated release are calculated from real-time meteorological data, surrounding population data, and properties of the agent. In addition to the estimated casualties, area coverage and no-death contours vs time would be calculated. Accidents are assigned to one of four categories: community emergencies, which are involve a threat to off-site personnel; on-post emergencies, which involve a threat only to on-site personnel; advisory, which involves a potential for threat to on-site personnel; and chemical occurrence, which can produce an abnormal operating condition for the plant but no immediate threat to on-site personnel. 9 refs., 20 tabs.

Chester, C.V.

1990-08-01T23:59:59.000Z

107

BA Political Science Assessment Plan Program Learning Goals  

E-Print Network (OSTI)

BA Political Science ­ Assessment Plan Program Learning Goals Undergraduate students gain familiarity with American political behavior and institutions, the nature of politics in the rest of the world, and the sources of international conflict and cooperation. All students majoring in political science take

Cantlon, Jessica F.

108

T-566: Citrix Secure Gateway Unspecified Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Citrix Secure Gateway Unspecified Vulnerability 6: Citrix Secure Gateway Unspecified Vulnerability T-566: Citrix Secure Gateway Unspecified Vulnerability February 28, 2011 - 11:22pm Addthis PROBLEM: Citrix Secure Gateway Unspecified Vulnerability. PLATFORM: Citrix Secure Gateway version 3.1.4 ABSTRACT: A vulnerability has been reported in Citrix Secure Gateway, which can be exploited by malicious people to compromise a vulnerable system. reference LINKS: Citrix ID:CTX128168 Secunia Advisory SA43497 Citrix Support IMPACT ASSESSMENT: High Discussion: This vulnerability only affects Secure Gateway version 3.1.4. Secure Gateway version 3.2.0 is not affected by this vulnerability, but Citrix recommends that customers currently using this version upgrade their deployments to version 3.2.1 in line with the guidance provided in

109

V-038: Google Chrome Two Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Google Chrome Two Vulnerabilities 8: Google Chrome Two Vulnerabilities V-038: Google Chrome Two Vulnerabilities December 3, 2012 - 1:00am Addthis PROBLEM: Google Chrome Two Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 23.0.1271.95. ABSTRACT: Two vulnerabilities have been reported in Google Chrome REFERENCE LINKS: Stable Channel Update Secunia Advisory SA51447 CVE-2012-5137 CVE-2012-5138 IMPACT ASSESSMENT: High DISCUSSION: Two vulnerabilities have been reported in Google Chrome, where one has an unknown impact and the other can be exploited by malicious people to compromise a user's system. 1) An error exists when handling file paths. 2) A use-after-free error exists when handling media sources. The vulnerabilities are reported in versions prior to 23.0.1271.95. IMPACT:

110

Livermore Site Office Facility Representative Program Self-Assessment  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

ARPT-LSO-2011-001 ARPT-LSO-2011-001 Site: Livermore Site Office Subject: Office of Independent Oversight's Office of Environment, Safety and Health Evaluations Activity Report for the Livermore Site Office Facility Representative Program Self-Assessment Dates of Activity 01/24/2011 - 01/28/2011 Report Preparer Robert Freeman Activity Description/Purpose: This activity report documents the results of the Office of Health, Safety and Security's (HSS) review of and participation in the Livermore Site Office Self-Assessment of the Facility Representative (FR) Program. This self-assessment was led by the U.S. Department of Energy (DOE) Livermore Site Office (LSO) and conducted by LSO staff, HSS staff, National Nuclear Security Administration (NNSA) Office of the Chief of Defense Nuclear Safety (CDNS) staff, a peer from Los Alamos Site

111

An Assessment of Energy-Related Career Paths of Senior Industrial Assessment Center Program Alumni  

SciTech Connect

The purpose of this study was to assess the career paths of alumni from the U.S. Department of Energy's Industrial Assessment Center (IAC) program. IAC was originally named the Energy Analysis and Diagnostic Center (EADC) program when it began in association with four schools in 1976. The current IAC program provides funding to 26 engineering colleges, located in centers across the United States, to conduct energy, waste, and productivity assessments for small- to medium-sized manufacturing establishments within their respective regions. Through part-time employment with the university, students receive training and in turn conduct assessments for local manufacturers, under the direct supervision of engineering faculty. Annually, IAC participants conduct over 700 assessments, and each assessment generates recommendations for energy savings, energy cost savings, and waste and productivity cost savings customized for individual clients. An earlier study determined that energy savings could be attributed to alumni of the IAC program who take their IAC experiences with them to the professional workplace. During their careers, the alumni conduct additional energy assessments as well as influence energy efficiency through design, teaching and training, and other activities. Indeed, a significant level of program benefits can be attributed to the alumni. This project addressed such specific questions as: How many years after graduation are IAC alumni involved in energy-efficiency activities? What different methods do they use to influence energy-efficiency decisions? To answer these questions, the University of Tennessee, Knoxville (UT) surveyed IAC senior alumni, defined as those who graduated in 1995 or earlier. Section 2 describes the survey used in this research. The actual survey can be found in Appendix A. Section 3 describes our approach to data collection. Section 4 presents descriptive statistics about the senior alumni who responded to the survey. Section 5 begins with the presentation of two frameworks used to help analyze the data about alumni career paths and then presents the career path results. Section 6 offers concluding remarks.

Martin, M.A.

2003-10-20T23:59:59.000Z

112

Environmental Hazards Assessment Program. Quarterly report, July--September 1993  

SciTech Connect

The objectives of the EHAP program stated in the proposal to DOE are to: (1) develop a holistic, national basis for risk assessment, risk management, and risk communication which recognizes the direct impact of environmental hazards on the health and well-being of all, (2) develop a pool of talented scientists and experts in cleanup activities, especially in human health aspects, and (3) identify needs and develop programs addressing the critical shortage of well-educated, highly-skilled technical and scientific personnel to address the health oriented aspects of environmental restoration and waste management.

Not Available

1993-12-01T23:59:59.000Z

113

The Laws of Vulnerabilities: Which security vulnerabilities really matter?  

Science Journals Connector (OSTI)

New security vulnerabilities are discovered on a daily basis. With each new announcement, the same questions arise. How significant is this vulnerability? How prevalent? How easy is it to exploit? Due to a lack of global vulnerability data, answers are ...

Gerhard Eschelbeck

2005-01-01T23:59:59.000Z

114

Risk assessment in the DOE Assurance Program for Remedial Action  

SciTech Connect

This document provides information obtained during the performance of risk assessment tasks in support of the Assurance Program for Remedial Action (APRA) sponsored by the Office of Operational Safety of the Department of Energy. We have presented a method for the estimation of projected health effects at properties in the vicinity of uranium mill tailing piles due to transported tailings or emissions from the piles. Because radon and radon daughter exposure is identified as the principal factor contributing to health effects at such properties, the basis for estimating lung cancer risk as a result of such exposure is discussed in detail. Modeling of health risk due to a secondary pathway, ingestion of contaminated, home-grown food products, is also discussed since it is a potentially important additional source of exposure in certain geographic locations. Risk assessment methods used in various mill tailings reports are reviewed. The protocols for radiological surveys conducted in DOE-sponsored remedial action programs are critically reviewed with respect to their relevance to the needs of health risk estimation. The relevance of risk assessment to the APRA program is discussed briefly.

Marks, S.; Cross, F.T.; Denham, D.H.; Kennedy, W.E.; Stenner, R.D.

1985-08-01T23:59:59.000Z

115

Are markets for vulnerabilities effective?  

Science Journals Connector (OSTI)

Current reward structures in security vulnerability disclosure may be skewed toward benefitting nefarious usage of vulnerability information rather than responsible disclosure. Recently suggested market-based mechanisms offer incentives to responsible ... Keywords: information security, information technology policy, vulnerability disclosure

Sam Ransbotham; Sabyaschi Mitra; Jon Ramsey

2012-03-01T23:59:59.000Z

116

Assessment of the O2Diesel Operational Safety Program: December 23, 2002 -- June 30, 2007  

SciTech Connect

This report assesses O2Diesel's operational safety program using its ethanol-diesel blended fuel product.

TIAX LLC

2006-06-01T23:59:59.000Z

117

Assessing and Implementing LTS&M Requirements for Remediation Sites Under the FUSRAP Program  

Energy.gov (U.S. Department of Energy (DOE))

Assessing and Implementing LTS&M Requirements for Remediation Sites Under the FUSRAP Program (Waste Management Conference 2007)

118

V-050: IBM InfoSphere Information Server Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: IBM InfoSphere Information Server Multiple Vulnerabilities 0: IBM InfoSphere Information Server Multiple Vulnerabilities V-050: IBM InfoSphere Information Server Multiple Vulnerabilities December 19, 2012 - 1:00am Addthis PROBLEM: IBM InfoSphere Information Server Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 9.1. ABSTRACT: Multiple vulnerabilities have been reported in IBM InfoSphere Information Server REFERENCE LINKS: Secunia Advisory SA51605 IBM Support home IBM InfoSphere Information Server, Version 9.1 fix list IMPACT ASSESSMENT: Medium DISCUSSION: Multiple vulnerabilities have been reported in IBM InfoSphere Information Server, where some have an unknown impact and others can be exploited by malicious users to bypass certain security restrictions. 1) An unspecified error exists in the InfoCenter component.

119

U-162: Drupal Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

162: Drupal Multiple Vulnerabilities 162: Drupal Multiple Vulnerabilities U-162: Drupal Multiple Vulnerabilities May 4, 2012 - 7:00am Addthis PROBLEM: Drupal Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in 7.x versions prior to 7.13. ABSTRACT: Several vulnerabilities were reported in Drupal: Denial of Service, Access bypass, and Unvalidated form redirect reference LINKS: Security Advisory: DRUPAL-SA-CORE-2012-002 Bugtraq ID: 53359 Secunia Advisory SA49012 CVE-2012-1588 CVE-2012-1589 CVE-2012-1590 CVE-2012-1591 CVE-2012-2153 MPACT ASSESSMENT: High Discussion: A weakness, a security issue, and multiple vulnerabilities have been reported in Drupal, which can be exploited by malicious users to disclose sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service).

120

T-616: PHP Stream Component Remote Denial of Service Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: PHP Stream Component Remote Denial of Service Vulnerability 6: PHP Stream Component Remote Denial of Service Vulnerability T-616: PHP Stream Component Remote Denial of Service Vulnerability May 5, 2011 - 12:59am Addthis PROBLEM: PHP Stream Component Remote Denial of Service Vulnerability PLATFORM: Ubuntu Linux PHP MandrakeSoft Corporate Server MandrakeSoft Enterprise Server MandrakeSoft Linux Mandrake ABSTRACT: PHP is prone to a remote denial-of-service vulnerability because the proxy server fails to handle certain FTP requests. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Versions prior to PHP 5.3.6 are vulnerable. reference LINKS: SecurityFocus IMPACT ASSESSMENT: Medium Discussion: PHP is prone to a remote denial-of-service vulnerability because the proxy server fails to handle certain FTP requests. An attacker can exploit this

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


121

T-540: Sybase EAServer Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

40: Sybase EAServer Multiple Vulnerabilities 40: Sybase EAServer Multiple Vulnerabilities T-540: Sybase EAServer Multiple Vulnerabilities January 24, 2011 - 6:16am Addthis PROBLEM: Sybase EAServer Multiple Vulnerabilities PLATFORM: Sybase EAServer versions 6.3 and prior ABSTRACT: Sybase EAServer is prone to a security-bypass vulnerability and a directory-traversal vulnerability. Attackers may exploit these issues to execute arbitrary code within the context of the application or to disclose sensitive information. Sybase EAServer versions 6.3 and prior are affected. reference LINKS: Bugtraq ID: 45809 SyBase Advisory IMPACT ASSESSMENT: Medium Discussion: Remote exploitation of a design vulnerability in Sybase EAServer could allow an attacker to install arbitrary web services, this condition can result in arbitrary code execution allowing attacker to gain control over

122

T-564: Vulnerabilities in Citrix Licensing administration components |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Vulnerabilities in Citrix Licensing administration 4: Vulnerabilities in Citrix Licensing administration components T-564: Vulnerabilities in Citrix Licensing administration components February 24, 2011 - 7:00am Addthis PROBLEM: Vulnerabilities in Citrix Licensing administration components. PLATFORM: Citrix Licensing Administration Console, formerly known as the License Management Console. ABSTRACT: The vulnerabilities impact all current versions of the Citrix Licensing Administration Console, formerly known as the License Management Console. reference LINKS: Citrix ID:CTX128167 SecurityTracker Alert ID:1025123 Citrix Support IMPACT ASSESSMENT: Medium Discussion: Citrix has been made aware of a number of vulnerabilities in a third-party component that is used by the Citrix Licensing administration console. These vulnerabilities could potentially allow an unauthorized user to gain

123

V-050: IBM InfoSphere Information Server Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: IBM InfoSphere Information Server Multiple Vulnerabilities 0: IBM InfoSphere Information Server Multiple Vulnerabilities V-050: IBM InfoSphere Information Server Multiple Vulnerabilities December 19, 2012 - 1:00am Addthis PROBLEM: IBM InfoSphere Information Server Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 9.1. ABSTRACT: Multiple vulnerabilities have been reported in IBM InfoSphere Information Server REFERENCE LINKS: Secunia Advisory SA51605 IBM Support home IBM InfoSphere Information Server, Version 9.1 fix list IMPACT ASSESSMENT: Medium DISCUSSION: Multiple vulnerabilities have been reported in IBM InfoSphere Information Server, where some have an unknown impact and others can be exploited by malicious users to bypass certain security restrictions. 1) An unspecified error exists in the InfoCenter component.

124

U-013: HP Data Protector Multiple Unspecified Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: HP Data Protector Multiple Unspecified Vulnerabilities 3: HP Data Protector Multiple Unspecified Vulnerabilities U-013: HP Data Protector Multiple Unspecified Vulnerabilities October 18, 2011 - 9:00am Addthis PROBLEM: HP Data Protector Multiple Unspecified Vulnerabilities. PLATFORM: HP Data Protector Notebook Extension 6.20; HP Data Protector for Personal Computers 7.0 ABSTRACT: Multiple vulnerabilities were reported in HP Data Protector. A remote user can execute arbitrary code on the target system. reference LINKS: HP Security Document ID: c03054543 SecurityTracker Alert ID: 1026195 Secunia Advisory: SA46468 CVE-2011-3156 CVE-2011-3157 CVE-2011-3158 CVE-2011-3159 CVE-2011-3160 CVE-2011-3161 CVE-2011-3162 IMPACT ASSESSMENT: High Discussion: Potential security vulnerabilities has been identified with HP Data Protector Notebook Extension. These vulnerabilities could be remotely

125

U-162: Drupal Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

62: Drupal Multiple Vulnerabilities 62: Drupal Multiple Vulnerabilities U-162: Drupal Multiple Vulnerabilities May 4, 2012 - 7:00am Addthis PROBLEM: Drupal Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in 7.x versions prior to 7.13. ABSTRACT: Several vulnerabilities were reported in Drupal: Denial of Service, Access bypass, and Unvalidated form redirect reference LINKS: Security Advisory: DRUPAL-SA-CORE-2012-002 Bugtraq ID: 53359 Secunia Advisory SA49012 CVE-2012-1588 CVE-2012-1589 CVE-2012-1590 CVE-2012-1591 CVE-2012-2153 MPACT ASSESSMENT: High Discussion: A weakness, a security issue, and multiple vulnerabilities have been reported in Drupal, which can be exploited by malicious users to disclose sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service).

126

T-576: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities 6: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities T-576: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities March 14, 2011 - 3:05pm Addthis PROBLEM: Oracle has acknowledged multiple vulnerabilities in Adobe Flash Player included in Solaris, which can be exploited by malicious people to compromise a user's system. PLATFORM: Sun Solaris 10 ABSTRACT: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities. reference LINKS: Secunia Advisory: SA43747 Oracle Sun Advisory: CVE Multiple Vulnerabilities in Adobe Flash Player Secure List: SA43747 Oracle Sun Support Adobe Flash Player for Linux and Solaris IMPACT ASSESSMENT: High Discussion: Oracle has acknowledged multiple vulnerabilities in Solaris, which can be exploited by malicious people to disclose sensitive information, bypass

127

SRNL PHASE 1 ASSESSMENT OF THE WTP WASTE QUALIFICATION PROGRAM  

SciTech Connect

The Hanford Tank Waste Treatment and Immobilization Plant (WTP) Project is currently transitioning its emphasis from an engineering design and construction phase toward facility completion, start-up and commissioning. With this transition, the WTP Project has initiated more detailed assessments of the requirements that must be met during the actual processing of the Hanford Site tank waste. One particular area of interest is the waste qualification program. In general, the waste qualification program involves testing and analysis to demonstrate compliance with waste acceptance criteria, determine waste processability, and demonstrate laboratory-scale unit operations to support WTP operations. The testing and analysis are driven by data quality objectives (DQO) requirements necessary for meeting waste acceptance criteria for transfer of high-level wastes from the tank farms to the WTP, and for ensuring waste processability including proper glass formulations during processing within the WTP complex. Given the successful implementation of similar waste qualification efforts at the Savannah River Site (SRS) which were based on critical technical support and guidance from the Savannah River National Laboratory (SRNL), WTP requested subject matter experts (SMEs) from SRNL to support a technology exchange with respect to waste qualification programs in which a critical review of the WTP program could be initiated and lessons learned could be shared. The technology exchange was held on July 18-20, 2011 in Richland, Washington, and was the initial step in a multi-phased approach to support development and implementation of a successful waste qualification program at the WTP. The 3-day workshop was hosted by WTP with representatives from the Tank Operations Contractor (TOC) and SRNL in attendance as well as representatives from the US DOE Office of River Protection (ORP) and the Defense Nuclear Facility Safety Board (DNFSB) Site Representative office. The purpose of the workshop was to share lessons learned and provide a technology exchange to support development of a technically defensible waste qualification program. The objective of this report is to provide a review, from SRNL's perspective, of the WTP waste qualification program as presented during the workshop. In addition to SRNL's perspective on the general approach to the waste qualification program, more detailed insight into the specific unit operations presented by WTP during the workshop is provided. This report also provides a general overview of the SRS qualification program which serves as a basis for a comparison between the two programs. Recommendations regarding specific steps are made based on the review and SRNL's lessons learned from qualification of SRS low-activity waste (LAW) and high-level waste (HLW) to support maturation of the waste qualification program leading to WTP implementation.

Peeler, D.; Hansen, E.; Herman, C.; Marra, S.; Wilmarth, B.

2012-03-06T23:59:59.000Z

128

High efficiency motor program impact assessment: Load analysis  

SciTech Connect

Incentive programs that encourage customers to purchase new or replacement high efficiency motors (HEM) are an element of many utilities DSM efforts. Such a program has been in place at Ontario Hydro since late 1989. The program was expected to rebate up to 800,000 HP over its five year duration. This paper reports on the results of a recently completed load analysis study to assess the load impacts of the program. The findings are based on field metering of integral HP, three-phase induction motors up to 500HP in size, at thirty industrial sites. Using a database of manufacturers`reported effiiencies, loadings and operating times for each of 181 standard and high efficiency motors are estimated. The results will be used as part of program impact evaluation. They indicate lower motor loadings and longer operating hours than had been assumed for interim evaluation. The paper provides detailed estimates of loading by HP group, industrial segment, and end-use. Issues in sample design, field metering and extrapolation to the rebated motor population are also discussed.

Whiting, R. Sr.

1995-12-31T23:59:59.000Z

129

Environmental Hazards Assessment Program quarterly report, January--March 1995  

SciTech Connect

The objectives of the Environmental Hazards Assessment Program (EHAP) stated in the proposal to DOE are to: develop a holistic, national basis for risk assessment, risk management, and risk communication that recognizes the direct impact of environmental hazards on the health and well-being of all; develop a pool of talented scientists and experts in cleanup activities, especially in human health aspects; and identify needs and develop programs addressing the critical shortage of well-educated, highly-skilled technical and scientific personnel to address the health oriented aspects of environmental restoration and waste management. This report describes activities and reports on progress for the third quarter (January--March) of the third year of the grant. It reports progress against these grant objectives and the Program Implementation Plan published at the end of the first year of the grant. Questions, comments, or requests for further information concerning the activities under this grant can be forwarded to Jack Davis in the EHAP office of the Medical University of South Carolina at (803) 727-6450.

NONE

1995-04-30T23:59:59.000Z

130

Environment, Safety, and Health Risk Assessment Program (ESHRAP)  

SciTech Connect

The Environment, Safety and Health Risk Assessment Program (ESHRAP) models human safety and health risk resulting from waste management and environmental restoration activities. Human safety and health risks include those associated with storing, handling, processing, transporting, and disposing of radionuclides and chemicals. Exposures to these materials, resulting from both accidents and normal, incident-free operation, are modeled. In addition, standard industrial risks (falls, explosions, transportation accidents, etc.) are evaluated. Finally, human safety and health impacts from cleanup of accidental releases of radionuclides and chemicals to the environment are estimated. Unlike environmental impact statements and safety analysis reports, ESHRAP risk predictions are meant to be best estimate, rather than bounding or conservatively high. Typically, ESHRAP studies involve risk predictions covering the entire waste management or environmental restoration program, including such activities as initial storage, handling, processing, interim storage, transportation, and final disposal. ESHRAP can be used to support complex environmental decision-making processes and to track risk reduction as activities progress.

Eide, Steven Arvid; Thomas Wierman

2003-12-01T23:59:59.000Z

131

ORISE 04-0115 Human Reliability Program Medical Assessments 2004  

NLE Websites -- All DOE Office Websites (Extended Search)

ORISE 04-0115 ORISE 04-0115 Office of Security U. S. Department of Energy Human Reliability Program MEDICAL ASSESSMENTS Center for Human Reliability Studies Oak Ridge Institute for Science and Education Operated by Oak Ridge Associated Universities For the U. S. Department of Energy Oak Ridge Associated Universities (ORAU) is a university consortium leveraging the scientific strength of major research institutions to advance science and education by partnering with national laboratories, government agencies, and private industry. ORAU manages the Oak Ridge Institute for Science and Education for the U.S. Department of Energy (DOE). Oak Ridge Institute for Science and Education (ORISE) is a DOE facility focusing on scientific initiatives to research health risks from occupational hazards, assess environmental cleanup, respond to radiation medical

132

Power plant system assessment. Final report. SP-100 Program  

SciTech Connect

The purpose of this assessment was to provide system-level insights into 100-kWe-class space reactor electric systems. Using these insights, Rockwell was to select and perform conceptual design studies on a ''most attractive'' system that met the preliminary design goals and requirements of the SP-100 Program. About 4 of the 6 months were used in the selection process. The remaining 2 months were used for the system conceptual design studies. Rockwell completed these studies at the end of FY 1983. This report summarizes the results of the power plant system assessment and describes our choice for the most attractive system - the Rockwell SR-100G System (Space Reactor, 100 kWe, Growth) - a lithium-cooled UN-fueled fast reactor/Brayton turboelectric converter system.

Anderson, R.V.; Atkins, D.F.; Bost, D.S.; Berman, B.; Clinger, D.A.; Determan, W.R.; Drucker, G.S.; Glasgow, L.E.; Hartung, J.A.; Harty, R.B.

1983-10-31T23:59:59.000Z

133

APPENDIX A: Climate Change Vulnerability Literature Review The purpose of this discussion is to review the existing literature surrounding climate change adaptation  

E-Print Network (OSTI)

1 APPENDIX A: Climate Change Vulnerability Literature Review Purpose The purpose of this discussion is to review the existing literature surrounding climate change adaptation and vulnerability with a focus thought surrounding methods for conducting climate change vulnerability assessments. The review

Brownstone, Rob

134

National Acid Precipitation Assessment Program Report to Congress: An Integrated Assessment  

SciTech Connect

Under Title IX of the 1990 Clean Air Act Amendments, Congress reauthorized the National Acid Precipitation Assessment Program (NAPAP) to continue coordinating acid rain research and monitoring, as it had done during the previous decade, and to provide Congress with periodic reports. In particular, Congress asked NAPAP to assess all available data and information to answer two questions: (1) What are the costs, benefits, and effectiveness of Title IV? This question addresses the costs and economic impacts of complying with the Acid Rain Program as well as benefit analyses associated with the various human health and welfare effects, including reduced visibility, damages to materials and cultural resources, and effects on ecosystems. (2) What reductions in deposition rates are needed to prevent adverse ecological effects? This complex questions addresses ecological systems and the deposition levels at which they experience harmful effects. The results of the assessment of the effects of Title IV and of the relationship between acid deposition rates and ecological effects were to be reported to Congress quadrennially, beginning with the 1996 report to Congress. The objective of this Report is to address the two main questions posed by Congress and fully communicate the results of the assessment to decision-makers. Given the primary audience, most of this report is not written as a technical document, although information supporting the conclusions is provided along with references.

Uhart, M.; et al,

2005-08-01T23:59:59.000Z

135

Putting vulnerability to climate change on the map: a review of approaches, benefits, and risks  

SciTech Connect

There is growing demand among stakeholders across public and private institutions for spatially-explicit information regarding vulnerability to climate change at the local scale. However, the challenges associated with mapping the geography of climate change vulnerability are non-trivial, both conceptually and technically, suggesting the need for more critical evaluation of this practice. Here, we review climate change vulnerability mapping in the context of four key questions that are fundamental to assessment design. First, what are the goals of the assessment? A review of published assessments yields a range of objective statements that emphasize problem orientation or decision-making about adaptation actions. Second, how is the assessment of vulnerability framed? Assessments vary with respect to what values are assessed (vulnerability of what) and the underlying determinants of vulnerability that are considered (vulnerability to what). The selected frame ultimately influences perceptions of the primary driving forces of vulnerability as well as preferences regarding management alternatives. Third, what are the technical methods by which an assessment is conducted? The integration of vulnerability determinants into a common map remains an emergent and subjective practice associated with a number of methodological challenges. Fourth, who participates in the assessment and how will it be used to facilitate change? Assessments are often conducted under the auspices of benefiting stakeholders, yet many lack direct engagement with stakeholders. Each of these questions is reviewed in turn by drawing on an illustrative set of 45 vulnerability mapping studies appearing in the literature. A number of pathways for placing vulnerability

Preston, Benjamin L [ORNL

2011-01-01T23:59:59.000Z

136

Study of Risk Assessment Programs at Federal Agencies and Commercial Industry Related to the Conduct or Regulation of High Hazard Operations  

SciTech Connect

In the Department of Energy (DOE) Implementation Plan (IP) for Defense Nuclear Facilities Safety Board's Recommendation 2009-1, the DOE committed to studying the use of quantitative risk assessment methodologies at government agencies and industry. This study consisted of document reviews and interviews of senior management and risk assessment staff at six organizations. Data were collected and analyzed on risk assessment applications, risk assessment tools, and controls and infrastructure supporting the correct usage of risk assessment and risk management tools. The study found that the agencies were in different degrees of maturity in the use of risk assessment to support the analysis of high hazard operations and to support decisions related to these operations. Agencies did not share a simple, 'one size fits all' approach to tools, controls, and infrastructure needs. The agencies recognized that flexibility was warranted to allow use of risk assessment tools in a manner that is commensurate with the complexity of the application. The study also found that, even with the lack of some data, agencies application of the risk analysis structured approach could provide useful insights such as potential system vulnerabilities. This study, in combination with a companion study of risk assessment programs in the DOE Offices involved in high hazard operations, is being used to determine the nature and type of controls and infrastructure needed to support risk assessments at the DOE.

Bari, R.; Rosenbloom, S.; O'Brien, J.

2011-03-13T23:59:59.000Z

137

GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material |  

National Nuclear Security Administration (NNSA)

Removing Vulnerable Civilian Nuclear and Radiological Material | Removing Vulnerable Civilian Nuclear and Radiological Material | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Home > Media Room > Fact Sheets > GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material Fact Sheet GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material

138

GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material |  

NLE Websites -- All DOE Office Websites (Extended Search)

Removing Vulnerable Civilian Nuclear and Radiological Material | Removing Vulnerable Civilian Nuclear and Radiological Material | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Home > Media Room > Fact Sheets > GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material Fact Sheet GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material

139

V-059: MoinMoin Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: MoinMoin Multiple Vulnerabilities 9: MoinMoin Multiple Vulnerabilities V-059: MoinMoin Multiple Vulnerabilities January 1, 2013 - 5:57am Addthis PROBLEM: MoinMoin Multiple Vulnerabilities PLATFORM: Version(s): MoinMoin 1.x ABSTRACT: Multiple vulnerabilities have been reported in MoinMoin, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system and by malicious people to manipulate certain data. REFERENCE LINKS: Secunia Advisory SA51663 CVE-2012-6080 CVE-2012-6081 CVE-2012-6082 IMPACT ASSESSMENT: High DISCUSSION: 1) Certain input when handling the AttachFile action is not properly verified before being used to write files. This can be exploited to overwrite arbitrary files via directory traversal sequences. 2) The application allows the upload of files with arbitrary extensions to

140

U-122 Google Chrome Two Code Execution Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2 Google Chrome Two Code Execution Vulnerabilities 2 Google Chrome Two Code Execution Vulnerabilities U-122 Google Chrome Two Code Execution Vulnerabilities March 12, 2012 - 7:00am Addthis PROBLEM: Google Chrome Two Code Execution Vulnerabilities PLATFORM: Google Chrome 17.x ABSTRACT: Two vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system. reference LINKS: Secunia Advisory SA48321 SecurityTracker Alert ID: 1026776 CVE-2011-3046 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create specially crafted HTML that, when loaded by the target user, will trigger an unspecified flaw and execute arbitrary code (outside of the

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


141

U-251: Bugzilla LDAP Injection and Information Disclosure Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Bugzilla LDAP Injection and Information Disclosure 1: Bugzilla LDAP Injection and Information Disclosure Vulnerabilities U-251: Bugzilla LDAP Injection and Information Disclosure Vulnerabilities September 5, 2012 - 6:00am Addthis PROBLEM: Bugzilla LDAP Injection and Information Disclosure Vulnerabilities PLATFORM: Bugzilla 2.x Bugzilla 3.x Bugzilla 4.x ABSTRACT: Bugzilla is prone to an LDAP-injection vulnerability and an information-disclosure vulnerability reference LINKS: Bugzilla Homepage Bugzilla Security Advisory Bugtraq ID: 55349 Secunia Advisory SA50433 CVE-2012-3981 CVE-2012-4747 IMPACT ASSESSMENT: Medium Discussion: A vulnerability and a security issue have been reported, which can be exploited by malicious people to disclose potentially sensitive information and manipulate certain data. 1) Input passed via the username is not properly escaped before being used

142

V-062: Asterisk Two Denial of Service Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Asterisk Two Denial of Service Vulnerabilities 2: Asterisk Two Denial of Service Vulnerabilities V-062: Asterisk Two Denial of Service Vulnerabilities January 4, 2013 - 6:00am Addthis PROBLEM: Asterisk Two Denial of Service Vulnerabilities PLATFORM: The vulnerabilities are reported in versions 1.8.x, 10.x, and 11.x. ABSTRACT: Two vulnerabilities have been reported in Asterisk, which can be exploited by malicious users and malicious people to cause a DoS (Denial of Service). REFERENCE LINKS: Secunia Advisory SA51689 Asterisk Project Security Advisories CVE-2012-5976 CVE-2012-5977 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can send specially crafted data to consume excessive resources on the target system. Systems configured to allow anonymous calls are affected. A remote authenticated user can also exploit this via

143

T-578: Vulnerability in MHTML Could Allow Information Disclosure |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Vulnerability in MHTML Could Allow Information Disclosure 8: Vulnerability in MHTML Could Allow Information Disclosure T-578: Vulnerability in MHTML Could Allow Information Disclosure March 15, 2011 - 3:05pm Addthis PROBLEM: Microsoft Windows is prone to a vulnerability that may allow attackers to inject arbitrary script code into the current browser session. PLATFORM: Windows 2003 SP2, Vista SP2, 2008 SP2, XP SP3, 7; and prior service packs ABSTRACT: A vulnerability was reported in Microsoft MHTML. A remote user can conduct cross-site scripting attacks. reference LINKS: Microsoft Security Advisory (2501696) CVE-2011-0096 SecurityTracker Alert ID: 1025003 Bugtraq ID: 46055 IMPACT ASSESSMENT: Moderate Discussion: The vulnerability exists due to the way MHTML interprets MIME-formatted requests for content blocks within a document. It is possible under certain

144

U-066: Mozilla Firefox / Thunderbird Multiple Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Mozilla Firefox / Thunderbird Multiple Vulnerabilities 6: Mozilla Firefox / Thunderbird Multiple Vulnerabilities U-066: Mozilla Firefox / Thunderbird Multiple Vulnerabilities December 22, 2011 - 6:30am Addthis PROBLEM: Mozilla Firefox / Thunderbird Multiple Vulnerabilities . PLATFORM: Mozilla Firefox 8.x and Mozilla Thunderbird 8.x ABSTRACT: Multiple vulnerabilities have been reported in Mozilla Firefox and Thunderbird. reference LINKS: Advisory 2011-53 Advisory 2011-54 Advisory 2011-55 Advisory 2011-56 Advisory 2011-57 Advisory 2011-58 Secunia Advisory: SA47302 IMPACT ASSESSMENT: High Discussion: Vulnerabilities have been reported in Mozilla Firefox and Thunderbird, where one has an unknown impact and others can be exploited by malicious people to disclose sensitive information and compromise a user's system. 1) Some unspecified errors can be exploited to corrupt memory. No further

145

U-104: Adobe Flash Player Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Adobe Flash Player Multiple Vulnerabilities 4: Adobe Flash Player Multiple Vulnerabilities U-104: Adobe Flash Player Multiple Vulnerabilities February 16, 2012 - 6:30am Addthis PROBLEM: Adobe Flash Player Multiple Vulnerabilities PLATFORM: Adobe Flash Player versions 11.1.102.55 and prior for Windows, Macintosh, Linux, and Solaris Adobe Flash Player versions 11.1.112.61 and prior for Android 4.x Adobe Flash Player versions 11.1.111.5 and prior for Android 3.x and prior ABSTRACT: Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system. reference LINKS: Adobe Security Bulletin Secunia Advisory 48033 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in Adobe Flash Player, which

146

U-246: Tigase XMPP Dialback Protection Bypass Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Tigase XMPP Dialback Protection Bypass Vulnerability 6: Tigase XMPP Dialback Protection Bypass Vulnerability U-246: Tigase XMPP Dialback Protection Bypass Vulnerability August 28, 2012 - 7:00am Addthis PROBLEM: Tigase XMPP Dialback Protection Bypass Vulnerability PLATFORM: Tigase 5.x ABSTRACT: A vulnerability has been reported in Tigase, which can be exploited by malicious people to bypass certain security restrictions. reference LINKS: XMPP Standards Foundation Secunia Advisory SA50362 tigase.org CVE-2012-4670 IMPACT ASSESSMENT: Medium Discussion: The vulnerability is caused due to an error within the XMPP protocol implementation, which does not properly verify the "Verify Response" and "Authorization Response" messages. This can be exploited to spoof a domain and bypass the Dialback protection.

147

V-224: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Google Chrome Multiple Vulnerabilities 4: Google Chrome Multiple Vulnerabilities V-224: Google Chrome Multiple Vulnerabilities August 22, 2013 - 1:05am Addthis PROBLEM: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to compromise a user's system. PLATFORM: Google Chrome 28.x ABSTRACT: The vulnerabilities are reported in versions prior to 29.0.1547.57 REFERENCE LINKS: Secunia Advisory ID: 1028921 CVE-2013-2887 CVE-2013-2900 CVE-2013-2901 CVE-2013-2902 CVE-2013-2903 CVE-2013-2904 CVE-2013-2905 IMPACT ASSESSMENT: High DISCUSSION: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious, local users to disclose

148

T-730: Vulnerability in Citrix Provisioning Services could result in  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

730: Vulnerability in Citrix Provisioning Services could result 730: Vulnerability in Citrix Provisioning Services could result in Arbitrary Code Execution T-730: Vulnerability in Citrix Provisioning Services could result in Arbitrary Code Execution September 29, 2011 - 8:30am Addthis PROBLEM: Vulnerability in Citrix Provisioning Services could result in Arbitrary Code Execution. PLATFORM: This vulnerability is present in all supported versions of Citrix Provisioning Services up to and including version 5.6 Service Pack 1. ABSTRACT: Citrix Provisioning Services is prone to a remote code-execution vulnerability. Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the application. reference LINKS: Citrix Document ID: CTX130846 Security Focus: Bugtraq ID 49803 IMPACT ASSESSMENT:

149

V-208: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Google Chrome Multiple Vulnerabilities 8: Google Chrome Multiple Vulnerabilities V-208: Google Chrome Multiple Vulnerabilities August 1, 2013 - 2:32am Addthis PROBLEM: Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.95 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. PLATFORM: Google Chrome 28.x ABSTRACT: Some vulnerabilities have been reported in Google Chrome which allows attackers to access and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA54325 CVE-2013-2881 CVE-2013-2882 CVE-2013-2883 CVE-2013-2884 CVE-2013-2885 CVE-2013-2886 IMPACT ASSESSMENT: High DISCUSSION: Several vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to

150

T-542: SAP Crystal Reports Server Multiple Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: SAP Crystal Reports Server Multiple Vulnerabilities 2: SAP Crystal Reports Server Multiple Vulnerabilities T-542: SAP Crystal Reports Server Multiple Vulnerabilities January 25, 2011 - 2:30pm Addthis PROBLEM: SAP Crystal Reports Server Multiple Vulnerabilities. PLATFORM: Crystal Reports Server 2008 ABSTRACT: Multiple vulnerabilities in SAP Crystal Reports Server 2008, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks, manipulate certain data, and compromise a user's system. reference LINKS: Secunia Advisory SA43060 Vulnerability Report: Crystal Reports Server 2008 IMPACT ASSESSMENT: High Discussion: 1) Input passed to the "actId" parameter in InfoViewApp/jsp/common/actionNav.jsp, "backUrl" parameter in

151

U-249: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

49: Google Chrome Multiple Vulnerabilities 49: Google Chrome Multiple Vulnerabilities U-249: Google Chrome Multiple Vulnerabilities August 31, 2012 - 6:00am Addthis PROBLEM: Google Chrome Multiple Vulnerabilities PLATFORM: Google Chrome 21.x ABSTRACT: Multiple vulnerabilities have been reported in Google Chrome. reference LINKS: Secunia Advisory SA50447 Stable Channel Update CVE-2012-2865 CVE-2012-2866 CVE-2012-2867 CVE-2012-2868 CVE-2012-2869 CVE-2012-2870 CVE-2012-2871 CVE-2012-2872 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system. 1) An out-of-bounds read error exists when handling line breaks. 2) A bad cast error exists within run-ins.

152

V-092: Pidgin Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Pidgin Multiple Vulnerabilities 2: Pidgin Multiple Vulnerabilities V-092: Pidgin Multiple Vulnerabilities February 15, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Pidgin PLATFORM: Vulnerabilities are reported in version 2.10.6. Prior versions may also be affected. ABSTRACT: Multiple vulnerabilities have been reported in Pidgin, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52178 Pidgin CVE-2013-0271 CVE-2013-0272 CVE-2013-0273 CVE-2013-0274 IMPACT ASSESSMENT: High DISCUSSION: 1) An error within the MXit protocol plugin when saving images can be exploited to overwrite certain files. 2) A boundary error within the "mxit_cb_http_read()" function

153

V-106: Citrix Access Gateway Unspecified Security Bypass Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Citrix Access Gateway Unspecified Security Bypass 6: Citrix Access Gateway Unspecified Security Bypass Vulnerability V-106: Citrix Access Gateway Unspecified Security Bypass Vulnerability March 7, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in Citrix Access Gateway PLATFORM: Standard Edition 5.0.x prior to 5.0.4.223524. Versions 4.5.x and 4.6.x are not affected by this vulnerability ABSTRACT: A vulnerability has been reported in Citrix Access Gateway, which can be exploited by malicious people to bypass certain security restrictions. REFERENCE LINKS: Secunia Advisory SA52479 Security Tracker Alert ID 1028255 com/id/1028255 CVE-2013-2263 Citrix Knowledge Center IMPACT ASSESSMENT: High DISCUSSION: The vulnerability could allow an unauthenticated user to gain access to network resources. IMPACT:

154

V-214: Mozilla Firefox Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Mozilla Firefox Multiple Vulnerabilities 4: Mozilla Firefox Multiple Vulnerabilities V-214: Mozilla Firefox Multiple Vulnerabilities August 8, 2013 - 2:16am Addthis PROBLEM: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. PLATFORM: Mozilla Firefox 22.x ABSTRACT: The vulnerabilities are reported in versions prior to 23.0. REFERENCE LINKS: Secunia Advisory SA54418 CVE-2013-1701 CVE-2013-1702 CVE-2013-1704 CVE-2013-1705 CVE-2013-1706 CVE-2013-1707 CVE-2013-1709 CVE-2013-1710 CVE-2013-1711 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717 IMPACT ASSESSMENT: High DISCUSSION: Multiple vulnerabilities have been reported in Mozilla Firefox, which can

155

T-542: SAP Crystal Reports Server Multiple Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: SAP Crystal Reports Server Multiple Vulnerabilities 2: SAP Crystal Reports Server Multiple Vulnerabilities T-542: SAP Crystal Reports Server Multiple Vulnerabilities January 25, 2011 - 2:30pm Addthis PROBLEM: SAP Crystal Reports Server Multiple Vulnerabilities. PLATFORM: Crystal Reports Server 2008 ABSTRACT: Multiple vulnerabilities in SAP Crystal Reports Server 2008, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks, manipulate certain data, and compromise a user's system. reference LINKS: Secunia Advisory SA43060 Vulnerability Report: Crystal Reports Server 2008 IMPACT ASSESSMENT: High Discussion: 1) Input passed to the "actId" parameter in InfoViewApp/jsp/common/actionNav.jsp, "backUrl" parameter in

156

U-179: IBM Java 7 Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: IBM Java 7 Multiple Vulnerabilities 9: IBM Java 7 Multiple Vulnerabilities U-179: IBM Java 7 Multiple Vulnerabilities May 30, 2012 - 7:00am Addthis PROBLEM: IBM has acknowledged multiple vulnerabilities in IBM Java PLATFORM: IBM Java 7.x ABSTRACT: Vulnerabilities can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. Reference Links: Secunia Advisory 49333 CVE-2011-3389 Vendor Advisory IMPACT ASSESSMENT: High Discussion: IBM released a patch to address vulerabilities in IBM Java 7. IBM 7 SR1 is available for download. Impact: Hijacking Manipulation of data Exposure of sensitive information

157

V-059: MoinMoin Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: MoinMoin Multiple Vulnerabilities 9: MoinMoin Multiple Vulnerabilities V-059: MoinMoin Multiple Vulnerabilities January 1, 2013 - 5:57am Addthis PROBLEM: MoinMoin Multiple Vulnerabilities PLATFORM: Version(s): MoinMoin 1.x ABSTRACT: Multiple vulnerabilities have been reported in MoinMoin, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system and by malicious people to manipulate certain data. REFERENCE LINKS: Secunia Advisory SA51663 CVE-2012-6080 CVE-2012-6081 CVE-2012-6082 IMPACT ASSESSMENT: High DISCUSSION: 1) Certain input when handling the AttachFile action is not properly verified before being used to write files. This can be exploited to overwrite arbitrary files via directory traversal sequences. 2) The application allows the upload of files with arbitrary extensions to

158

V-123: VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability 3: VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability V-123: VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability April 1, 2013 - 1:26am Addthis PROBLEM: VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability PLATFORM: VMware ESX Server 4.x VMware ESXi 4.x VMware ESXi 5.x ABSTRACT: A vulnerability has been reported in VMware ESX and ESXi REFERENCE LINKS: VMware ESXi security update Secunia Advisory SA52844 CVE-2012-5134 IMPACT ASSESSMENT: High DISCUSSION: The ESXi userworld libxml2 library has been updated to resolve a security issue IMPACT: VMware ESX and ESXi can be exploited by malicious people to compromise a vulnerable system SOLUTION: The vendor has issued a fix, VMware ESXi 5.0, Patch Release ESXi500-201303001 (2044373) Addthis Related Articles U-128: VMware ESX/ESXi Buffer Overflow and Null Pointer Dereference Lets

159

V-121: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Google Chrome Multiple Vulnerabilities 1: Google Chrome Multiple Vulnerabilities V-121: Google Chrome Multiple Vulnerabilities March 28, 2013 - 12:29am Addthis PROBLEM: Google Chrome Multiple Vulnerabilities PLATFORM: versions prior to 26.0.1410.43. ABSTRACT: Multiple vulnerabilities have been reported in Google Chrome REFERENCE LINKS: Secunia Advisory SA52761 CVE-2013-0916 CVE-2013-0917 CVE-2013-0918 CVE-2013-0919 CVE-2013-0920 CVE-2013-0921 CVE-2013-0922 CVE-2013-0923 CVE-2013-0924 CVE-2013-0925 CVE-2013-0926 IMPACT ASSESSMENT: High DISCUSSION: Multiple vulnerabilities have been reported in Google Chrome, where one has an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. IMPACT: 1) A use-after-free error exists in Web Audio.

160

V-105: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Google Chrome Multiple Vulnerabilities 5: Google Chrome Multiple Vulnerabilities V-105: Google Chrome Multiple Vulnerabilities March 6, 2013 - 12:09am Addthis PROBLEM: Google Chrome Multiple Vulnerabilities PLATFORM: Google Chrome prior to 25.0.1364.152. ABSTRACT: Multiple vulnerabilities have been reported in Google Chrome REFERENCE LINKS: Stable Channel Update Secunia Advisory SA52454 CVE-2013-0902 CVE-2013-0903 CVE-2013-0904 CVE-2013-0905 CVE-2013-0906 CVE-2013-0907 CVE-2013-0908 CVE-2013-0909 CVE-2013-0910 CVE-2013-0911 IMPACT ASSESSMENT: High DISCUSSION: Multiple vulnerabilities in Google Chrome may have an unknown impact and others can be exploited by malicious people to compromise a user's system. 1) A use-after-free error exists in frame loader. 2) A use-after-free error exists in browser navigation handling.

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


161

V-081: Wireshark Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Wireshark Multiple Vulnerabilities 1: Wireshark Multiple Vulnerabilities V-081: Wireshark Multiple Vulnerabilities January 31, 2013 - 12:21am Addthis PROBLEM: Wireshark Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 1.8.5 and 1.6.13. ABSTRACT: Multiple vulnerabilities have been reported in Wireshark REFERENCE LINKS: Wireshark 1.8.5 Release Notes Secunia Advisory SA51968 IMPACT ASSESSMENT: High DISCUSSION: 1) Errors in the Bluetooth HCI, CSN.1, DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols, MPLS, R3, RTPS, SDP, and SIP dissectors can be exploited to trigger infinite loops and consume CPU resources via specially crafted packets. 2) An error in the CLNP dissector when processing certain packets can be exploited to cause a crash via a specially crafted packet.

162

V-152: Cisco Unified Customer Voice Portal (CVP) Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Cisco Unified Customer Voice Portal (CVP) Multiple 2: Cisco Unified Customer Voice Portal (CVP) Multiple Vulnerabilities V-152: Cisco Unified Customer Voice Portal (CVP) Multiple Vulnerabilities May 9, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Cisco Unified Customer Voice Portal (CVP) PLATFORM: The vulnerabilities are reported in versions prior to 9.0.1 ES 11 ABSTRACT: Various components of Cisco Unified CVP are affected. These vulnerabilities can be exploited independently; however, more than one vulnerability could be exploited on the same device. REFERENCE LINKS: Secunia Advisory SA53306 Cisco Advisory ID cisco-sa-20130508-cvp Cisco Applied Mitigation Bulletin CVE-2013-1220 CVE-2013-1221 CVE-2013-1222 CVE-2013-1223 CVE-2013-1224 CVE-2013-1225 IMPACT ASSESSMENT: Medium DISCUSSION:

163

V-081: Wireshark Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Wireshark Multiple Vulnerabilities 1: Wireshark Multiple Vulnerabilities V-081: Wireshark Multiple Vulnerabilities January 31, 2013 - 12:21am Addthis PROBLEM: Wireshark Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 1.8.5 and 1.6.13. ABSTRACT: Multiple vulnerabilities have been reported in Wireshark REFERENCE LINKS: Wireshark 1.8.5 Release Notes Secunia Advisory SA51968 IMPACT ASSESSMENT: High DISCUSSION: 1) Errors in the Bluetooth HCI, CSN.1, DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols, MPLS, R3, RTPS, SDP, and SIP dissectors can be exploited to trigger infinite loops and consume CPU resources via specially crafted packets. 2) An error in the CLNP dissector when processing certain packets can be exploited to cause a crash via a specially crafted packet.

164

U-179: IBM Java 7 Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: IBM Java 7 Multiple Vulnerabilities 9: IBM Java 7 Multiple Vulnerabilities U-179: IBM Java 7 Multiple Vulnerabilities May 30, 2012 - 7:00am Addthis PROBLEM: IBM has acknowledged multiple vulnerabilities in IBM Java PLATFORM: IBM Java 7.x ABSTRACT: Vulnerabilities can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. Reference Links: Secunia Advisory 49333 CVE-2011-3389 Vendor Advisory IMPACT ASSESSMENT: High Discussion: IBM released a patch to address vulerabilities in IBM Java 7. IBM 7 SR1 is available for download. Impact: Hijacking Manipulation of data Exposure of sensitive information

165

V-178: IBM Data Studio Web Console Java Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: IBM Data Studio Web Console Java Multiple Vulnerabilities 8: IBM Data Studio Web Console Java Multiple Vulnerabilities V-178: IBM Data Studio Web Console Java Multiple Vulnerabilities June 14, 2013 - 6:00am Addthis PROBLEM: IBM has acknowledged a weakness and two vulnerabilities in IBM Data Studio PLATFORM: IBM Data Studio 3.x ABSTRACT: IBM Data Studio Web Console uses the IBM Java Runtime Environment (JRE) and might be affected by vulnerabilities in the IBM JRE REFERENCE LINKS: Secunia Advisory SA53778 IBM Flash Alert 1640533 CVE-2013-0169 CVE-2013-0440 CVE-2013-0443 IMPACT ASSESSMENT: High DISCUSSION: An unspecified vulnerability within the JSSE component could allow: 1) A remote attacker to cause a denial of service 2) To statistically observe the time necessary to generate/receive error messages and deduce the plaintext after a relatively small number of

166

V-092: Pidgin Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Pidgin Multiple Vulnerabilities 2: Pidgin Multiple Vulnerabilities V-092: Pidgin Multiple Vulnerabilities February 15, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Pidgin PLATFORM: Vulnerabilities are reported in version 2.10.6. Prior versions may also be affected. ABSTRACT: Multiple vulnerabilities have been reported in Pidgin, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52178 Pidgin CVE-2013-0271 CVE-2013-0272 CVE-2013-0273 CVE-2013-0274 IMPACT ASSESSMENT: High DISCUSSION: 1) An error within the MXit protocol plugin when saving images can be exploited to overwrite certain files. 2) A boundary error within the "mxit_cb_http_read()" function

167

V-001: Mozilla Security vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Mozilla Security vulnerabilities 1: Mozilla Security vulnerabilities V-001: Mozilla Security vulnerabilities October 12, 2012 - 6:00am Addthis PROBLEM: Mozilla Security vulnerabilities PLATFORM: Vulnerabilities are reported in Firefox and Thunderbird versions prior to 16.0.1 and SeaMonkey versions prior to 2.13.1. ABSTRACT: Mozilla Firefox / Thunderbird / SeaMonkey Multiple Vulnerabilities REFERENCE LINKS: Secunia Advisory SA50932 Mozilla Security Blog Mozilla Foundation Security Advisory 2012-88 Mozilla Foundation Security Advisory 2012-89 SecurityTracker Alert ID: 1027653 SecurityTracker Alert ID: 1027652 SecurityTracker Alert ID: 1027651 CVE-2012-4190 CVE-2012-4191 CVE-2012-4192 CVE-2012-4193 IMPACT ASSESSMENT: High DISCUSSION: 1) The protected "location" object is accessible by other domain objects,

168

V-116: Google Picasa BMP and TIFF Images Processing Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Google Picasa BMP and TIFF Images Processing Vulnerabilities 6: Google Picasa BMP and TIFF Images Processing Vulnerabilities V-116: Google Picasa BMP and TIFF Images Processing Vulnerabilities March 21, 2013 - 6:00am Addthis PROBLEM: Two vulnerabilities have been discovered in Google Picasa PLATFORM: Google Picasa Version 3.9.0 build 136.09 for Windows/3.9.14.34 for Mac ABSTRACT: Two vulnerabilities have been discovered in Google Picasa, which can be exploited by malicious people to compromise a user's system. REFERENCE LINKS: Secunia Advisory SA51652 Picasa Release Notes IMPACT ASSESSMENT: High DISCUSSION: 1) A sign extension error when processing the color table of a BMP image can be exploited to cause a heap-based buffer overflow via a BMP image with a specially crafted "biBitCount" field. 2) The application bundles a vulnerable version of LibTIFF.

169

Plutonium Vulnerability Management Plan  

SciTech Connect

This Plutonium Vulnerability Management Plan describes the Department of Energy`s response to the vulnerabilities identified in the Plutonium Working Group Report which are a result of the cessation of nuclear weapons production. The responses contained in this document are only part of an overall, coordinated approach designed to enable the Department to accelerate conversion of all nuclear materials, including plutonium, to forms suitable for safe, interim storage. The overall actions being taken are discussed in detail in the Department`s Implementation Plan in response to the Defense Nuclear Facilities Safety Board (DNFSB) Recommendation 94-1. This is included as Attachment B.

NONE

1995-03-01T23:59:59.000Z

170

Sandia Site Office Technical Qualification Program Self Assessment Report, October 2012  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Technical Qualification Program Self Assessment Report Technical Qualification Program Self Assessment Report ASRP-N0-10.2.2012-469406 Title : Sandia Site Office Technical Qualification Program Self Assessment Lead Assessor: James Todd, SSO FTCP Agent Team Members: Shirley Ireland, Dave Rast, Wendy Sawyer, and Allen Tate Self assessnnent ASM-N0-9.13.2012-464813 Number: Dates Conducted: 9/17 -10/12, 2012 Self Asse;ssment Scope This self assessment examined how Sandia Site Office (SSO) executes the Technical Qualification Program (TQP) as measured by the current Federal Technical Capability Panel criteria review and approach documents (CRADs) included in the assessment plan. Self Asse.ssment Summary The Sandia Site Office Technical Qualification Program is implemented. Site office technical personnel responsible for providing assistance, guidance, direction, or oversight that could affect

171

BA Economics and BA Financial Economics Assessment Plan Program Learning Objectives  

E-Print Network (OSTI)

BA Economics and BA Financial Economics ­ Assessment Plan Program Learning Objectives The program will prepare graduates: 1. Understand the "economic way model economic decisions. 3. The ability to analyze historical and current events

Cantlon, Jessica F.

172

Technical Qualification Program Self-Assessment Report- Sandia Site Office- 2012  

Energy.gov (U.S. Department of Energy (DOE))

This self assessment examined how Sandia Site Office (SSO) executes the Technical Qualification Program (TQP) as measured by the current Federal Technical Capability Panel criteria review and approach documents (CRADs) included in the assessment plan.

173

Technical Qualification Program Self-Assessment Report- Pacific Northwest Site Office- 2013  

Energy.gov (U.S. Department of Energy (DOE))

This self-assessment evaluated how well the Technical Qualification and Federal Capability Programs were implemented at the Pacific Northwest Site Office (PNSO).

174

E-Print Network 3.0 - assessment program 5-year Sample Search...  

NLE Websites -- All DOE Office Websites (Extended Search)

(5 YEARS) Summary: and assessment to programs and services to increase efficiency and cost effectiveness. CRITICAL SUCCESS FACTOR (5... FY11 ASSESSMENTCRITICAL SUCCESS FACTOR (5...

175

Chemical-Terrorism Vulnerability Information Guidance Document January 7, 2011  

E-Print Network (OSTI)

.215; Not currently applicable (2) Site Security Plans under §27.225; Not currently applicable (3) Documents relating to the Department's review and approval of Security Vulnerability Assessments and Site Security Plans, including

Pawlowski, Wojtek

176

U-042: Mac RealPlayer Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

42: Mac RealPlayer Multiple Vulnerabilities 42: Mac RealPlayer Multiple Vulnerabilities U-042: Mac RealPlayer Multiple Vulnerabilities November 21, 2011 - 9:15am Addthis PROBLEM: Mac RealPlayer Multiple Vulnerabilities. PLATFORM: Versions 12.0.0.1701 and prior. ABSTRACT: Multiple vulnerabilities have been reported in Mac RealPlayer, which can be exploited by malicious people to compromise a user's system. reference LINKS: Secunia Advisory: SA46963 Secunia Vulnerability Report: Mac RealPlayer 12.x Secunia Advisory: SA46954 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a user's system. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in the versions 14.0.7 and prior.

177

U-042: Mac RealPlayer Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Mac RealPlayer Multiple Vulnerabilities 2: Mac RealPlayer Multiple Vulnerabilities U-042: Mac RealPlayer Multiple Vulnerabilities November 21, 2011 - 9:15am Addthis PROBLEM: Mac RealPlayer Multiple Vulnerabilities. PLATFORM: Versions 12.0.0.1701 and prior. ABSTRACT: Multiple vulnerabilities have been reported in Mac RealPlayer, which can be exploited by malicious people to compromise a user's system. reference LINKS: Secunia Advisory: SA46963 Secunia Vulnerability Report: Mac RealPlayer 12.x Secunia Advisory: SA46954 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a user's system. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in the versions 14.0.7 and prior.

178

(Environmental impact assessment as applied to policies, plans and programs)  

SciTech Connect

A proposal to study the application of the principles of environmental impact assessment (EIA) to policy, plans, and programs was submitted by the US Environmental Protection Agency (EPA) to the Senior Advisors on Environmental and Water Problems of the United Nations Economic Commission. On approval, EPA asked Oak Ridge National Laboratory (ORNL) to support its efforts as lead participant on an international task force. ORNL is responsible for overall project management, including development of the report. At the first meeting in Geneva on June 18--19, there were representatives from Austria, Canada, Finland, Norway, Poland, Sweden, and the United Kingdom. The administrative/legal setting for EIA in each country was reviewed. The objectives of the task force were defined, and issues related to the application of EIA at the policy level were discussed. At the second meeting, in addition to those countries represented at the first meeting the Commission of Economic Communities, Czech and Slovak Federal Republic, Remark, Federal Republic of Germany, Hungary, and The Netherlands were represented. A brief review was given by the new participants of legal/administrative requirements for EIA in their countries. Case studies were presented by Canada, Finland, The Netherlands, Norway, Sweden, and the United States.

Sigal, L.L.

1990-10-19T23:59:59.000Z

179

Environmental Assessment for the Proposed Los Alamos National Laboratory Trails Management Program, Los Alamos, New Mexico  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

31 31 Environmental Assessment for the Proposed Los Alamos National Laboratory Trails Management Program, Los Alamos, New Mexico September 2, 2003 Department of Energy National Nuclear Security Administration Los Alamos Site Office Environmental Assessment for the Proposed LANL Trails Management Program DOE LASO September 2, 2003 iii Contents Acronyms and Terms................................................................................................................................vii Executive Summary ...................................................................................................................................ix 1.0 Purpose and Need ..............................................................................................................................1

180

U-100: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Google Chrome Multiple Vulnerabilities 0: Google Chrome Multiple Vulnerabilities U-100: Google Chrome Multiple Vulnerabilities February 10, 2012 - 7:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions, manipulate certain data, and compromise a user's system. PLATFORM: Google Chrome 16.x ABSTRACT: A remote user can create a specially crafted content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. Reference LINKS: Google Announcements and Release Channel Secunia Advisory SA47938 Security Tracker ID 1026654 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in Google Chrome, where some

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


181

V-173: Plesk 0-Day Vulnerability | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Plesk 0-Day Vulnerability 3: Plesk 0-Day Vulnerability V-173: Plesk 0-Day Vulnerability June 7, 2013 - 6:00am Addthis PROBLEM: There is a command injection vulnerability in Plesk which is currently being exploited in the wild PLATFORM: Plesk versions 8.6, 9.0, 9.2, 9.3, and 9.5.4 ABSTRACT: The vulnerability is caused due to PHP misconfiguration in the affected application REFERENCE LINKS: Seclist.org TrendMicro SIB isc.sans.edu Paritynews.com slashdot.org IMPACT ASSESSMENT: High DISCUSSION: The exploit makes use of specially crafted HTTP queries that inject PHP commands. The exploit uses POST request to launch a PHP interpreter and the attacker can set any configuration parameters through the POST request. The exploit code published calls the PHP interpreter directly with allow_url_include=on, safe_mode=off and suhosin.simulation=on arguments.

182

T-731:Symantec IM Manager Code Injection Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

T-731:Symantec IM Manager Code Injection Vulnerability T-731:Symantec IM Manager Code Injection Vulnerability T-731:Symantec IM Manager Code Injection Vulnerability September 30, 2011 - 8:30am Addthis PROBLEM: Symantec IM Manager Code Injection Vulnerability. PLATFORM: IM Manager versions prior to 8.4.18 are affected. ABSTRACT: Symantec IM Manager is prone to a vulnerability that will let attackers run arbitrary code. referecnce LINKS: Symantec Security Advisory SYM11-012 Symantec Security Updates Bugtraq ID: 49742 IMPACT ASSESSMENT: High Discussion: Symantec was notified of Cross-Site Scripting and Code injection/execution issues present in the Symantec IM Manager management console. The management console fails to properly filter/validate external inputs. Successful exploitation of SQL Injection or Remote Code execution might

183

T-674: Drupal Secure Password Hashes Module Security Bypass Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

74: Drupal Secure Password Hashes Module Security Bypass 74: Drupal Secure Password Hashes Module Security Bypass Vulnerability T-674: Drupal Secure Password Hashes Module Security Bypass Vulnerability July 22, 2011 - 3:00pm Addthis PROBLEM: Drupal Secure Password Hashes Module Security Bypass Vulnerability PLATFORM: Drupal Secure Password Hashes 6.X-1.0 Drupal Secure Password Hashes 5.X-1.4 ABSTRACT: The Secure Password Hashes module for Drupal is prone to a security-bypass vulnerability. reference LINKS: Drupal Homepage SA-CONTRIB-2011-026 - Secure Password Hashes (phpass) - Multiple Vulnerabilities IMPACT ASSESSMENT: Medium Discussion: This module uses the PHPass hashing library to try to store users hashed passwords securely. The module sets a fixed string for the 'pass' column in the {users} database column but does not replace the pass attribute of the account

184

V-182: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Symantec Endpoint Protection Manager Buffer Overflow 2: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability V-182: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability June 20, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in Symantec Endpoint Protection Manager PLATFORM: The vulnerability is reported in versions 12.1.x prior to 12.1 RU3 ABSTRACT: Symantec was notified of a pre-authentication buffer overflow found in the Symantec Endpoint Protection Manager (SEPM) and Symantec Endpoint Protection Center (SPC) REFERENCE LINKS: Secunia Advisory SA53864 SecurityTracker Alert ID: 1028683 Symantec Adivsory SYM13-005 CVE-2013-1612 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to a boundary error within secars.dll and can be exploited to cause a buffer overflow via the web-based management

185

V-182: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

82: Symantec Endpoint Protection Manager Buffer Overflow 82: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability V-182: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability June 20, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in Symantec Endpoint Protection Manager PLATFORM: The vulnerability is reported in versions 12.1.x prior to 12.1 RU3 ABSTRACT: Symantec was notified of a pre-authentication buffer overflow found in the Symantec Endpoint Protection Manager (SEPM) and Symantec Endpoint Protection Center (SPC) REFERENCE LINKS: Secunia Advisory SA53864 SecurityTracker Alert ID: 1028683 Symantec Adivsory SYM13-005 CVE-2013-1612 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to a boundary error within secars.dll and can be exploited to cause a buffer overflow via the web-based management

186

U-173: Symantec Web Gateway Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Symantec Web Gateway Multiple Vulnerabilities 3: Symantec Web Gateway Multiple Vulnerabilities U-173: Symantec Web Gateway Multiple Vulnerabilities May 21, 2012 - 7:00am Addthis PROBLEM: Symantec Web Gateway Multiple Vulnerabilities PLATFORM: 5.0.x prior to 5.0.3 ABSTRACT: Several vulnerabilities were reported in Symantec Web Gateway. A remote user can include and execute arbitrary code on the target system. A remote user can conduct cross-site scripting attacks. A remote user can view/delete/upload files on the target system. Reference Links: SecurityTracker Alert ID: 1027078 CVE-2012-0296 CVE-2012-0297 CVE-2012-0298 CVE-2012-0299 IMPACT ASSESSMENT: Medium Discussion: The management interface does not properly authenticate remote users and does not properly validate user-supplied input. A remote user can cause arbitrary scripting code to be executed by the

187

V-119: IBM Security AppScan Enterprise Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: IBM Security AppScan Enterprise Multiple Vulnerabilities 9: IBM Security AppScan Enterprise Multiple Vulnerabilities V-119: IBM Security AppScan Enterprise Multiple Vulnerabilities March 26, 2013 - 12:56am Addthis PROBLEM: IBM Security AppScan Enterprise Multiple Vulnerabilities PLATFORM: IBM Rational AppScan 5.x IBM Rational AppScan 8.x ABSTRACT: IBM has acknowledged multiple vulnerabilities REFERENCE LINKS: IBM Reference #:1626264 Secunia Advisory SA52764 CVE-2008-4033 CVE-2012-4431 CVE-2012-5081 CVE-2013-0473 CVE-2013-0474 CVE-2013-0510 CVE-2013-0511 CVE-2013-0512 CVE-2013-0513 CVE-2013-0532 IMPACT ASSESSMENT: Medium DISCUSSION: 1) The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. cause a DoS when a logged-in user visits a

188

V-111: Multiple vulnerabilities have been reported in Puppet | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Multiple vulnerabilities have been reported in Puppet 1: Multiple vulnerabilities have been reported in Puppet V-111: Multiple vulnerabilities have been reported in Puppet March 14, 2013 - 12:12am Addthis PROBLEM: Multiple vulnerabilities have been reported in Puppet PLATFORM: Puppet 2.x Puppet 3.x Puppet Enterprise 1.x Puppet Enterprise 2.x ABSTRACT: Puppet Multiple Vulnerabilities REFERENCE LINKS: Puppet Blog Secunia Advisory SA52596 CVE-2013-1640 CVE-2013-1652 CVE-2013-1653 CVE-2013-1654 CVE-2013-1655 CVE-2013-2274 CVE-2013-2275 IMPACT ASSESSMENT: High DISCUSSION: 1) An unspecified error exists when invoking the "template" or "inline_template" functions while responding to a catalog request and can be exploited to execute arbitrary code via a specially crafted catalog request. 2) An input validation error exists in the application and can be exploited

189

U-174: Serendipity Unspecified SQL Injection Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Serendipity Unspecified SQL Injection Vulnerability 4: Serendipity Unspecified SQL Injection Vulnerability U-174: Serendipity Unspecified SQL Injection Vulnerability May 22, 2012 - 7:00am Addthis PROBLEM: Serendipity Unspecified SQL Injection Vulnerability PLATFORM: 1.6.1 and prior versions ABSTRACT: A vulnerability was reported in Serendipity. A remote user can inject SQL commands. Reference Links: SecurityTracker Alert ID: 1027079 Secunia Advisory SA49234 CVE-2012-2762 IMPACT ASSESSMENT: Medium Discussion: The 'include/functions_trackbacks.inc.php' script does not properly validate user-supplied input. A remote user can supply a specially crafted parameter value to execute SQL commands on the underlying database. Impact: A remote user can execute SQL commands on the underlying database. Solution: The vendor has issued a fix (1.6.2).

190

V-118: IBM Lotus Domino Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: IBM Lotus Domino Multiple Vulnerabilities 8: IBM Lotus Domino Multiple Vulnerabilities V-118: IBM Lotus Domino Multiple Vulnerabilities March 25, 2013 - 12:40am Addthis PROBLEM: IBM Lotus Domino Multiple Vulnerabilities PLATFORM: IBM Domino 8.x ABSTRACT: Multiple vulnerabilities have been reported in IBM Lotus Domino REFERENCE LINKS: IBM Reference #:1627597 Secunia Advisory SA52753 CVE-2012-6277 CVE-2013-0486 CVE-2013-0487 IMPACT ASSESSMENT: High DISCUSSION: 1) An unspecified error can be exploited to disclose time-limited authentication credentials via the Domino Java Console and subsequently gain otherwise restricted access. Successful exploitation may require certain knowledge of Domino server configuration. 2) An unspecified error in the HTTP server component can be exploited to cause a memory leak and subsequently crash the server.

191

T-625: Opera Frameset Handling Memory Corruption Vulnerability | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Opera Frameset Handling Memory Corruption Vulnerability 5: Opera Frameset Handling Memory Corruption Vulnerability T-625: Opera Frameset Handling Memory Corruption Vulnerability May 18, 2011 - 3:05pm Addthis PROBLEM: A vulnerability has been reported in Opera, which can be exploited by malicious people to compromise a user's system. PLATFORM: Opera versions prior to 11.11 ABSTRACT: The vulnerability is caused due to an error when handling certain frameset constructs during page unloading and can be exploited to corrupt memory via a specially crafted web page. reference LINKS: Secunia Advisory: SA44611 Opera Knowledge Base Opera 11.11 for Windows Opera Download Opera Mobile IMPACT ASSESSMENT: High Discussion: Framesets allow web pages to hold other pages inside them. Certain frameset constructs are not handled correctly when the page is unloaded, causing a

192

V-022: Attachmate Reflection Products Java Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Attachmate Reflection Products Java Multiple Vulnerabilities 2: Attachmate Reflection Products Java Multiple Vulnerabilities V-022: Attachmate Reflection Products Java Multiple Vulnerabilities November 13, 2012 - 1:00am Addthis PROBLEM: Attachmate Reflection Products Java Multiple Vulnerabilities PLATFORM: Reflection X 2011 Reflection Suite for X 2011 Reflection for Secure IT Server for Windows Reflection for Secure IT Client and Server for UNIX ABSTRACT: Security issues related to Reflection PKI Services Manager REFERENCE LINKS: PKI Services Manager Technical Note 2560 Secunia Advisory SA51256 CVE-2012-0551 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1720 CVE-2012-1721 CVE-2012-1722 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 CVE-2012-1726 IMPACT ASSESSMENT: High DISCUSSION: Attachmate has acknowledged multiple vulnerabilities in some Reflection

193

Mitigations for Security Vulnerabilities Found in Control System Networks |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Mitigations for Security Vulnerabilities Found in Control System Mitigations for Security Vulnerabilities Found in Control System Networks Mitigations for Security Vulnerabilities Found in Control System Networks Industry is aware of the need for Control System (CS) security, but in on-site assessments, Idaho National Laboratory (INL) has observed that security procedures and devices are not consistently and effectively implemented. The Department of Homeland Security (DHS), National Cyber Security Division (NCSD), established the Control Systems Security Center (CSSC) at INL to help industry and government improve the security of the CSs used in the nation's critical infrastructures. One of the main CSSC objectives is to identify control system vulnerabilities and develop effective mitigations for them. This paper discusses common problems and vulnerabilities seen in

194

V-173: Plesk 0-Day Vulnerability | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Plesk 0-Day Vulnerability 3: Plesk 0-Day Vulnerability V-173: Plesk 0-Day Vulnerability June 7, 2013 - 6:00am Addthis PROBLEM: There is a command injection vulnerability in Plesk which is currently being exploited in the wild PLATFORM: Plesk versions 8.6, 9.0, 9.2, 9.3, and 9.5.4 ABSTRACT: The vulnerability is caused due to PHP misconfiguration in the affected application REFERENCE LINKS: Seclist.org TrendMicro SIB isc.sans.edu Paritynews.com slashdot.org IMPACT ASSESSMENT: High DISCUSSION: The exploit makes use of specially crafted HTTP queries that inject PHP commands. The exploit uses POST request to launch a PHP interpreter and the attacker can set any configuration parameters through the POST request. The exploit code published calls the PHP interpreter directly with allow_url_include=on, safe_mode=off and suhosin.simulation=on arguments.

195

Technical Qualification Program Self-Assessment Report- Los Alamos Site Office- 2013  

Energy.gov (U.S. Department of Energy (DOE))

This self-assessment of the Technical Qualifications and Federal Technical Capability program was conducted to provide Los Alamos Field Office (LAFO) management specific information related to effectiveness of the documentation and implementation of these programs. The conclusion of this assessment is that the areas assessed herein are compliant with the requirements, and that implementation of the requirements has been effective at this Field Office.

196

Technical Qualification Program Self-Assessment Report- Los Alamos Field Office- FY14  

Energy.gov (U.S. Department of Energy (DOE))

The FY14 self-assessment of the Technical Qualifications Program (TQP) and Federal Technical Capabilities Program (FTCP) was conducted to provide Los Alamos Field Office (NA-LA) management specific information related to effectiveness of the documentation and implementation of these programs.

197

Technical Qualification Program Self-Assessment Report- Carlsbad Field Office- 2012  

Energy.gov (U.S. Department of Energy (DOE))

Management Assessment (MA-12-08) was conducted from October 1-31, 2012. The management assessment team evaluated the specific requirement implementation, processes, and performance areas of the CBFO Technical Qualification Program (TQP). The assessment covered the relevant parts of DOE 0 426.1, Federal Technical Capability.

198

Technical Qualification Program Self-Assessment Report - Nevada...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Field Office (NFO) implements the FTCP and TQP as measured by the current FTCP criteria review and approach documents (CRADs) included in the assessment plan. The self-assessment...

199

T-629: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities 9: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities T-629: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities May 24, 2011 - 3:35pm Addthis PROBLEM: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities. PLATFORM: Avaya versions prior to 3.8.5 (confirmed in 3.8.2) ABSTRACT: Vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user. refrence LINKS: Avaya Security Advisory: ASA-2011-143 Secunia Advisory: SA44062 Securelist ID: SA44062 Vulnerability Report: Avaya WinPDM 3.x IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities in Avaya WinPDM, which can be exploited by malicious people to compromise a vulnerable system. 1) A boundary error in the Unite Host Router service (UniteHostRouter.exe)

200

U-234: Oracle MySQL User Login Security Bypass Vulnerability | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

234: Oracle MySQL User Login Security Bypass Vulnerability 234: Oracle MySQL User Login Security Bypass Vulnerability U-234: Oracle MySQL User Login Security Bypass Vulnerability August 14, 2012 - 7:00am Addthis PROBLEM: Oracle MySQL User Login Security Bypass Vulnerability PLATFORM: Version(s): prior to 5.1.63 and 5.5.25 are vulnerable. ABSTRACT: Oracle MySQL is prone to a security bypass vulnerability Attackers can exploit this issue to bypass certain security restrictions. REFERENCE LINKS: http://www.securityfocus.com/bid/53911/discuss CVE-2012-2122 IMPACT ASSESSMENT: Medium Discussion: Security researchers have released details about a vulnerability in the MySQL server that could allow potential attackers to access MySQL databases without inputting proper authentication credentials.The vulnerability is identified as CVE-2012-2122 and was addressed in MySQL 5.1.63 and 5.5.25 in

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


201

U-158: HP NonStop Server Java Multiple Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: HP NonStop Server Java Multiple Vulnerabilities 8: HP NonStop Server Java Multiple Vulnerabilities U-158: HP NonStop Server Java Multiple Vulnerabilities April 30, 2012 - 7:00am Addthis PROBLEM: HP NonStop Server Java Multiple Vulnerabilities PLATFORM: HP NonStop Server 6.x ABSTRACT: Multiple vulnerabilities have been reported in HP NonStop Server Reference links: Secunia Advisory SA48977 CVE-2011-3547 CVE-2011-3551 CVE-2011-3553 IMPACT ASSESSMENT: High Discussion: HP has acknowledged multiple vulnerabilities in HP NonStop Server, which can be exploited by malicious users to disclose sensitive information and by malicious people to disclose sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. Impact: Successful exploitation of this vulnerability may allow remote manipulation

202

T-629: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

29: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities 29: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities T-629: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities May 24, 2011 - 3:35pm Addthis PROBLEM: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities. PLATFORM: Avaya versions prior to 3.8.5 (confirmed in 3.8.2) ABSTRACT: Vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user. refrence LINKS: Avaya Security Advisory: ASA-2011-143 Secunia Advisory: SA44062 Securelist ID: SA44062 Vulnerability Report: Avaya WinPDM 3.x IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities in Avaya WinPDM, which can be exploited by malicious people to compromise a vulnerable system. 1) A boundary error in the Unite Host Router service (UniteHostRouter.exe)

203

Cyber Assessment Methods for SCADA Security | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Assessment Methods for SCADA Security Assessment Methods for SCADA Security Cyber Assessment Methods for SCADA Security This paper describes vulnerability assessment methodologies used in ongoing research and assessment activities designed to identify and resolve vulnerabilities so as to improve the security of the nation's critical infrastructure. The terrorist attacks of September 11, 2001 brought to light threats and vulnerabilities that face the United States. In response, the U.S. Government is directing the effort to secure the nation's critical infrastructure by creating programs to implement the National Strategy to Secure Cyberspace (1). One part of this effort involves assessing Supervisory Control and Data Acquisition (SCADA) systems. These systems are essential to the control of critical elements of our national

204

Technical Qualification Program Self-Assessment Report - Y-12 Site Office |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Technical Qualification Program Self-Assessment Report - Y-12 Site Technical Qualification Program Self-Assessment Report - Y-12 Site Office Technical Qualification Program Self-Assessment Report - Y-12 Site Office The National Nuclear Security Administration Y-12 Site Office (YSO) has successfully implemented a Technical Qualification Program (YSO TQP) that produces highly qualified, technical individuals to execute oversight of site activities and support the site missions. The YSO management team considers the YSO TQP to be a significant factor by which the YSO personnel perform their jobs and support the site missions. YSO TQP Self-Assessment, July 2010 More Documents & Publications Technical Qualification Program Reaccreditation Report - Y-12 Site Office Independent Activity Report, Savannah River Operation - June 2010

205

Self-imposed self-assessment program at a DOE Nuclear Facility  

SciTech Connect

The Nuclear Materials and Technology (NMT) Division at Los Alamos National Laboratory (LANL) has implemented a performance-based self-assessment program at the TA-55 plutonium facility. The program was conceptualized and developed by LANL`s internal assessment group, AA-2. The management walkaround program fosters continuous improvement in NMT products and performance of its activities. The program, based on experience from the Institute of Nuclear Power Operations, is endorsed at the site by the U.S. Department of Energy (DOE) Environment, Safety, and Health (ES&H) personnel and by the Defense Nuclear Facility Safety Board. The self-assessment program focuses on how work is actually performed rather than on paperwork or process compliance. Managers critically and continually assess ES&H, conduct of operations, and other functional area requirements.

Geoffrion, R.R.; Loud, J.J.; Walter, E.C. [Los Alamos National Laboratory, NM (United States)

1996-12-31T23:59:59.000Z

206

Costa Rica-UNEP Risoe Technology Needs Assessment Program | Open Energy  

Open Energy Info (EERE)

Costa Rica-UNEP Risoe Technology Needs Assessment Program Costa Rica-UNEP Risoe Technology Needs Assessment Program Jump to: navigation, search Name Costa Rica-UNEP Risoe-Technology Needs Assessment Program Agency/Company /Organization UNEP-Risoe Centre Sector Energy Topics Background analysis, Low emission development planning, -Roadmap, Pathways analysis Website http://tech-action.org/ Country Costa Rica Central America References UNEP Risoe-Technology Needs Assessment Program[1] Abstract UNEP DTIE in collaboration with the UNEP Risoe Centre will provide targeted financial, technical and methodological support to assist a total of 35 to 45 countries to conduct TNA projects Overview "Technology needs assessment (TNA) is a set of country-driven activities that identifies and determines the mitigation and adaptation technology

207

Vietnam-UNEP Risoe-Technology Needs Assessment Program | Open Energy  

Open Energy Info (EERE)

Vietnam-UNEP Risoe-Technology Needs Assessment Program Vietnam-UNEP Risoe-Technology Needs Assessment Program Jump to: navigation, search Name Vietnam-UNEP Risoe-Technology Needs Assessment Program Agency/Company /Organization UNEP-Risoe Centre Sector Energy Topics Background analysis, Low emission development planning, -Roadmap, Pathways analysis Website http://tech-action.org/ Country Vietnam South-Eastern Asia References UNEP Risoe-Technology Needs Assessment Program[1] Abstract UNEP DTIE in collaboration with the UNEP Risoe Centre will provide targeted financial, technical and methodological support to assist a total of 35 to 45 countries to conduct TNA projects Overview "Technology needs assessment (TNA) is a set of country-driven activities that identifies and determines the mitigation and adaptation technology

208

Ivory Coast-UNEP Risoe Technology Needs Assessment Program | Open Energy  

Open Energy Info (EERE)

Ivory Coast-UNEP Risoe Technology Needs Assessment Program Ivory Coast-UNEP Risoe Technology Needs Assessment Program Jump to: navigation, search Name Ivory Coast-UNEP Risoe-Technology Needs Assessment Program Agency/Company /Organization UNEP-Risoe Centre Sector Energy Topics Background analysis, Low emission development planning, -Roadmap, Pathways analysis Website http://tech-action.org/ Country Ivory Coast Western Africa References UNEP Risoe-Technology Needs Assessment Program[1] Abstract UNEP DTIE in collaboration with the UNEP Risoe Centre will provide targeted financial, technical and methodological support to assist a total of 35 to 45 countries to conduct TNA projects Overview "Technology needs assessment (TNA) is a set of country-driven activities that identifies and determines the mitigation and adaptation technology

209

Summary results of an assessment of research projects in the superconductivity for electric power systems program  

SciTech Connect

The Office of Program Analysis undertook an assessment of 37 research projects sponsored by the High Temperature Superconductivity Program. This report summarizes the results of the review. Rating factors included scientific and technical merit, mission relevance, appropriateness and level of innovation, quality of project team, productivity, and probable impact on the program`s mission. Some research needs and opportunities are described that were identified by the reviewers in the areas of wire development, deposited film technology, and systems development.

NONE

1992-10-01T23:59:59.000Z

210

Nonproliferation and National Security Program - Nuclear Engineering  

NLE Websites -- All DOE Office Websites (Extended Search)

Major Programs > Nonproliferation and Major Programs > Nonproliferation and National Security Program Nonproliferation & National Security (NPNS) Overview Technical Nonproliferation Policy Support Strategic Trade Control Review of export license applications Multilateral Export Control Arrangements Interdiction Engagement & Training INECP INSEP GIPP Safeguards Concepts and Approaches Human Capital Development Additional Protocol Technical Assistance National Security Systems & Assessments National Security Information Systems Vulnerability Assessment Team (VAT) Radiation Detection & Response (RDR) Contact NPNS Other Major Programs Work with Argonne Contact us For Employees Site Map Help Join us on Facebook Follow us on Twitter NE Division on Flickr Nonproliferation and National Security Program (NPNS)

211

Assessment of a Cambridge Structural Database-Driven Overlay Program  

Science Journals Connector (OSTI)

In order to address this problem, our program was designed to produce a diverse set of plausible molecular overlays that all give potential pharmacophore hypotheses to test. ... We tested the ability of the overlay program to reproduce the experimental overlay of 121 systems grouped into four categories (i.e., easy, moderate, hard, and unfeasible) on the basis of how easy or difficult it would be for a program to reproduce them. ... We tested the ability of the program to reproduce the experimental overlay of 121 ligand sets available from the recently published AZ test set. ...

Ilenia Giangreco; Tjelvar S. G. Olsson; Jason C. Cole; Martin J. Packer

2014-11-13T23:59:59.000Z

212

Environmental hazards assessment program. Annual report, July 1, 1994--June 30, 1995  

SciTech Connect

This report describes activities and reports on progress for the third year of the DOE grant to support the Environmental Hazards Assessment Program (EHAP). It reports progress against grant objectives and the Program Implementation Plan published at the end of the first year of the grant. As the program has evolved, more projects have been funded and many existing projects have become more complex. Thus, to accomplish better the objectives over the years and retain a solid focus on the total mission, we have reorganized the grant effort from three to five majoe elements: Public and professional outreach; Clinical programs; Science programs; Information systems; and, Program management.

NONE

1995-07-31T23:59:59.000Z

213

Technical Qualification Program Self-Assessment Report - Savannah...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Team Leader utilizing criteria and objectives provided on the FTCP website. Specific "lines of inquiry" were tailored to the organization and assessment processes of the DOE-SR....

214

Technical Qualification Program Self-Assessment Report- Office of River Protection- 2014  

Energy.gov (U.S. Department of Energy (DOE))

A self-assessment was performed in accordance with TRS-OA-IP-07, Management (Self) Assessment, Rev. 2, where information was retrieved from MGT-QT-PL-01, Technical Qualification Program (TQP) Plan, Rev. 3; MGT-QT-DI-01, Technical Qualification Program: Federal Technical Capability Agent Duties, Rev. 2; technical staff electronic training and qualifications files; and ORP's technical staff hard copy training and qualification files to determine the effectiveness of the implemented program and identify any weaknesses of the existing program at turn-over of responsibilities.

215

Safety System Oversight Program Assessment Criteria and Review Approach Document (CRAD), Revision 0  

NLE Websites -- All DOE Office Websites (Extended Search)

of 7 of 7 Safety System Oversight (SSO) Program Implementation Assessment Criteria and Review Approach Documents (CRADs) Revision 0 PROGRAM (PGM) OBJECTIVE PGM.1 An effective SSO Program is established by the Field Element Manager to apply engineering expertise to maintain safety system configuration and to assess system condition and effectiveness of safety management program implementation. Criteria PGM.1.1 The SSO Qualification Program is part of the Technical Qualification Program (DOE M 426.1-1A, Chapter III, Section 1, 2.b (1)). PGM.1.2 The SSO Program establishes appropriate training, qualification, and performance requirements for SSO personnel and the supervisors are held accountable for achieving them (DOE M 426.1-1A, Chapter III, Section 1, 2.b

216

Senegal-UNEP Risoe-Technology Needs Assessment Program | Open Energy  

Open Energy Info (EERE)

Senegal-UNEP Risoe-Technology Needs Assessment Program Senegal-UNEP Risoe-Technology Needs Assessment Program Jump to: navigation, search Name Senegal-UNEP Risoe-Technology Needs Assessment Program Agency/Company /Organization --Sean Esterly (talk) 13:29"--Sean Esterly (talk) 13:29" cannot be used as a page name in this wiki., 31 December 2013 (MST)UNEP-Risoe Centre Sector Energy Topics Background analysis, Low emission development planning, -Roadmap, Pathways analysis Website http://tech-action.org/ Country Senegal Western Africa References UNEP Risoe-Technology Needs Assessment Program[1] Abstract UNEP DTIE in collaboration with the UNEP Risoe Centre will provide targeted financial, technical and methodological support to assist a total of 35 to 45 countries to conduct TNA projects Overview

217

Senior Technical Safety Manager Qualification Program Self-Assessment- Chief of Nuclear Safety  

Energy.gov (U.S. Department of Energy (DOE))

This Chief of Nuclear Safety (CNS) Report was prepared to summarize the results of the July 2013 CNS self-assessment of the Senior Technical Safety Manager Qualification Program.

218

Assessing Student Knowledge and Perceptions of Factors Influencing Participation in Supervised Agricultural Experience Programs  

E-Print Network (OSTI)

The purpose of this study was to assess student knowledge and perceptions of factors influencing participation in Supervised Agricultural Experience (SAE) programs. This descriptive study was conducted in 120 randomly selected agricultural...

Lewis, Lauren Joanna

2012-07-16T23:59:59.000Z

219

E-Print Network 3.0 - assessment test program Sample Search Results  

NLE Websites -- All DOE Office Websites (Extended Search)

Powered by Explorit Topic List Advanced Search Sample search results for: assessment test program Page: << < 1 2 3 4 5 > >> 1 Creation of a MOPEDS Shaft Module The Advanced...

220

STUDENT LEARNING ASSESSMENT PROGRAM ARCHITECTURE: POST-PROFESSIONAL MASTER OF ARCHITECTURE  

E-Print Network (OSTI)

1 STUDENT LEARNING ASSESSMENT PROGRAM ARCHITECTURE: POST-PROFESSIONAL MASTER OF ARCHITECTURE M technological, social and economic forces are influencing architectural design, research, practice and pedagogy and/or advanced representational and/or fabrication techniques used in architectural design

Walter, M.Todd

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


221

Training Program EOC0012 Consequence Assessment Team Training  

NLE Websites -- All DOE Office Websites (Extended Search)

12 12 Consequence Assessment Team Training COURSE SYLLABUS Subject Category: Emergency Operations Schedule: N/A (online) Course Length: Approximately 1 hour Medical Approval: None Delivery Method: Online - offered through the Emergency Operations Training Academy (EOTA) http://eota.doeal.gov/ Location: N/A (online) Course Prerequisite: None Retraining/Recertification: Annually recommended Course Purpose: Designed as an orientation for members of the Emergency Operations Center (EOC) Consequence Assessment team who would be called upon to provide Hazard and Consequence and Meteorological data to assist in planning and response efforts. Course Objectives: The goal of this training is to serve as an orientation to consequence assessment. Students will identify the objectives

222

Object-oriented programming and software development: a critical assessment  

Science Journals Connector (OSTI)

In software engineering, object-oriented development is today the most popular programming, design and analysis approach. However, object orientation does not manage to address the needs of today's software construction in as radical and fundamental ...

Manfred Broy

2003-01-01T23:59:59.000Z

223

Technical Qualification Program Self-Assessment Report- Office of Science- 2013  

Energy.gov (U.S. Department of Energy (DOE))

Under DOE 426.1, Change 1. Headquarters and Field elements must conduct a self-assessment of Technical Qualification Program (TQP) and Federal Technical Capability Program (FTCP) implementation within their organization at least every four years. These assessments must be conducted in accordance with the requirements of DOE Order (0) 226.1 B, Implementation of Department of Energy Oversight Policy, dated 4-25-11, and the current objectives and criteria approved by the FTCP Chair.

224

Using an energy index to assess the effectiveness and potential of energy management programs  

SciTech Connect

A technique is presented for using an energy index to monitor a building's energy management program. A target Energy Utilizaiton Index (EUI) is computed, and this target is compared with current energy usage to assess the progress of energy conservation efforts. The method is relatively easy for the engineer to implement, and the information is in a form that provides the building operator with a quick assessment of the energy management program.

Steele, W.G.; Hodge, B.K.

1987-06-01T23:59:59.000Z

225

Geothermal direct heat program: roundup technical conference proceedings. Volume II. Bibliography of publications. State-coupled geothermal resource assessment program  

SciTech Connect

Lists of publications are presented for the Geothermal Resource Assessment Program for the Utah Earth Science Laboratory and the following states: Alaska, Arizona, California, Colorado, Hawaii, Idaho, Kansas, Montana, Nebraska, Nevada, New Mexico, New York, North Dakota, Oregon, Texas, Utah, and Washington.

Ruscetta, C.A. (ed.)

1982-07-01T23:59:59.000Z

226

An assessment of Thailand's feed-in tariff program  

Science Journals Connector (OSTI)

Abstract Thailand was one of the first Asian countries with a comprehensive feed-in tariff program, with streamlined interconnection regulations adopted by the Thai Cabinet in 2002 and technology-specific tariff Adders in 2006. This paper presents an overview of the country's feed-in tariff, or Adder, program and its development. As of December 2011, Thailand has about 8000MW of renewable energy projects in the pipeline seeking Adder and about 1000MW already connected and selling power to the grid. Thailand's feed-in tariff program has undergone significant transitions especially since 2010 in tariff levels and screening criteria partly in response to applications for 471 solar electric power plants exceeding 2000MW. A powerful new oversight committee comprising utility and Ministry of Energy representatives has raised concerns regarding transparency and consistency, and significantly reduced approval rates of new applications.

Sopitsuda Tongsopit; Chris Greacen

2013-01-01T23:59:59.000Z

227

T-547: Microsoft Windows Human Interface Device (HID) Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

547: Microsoft Windows Human Interface Device (HID) Vulnerability 547: Microsoft Windows Human Interface Device (HID) Vulnerability T-547: Microsoft Windows Human Interface Device (HID) Vulnerability February 1, 2011 - 3:20am Addthis PROBLEM Microsoft Windows Human Interface Device (HID) Vulnerability. PLATFORM: Microsoft 2003 SP2, Vista SP2, 2008 SP2, XP SP3, 7; and prior service packs ABSTRACT: Microsoft Windows does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a Smartphone that the user connected to the computer. reference LINKS: Security Lab: Reference CVE-2011-0638 CVE Details: Reference CVE-2011-0638 Mitre Reference: CVE-2011-0638

228

Livermore Field Office Technical Qualification Program Self Assessment Report, May 31, 2013  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Nuclear Security Administration (NNSA) Nuclear Security Administration (NNSA) Livermore Field Office Technical Qualification Program Self Assessment Report May 31, 2013 Assessment Team Richard crowe:NNSA NA-SH-80, Team Leader Dan Schwendenman, NNSA NA-SH-50 Carol lngn;:NNSA LFO Facility Operations Approved By: Phll ' F~nt .r/:;,/;.J ~I Date Date Date~/ NNSA Livermore Field Office TQP Self Assessment (NNSA LSO TQP SA) Report Table of Contents Executive Summary ............................................................................................................. 1 Introduction .......................................................................................................................... 3 Scope and Methodology ...................................................................................................... 3

229

U-197: Cisco Adaptive Security Appliances Denial of Service Vulnerability |  

NLE Websites -- All DOE Office Websites (Extended Search)

97: Cisco Adaptive Security Appliances Denial of Service 97: Cisco Adaptive Security Appliances Denial of Service Vulnerability U-197: Cisco Adaptive Security Appliances Denial of Service Vulnerability June 22, 2012 - 7:00am Addthis PROBLEM: A vulnerability has been reported in Cisco Adaptive Security Appliances (ASA), which can be exploited by malicious people to cause a DoS (Denial of Service). PLATFORM: Cisco Adaptive Security Appliance (ASA) 8.x Cisco ASA 5500 Series Adaptive Security Appliances ABSTRACT: The vulnerability is caused due to an unspecified error when handling IPv6 transit traffic and can be exploited to cause a reload of the affected device. reference LINKS: Vendor Advisory Secunia ID 49647 CVE-2012-3058 IMPACT ASSESSMENT: High Discussion: Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) and Cisco

230

V-237: TYPO3 Security Bypass Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

V-237: TYPO3 Security Bypass Vulnerabilities V-237: TYPO3 Security Bypass Vulnerabilities V-237: TYPO3 Security Bypass Vulnerabilities September 9, 2013 - 6:00am Addthis PROBLEM: Some vulnerabilities have been reported in TYPO3 PLATFORM: TYPO3 6.x ABSTRACT: TYPO3 comes with the possibility to restrict editors to certain file actions (copy, delete, move etc.) and to restrict these actions to be performed in certain locations REFERENCE LINKS: Secunia Advisory SA54717 Security Focus ID 62257 IMPACT ASSESSMENT: Medium DISCUSSION: 1) Some errors when handling file actions can be exploited to bypass file action permission restrictions and e.g. create or read arbitrary files within or outside the webroot. 2) An error when validating file names within the file renaming functionality can be exploited to bypass the denied file extensions check

231

U-002:Adobe Photoshop Elements Multiple Memory Corruption Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

02:Adobe Photoshop Elements Multiple Memory Corruption 02:Adobe Photoshop Elements Multiple Memory Corruption Vulnerabilities U-002:Adobe Photoshop Elements Multiple Memory Corruption Vulnerabilities October 4, 2011 - 11:00am Addthis PROBLEM: Adobe Photoshop Elements Multiple Memory Corruption Vulnerabilities. PLATFORM: Adobe Photoshop Elements 8.0 and earlier versions for Windows. ABSTRACT: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system. reference LINKS: Adobe Advisory: APSA11-03 SecurityTracker Alert ID: 1026132 SecurityFocus: CVE-2011-2443 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Adobe Photoshop Elements. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create a specially crafted '.grd' or '.abr' file that,

232

EPA`s program for risk assessment guidelines: Quantification issues  

SciTech Connect

The quantitative procedures associated with noncancer risk assessment include reference dose (RfD), benchmark dose, and severity modeling. The RfD, which is part of the EPA risk assessment guidelines, is an estimation of a level that is likely to be without any health risk to sensitive individuals. The RfD requires two major judgments: the first is choice of a critical effect(s) and its No Observed Adverse Effect Level (NOAEL); the second judgment is choice of an uncertainty factor. This paper discusses major assumptions and limitations of the RfD model.

Dourson, M.L. [Environmental Protection Agency, Washington, DC (United States)

1990-12-31T23:59:59.000Z

233

V-197: Adobe ColdFusion 10 WebSockets Security Bypass Vulnerability |  

NLE Websites -- All DOE Office Websites (Extended Search)

7: Adobe ColdFusion 10 WebSockets Security Bypass Vulnerability 7: Adobe ColdFusion 10 WebSockets Security Bypass Vulnerability V-197: Adobe ColdFusion 10 WebSockets Security Bypass Vulnerability July 11, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in Adobe ColdFusion PLATFORM: The vulnerability is reported in version 10 for Windows, Macintosh, and Linux ABSTRACT: The vulnerability is caused due to an unspecified error and can be exploited to invoke public methods on ColdFusion Components (CFC) using WebSockets REFERENCE LINKS: Secunia Advisory SA54024 Adobe Security Bulletin APSB13-19 Stackoverflow.com CVE-2013-3350 IMPACT ASSESSMENT: High DISCUSSION: The hotfix resolves a vulnerability that could permit an attacker to invoke public methods on ColdFusion Components (CFC) using WebSockets IMPACT: Security Bypass

234

T-543: Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities 3: Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities T-543: Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities January 26, 2011 - 7:35am Addthis PROBLEM: Wireshark is prone to multiple denial-of-service and buffer-overflow vulnerabilities. PLATFORM: Wireshark 0.8.20 through 1.2.8. ABSTRACT: Wireshark is prone to multiple denial-of-service and buffer-overflow vulnerabilities. Exploiting these issues may allow attackers to crash the application and deny service to legitimate users. Attackers may also execute arbitrary code in the context of vulnerable users running the application. reference LINKS: Securityfocus IMPACT ASSESSMENT: Medium Discussion: Wireshark is prone to multiple denial-of-service and buffer-overflow vulnerabilities.Exploiting these issues may allow attackers to crash the

235

U-218: Cisco Linksys WMB54G TFTP Command Injection Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

18: Cisco Linksys WMB54G TFTP Command Injection Vulnerability 18: Cisco Linksys WMB54G TFTP Command Injection Vulnerability U-218: Cisco Linksys WMB54G TFTP Command Injection Vulnerability July 23, 2012 - 6:49am Addthis PROBLEM: Cisco Linksys WMB54G TFTP Command Injection Vulnerability PLATFORM: Cisco Linksys WMB54G 1.x ABSTRACT: System access from local network reference LINKS: Bugtraq ID: 54615 Original Advisory Secunia Advisory SA49868 Cisco Advisory ID: cisco-sa-20111019-cs IMPACT ASSESSMENT: Medium Discussion: A vulnerability in Cisco Linksys WMB54G was reported, which can be exploited by malicious people to compromise a vulnerable device. The vulnerability is caused due to missing input validation in the TFTP service when running the firmware update functionality and can be exploited to inject and execute arbitrary shell commands. Additionally, it may be

236

U-099: MySQL Unspecified Code Execution Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

099: MySQL Unspecified Code Execution Vulnerability 099: MySQL Unspecified Code Execution Vulnerability U-099: MySQL Unspecified Code Execution Vulnerability February 9, 2012 - 7:00am Addthis PROBLEM: A vulnerability has been reported in MySQL, which can be exploited by malicious people to compromise a vulnerable system. PLATFORM: MySQL 5.x ABSTRACT: Successful exploitation allows execution of arbitrary code. Reference LINKS: Secunia Advisory SA47894 No CVE references currently available. IMPACT ASSESSMENT: Medium Discussion: The vulnerability is reported in version 5.5.20. Other versions may also be affected. The exploit has been tested with mysql-5.5.20-debian6.0-i686.deb on Debian 6.0. Impact: System access from local network Solution: An effective workaround cannot currently be provided due to limited vulnerability details.

237

V-114: RealPlayer MP4 Processing Buffer Overflow Vulnerability | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

14: RealPlayer MP4 Processing Buffer Overflow Vulnerability 14: RealPlayer MP4 Processing Buffer Overflow Vulnerability V-114: RealPlayer MP4 Processing Buffer Overflow Vulnerability March 19, 2013 - 12:01am Addthis PROBLEM: RealPlayer MP4 Processing Buffer Overflow Vulnerability PLATFORM: Versions prior to 16.0.1.18. ABSTRACT: A vulnerability has been reported in RealPlayer REFERENCE LINKS: RealNetworks, Inc Secunia Advisory SA52692 CVE-2013-1750 IMPACT ASSESSMENT: High DISCUSSION: The vulnerability is caused due to an error when processing MP4 files and can be exploited to cause a heap-based buffer overflow via a specially crafted MP4 file. IMPACT: Successful exploitation may allow execution of arbitrary code. SOLUTION: Update to version 16.0.1.18. Addthis Related Articles U-042: Mac RealPlayer Multiple Vulnerabilities V-228: RealPlayer Buffer Overflow and Memory Corruption Error Let Remote

238

T-716: Google SketchUp v8.x - '.DAE' File Memory Corruption Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Google SketchUp v8.x - '.DAE' File Memory Corruption 6: Google SketchUp v8.x - '.DAE' File Memory Corruption Vulnerability T-716: Google SketchUp v8.x - '.DAE' File Memory Corruption Vulnerability September 14, 2011 - 9:28am Addthis PROBLEM: Attackers may exploit this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. PLATFORM: Google SketchUp 8 is vulnerable; other versions may also be affected. ABSTRACT: Google SketchUp v8.x - '.DAE' File Memory Corruption Vulnerability reference LINKS: Vulnerability-Lab SketchUp Downloads IMPACT ASSESSMENT: Medium Discussion: A Memory Corruption vulnerability is detected on the Google s SketchUp v8.x. The vulnerability is caused by an memory corruption when processing corrupt DAE files through the filter, which could be exploited by attackers

239

V-070: Apache CouchDB Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Apache CouchDB Multiple Vulnerabilities 0: Apache CouchDB Multiple Vulnerabilities V-070: Apache CouchDB Multiple Vulnerabilities January 16, 2013 - 1:00am Addthis PROBLEM: Apache CouchDB Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 1.0.4, 1.1.2, and 1.2.1. ABSTRACT: Multiple vulnerabilities have been reported in Apache CouchDB REFERENCE LINKS: Secunia Advisory SA51765 Seclists.org/fulldisclosure/2013/Jan/80 Seclists.org/fulldisclosure/2013/Jan/81 Seclists.org/fulldisclosure/2013/Jan/82 CVE-2012-5641 CVE-2012-5649 CVE-2012-5650 IMPACT ASSESSMENT: Medium DISCUSSION: Multiple vulnerabilities have been reported in Apache CouchDB, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information. 1) Input passed via the query parameters to browser-based test suite is not

240

Vulnerability Analysis of Energy Delivery Control Systems  

Energy Savers (EERE)

services and applications * Known vulnerabilities are mitigated through effective patch management and removal of unneeded applications and services. New vulnerabilities in...

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


241

Technical Qualification Program Self-Assessment Report- Los Alamos Site Office- 2007  

Energy.gov (U.S. Department of Energy (DOE))

The Federal Technical Capability Manual requires periodic self-assessment of the effectiveness of the implementation of the Manual and the Technical Qualification Program utilizing a defined set of Objectives and Criteria. The assessment documented by this report is the first periodic review conducted at LASO to meet this requirement. The assessment results are intended to establish a base-line on which to develop and improve the program so no final grade was assigned; however, only six of the twelve Objectives were identified as being met.

242

EPa`s program for risk assessment guidelines: Exposure issues  

SciTech Connect

Three major issues to be dealt with over the next ten years in the exposure assessment field are: consistency in terminology, the impact of computer technology on the choice of data and modeling, and conceptual issues such as the use of time-weighted averages.

Callahan, M.A. [Environmental Protection Agency, Washington, DC (United States)

1990-12-31T23:59:59.000Z

243

DOE/EA-1535; Uranium Leasing Program Final Programmatic Environmental Assessment  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Leasing Program Leasing Program Final Programmatic Environmental Assessment July 2007 Office of Legacy Management DOE/EA 1535 - Work Performed Under DOE Contract No. for the U.S. Department of Energy Office of Legacy Management. DE-AC01-02GJ79491 Approved for public release; distribution is unlimited. Office of Legacy Management Office of Legacy Management Office of Legacy Management U.S. Department of Energy DOE/EA-1535 Uranium Leasing Program Final Programmatic Environmental Assessment July 2007 U.S. Department of Energy Office of Legacy Management U.S. Department of Energy Uranium Leasing Program Environmental Assessment July 2007 Doc. No. Y0011700 Page iii Contents Abbreviations and Acronyms ........................................................................................................

244

U.S. Global Change Research Program publishes "National Climate Assessment"  

Open Energy Info (EERE)

U.S. Global Change Research Program publishes "National Climate Assessment" U.S. Global Change Research Program publishes "National Climate Assessment" report for United States Home > Groups > OpenEI Community Central Graham7781's picture Submitted by Graham7781(2002) Super contributor 18 January, 2013 - 15:46 climate change drought OpenEI sea level rise temperatures U.S. Global Climate Change program The U.S. Global Change Research Program, established under the Department of Commerce in 2010, and partnered with NOAA, released an extensive National Climate Assessment report, projecting future climate changes in the United States under different scenarios. The 1,200 page report highlights some rather grim findings about the future of climate change. Here are 5 of the more disconcerting graphics from the report: 1. U.S. Average Temperatures

245

Comparing rating paradigms for evidence-based Program registers in behavioral health: Evidentiary criteria and implications for Assessing programs  

Science Journals Connector (OSTI)

Abstract Decision makers need timely and credible information about the effectiveness of behavioral health interventions. Online evidence-based program registers (EBPRs) have been developed to address this need. However, the methods by which these registers determine programs and practices as being evidence-based has not been investigated in detail. This paper examines the evidentiary criteria \\{EBPRs\\} use to rate programs and the implications for how different registers rate the same programs. Although the registers tend to employ a standard Campbellian hierarchy of evidence to assess evaluation results, there is also considerable disagreement among the registers about what constitutes an adequate research design and sufficient data for designating a program as evidence-based. Additionally, differences exist in how registers report findings of no effect, which may deprive users of important information. Of all programs on the 15 registers that rate individual programs, 79% appear on only one register. Among a random sample of 100 programs rated by more than one register, 42% were inconsistently rated by the multiple registers to some degree.

Stephanie N. Means; Stephen Magura; Jason T. Burkhardt; Daniela C. Schrter; Chris L.S. Coryn

2014-01-01T23:59:59.000Z

246

Radiological/Health physics program assessement at Rocky Flats, the process  

SciTech Connect

The Department of Energy, Rocky Flats Office, Safety and Health Group, Health Physics Team (HPT) is responsible for oversight of the Radiation Protection and Health Physics Program (RPHP) of the Integrating Management Contractor (IMC), Kaiser-Hill (K-H) operations at the Rocky Flats Environmental Technology Site (RFETS). As of 1 January 1996 the Rocky Flats Plant employed 300 DOE and 4,300 contractor personnel (K-H and their subcontractors). WSI is a subcontractor and provides plant security. To accomplish the RPHP program oversight HPT personnel developed a systematic methodology for performing a functional RPHP Assessment. The initial process included development of a flow diagram identifying all programmatic elements and assessment criteria documents. Formulation of plans for conducting interviews and performance of assessments constituted the second major effort. The generation of assessment reports was the final step, based on the results of this process. This assessment will be a 6 person-year effort, over the next three years. This process is the most comprehensive assessment of any Radiation Protection and Health Physics (RPHP) Program ever performed at Rocky Flats. The results of these efforts will establish a baseline for future RPHP Program assessments at RFETS. This methodology has been well-received by contractor personnel and creates no Privacy Act violations or other misunderstandings.

Psomas, P.O. [Department of Energy, Golden, CO (United States)

1996-06-01T23:59:59.000Z

247

U.S. Department of Energy State Coupled Resource Assessment Program Final Report for FY 1982  

SciTech Connect

During FY 1982, ESL/UURI tasks under the DOE State Coupled Program included: 2.1 Technical Assistance--Provide assistance to DOE through communicating program objectives, acting as liason among state contractors and other program participants, and writing periodic status reports. promote coordination of this program with other federal geothermal programs. 2.2 Technical Services--Provide geological, geochemical, and geophysical expertise and support as requested by state teams and other program participants to the extent made possible by funding. 2.3 Publications--Document and publish technical aspects of this program that are otherwise not documented in state contractor or other reports, provide DOE with semi-annual technical and status reports. This status report summarizes activities under 2.1 and 2.3. Technical services provided by ESL/UURI to individual state resource assessment teams are summarized in a separate technical support memorandum.

Foley, Duncan

1983-02-01T23:59:59.000Z

248

Low Dose Radiation Research Program: Assessing Biological Function of DNA  

NLE Websites -- All DOE Office Websites (Extended Search)

Assessing Biological Function of DNA Damage Response Genes Assessing Biological Function of DNA Damage Response Genes Larry H. Thompson Lawrence Livermore National Laboratory Why This Project To understand the relative importance of individual DNA repair and DNA-damage response pathways to the recovery of mammalian cells after exposure to low doses of ionizing radiation (IR). This understanding may lead to better ways of setting limits on human exposure to IR. In spite of the discovery of many mammalian DNA repair genes, our current knowledge of how many of these genes contribute to cellular recovery from IR exposure is quite limited. Project Goals Measure cellular responses at doses in the 5-100 cGy range, which generally cause changes too small to detect in normal, repair-proficient cells Focus on DNA double-strand breaks (DSBs) and DNA oxidative base

249

Kyiv institutional buildings sector energy efficiency program: Technical assessment  

SciTech Connect

The purpose of this assessment is to characterize the economic energy efficiency potential and investment requirements for space heating and hot water provided by district heat in the stock of state and municipal institutional buildings in the city of Kyiv. The assessment involves three activities. The first is a survey of state and municipal institutions to characterize the stock of institutional buildings. The second is to develop an estimate of the cost-effective efficiency potential. The third is to estimate the investment requirements to acquire the efficiency resource. Institutional buildings are defined as nonresidential buildings owned and occupied by state and municipal organizations. General categories of institutional buildings are education, healthcare, and cultural. The characterization activity provides information about the number of buildings, building floorspace, and consumption of space heating and hot water energy provided by the district system.

Secrest, T.J.; Freeman, S.L. [Pacific Northwest National Lab., Richland, WA (United States); Popelka, A. [Tysak Engineering, Acton, MA (United States); Shestopal, P.A.; Gagurin, E.V. [Agency for Rational Energy Use and Ecology, Kyiv (Ukraine)

1997-08-01T23:59:59.000Z

250

MAPPING CLIMATE CHANGE EXPOSURES, VULNERABILITIES,  

E-Print Network (OSTI)

MAPPING CLIMATE CHANGE EXPOSURES, VULNERABILITIES, AND ADAPTATION TO PUBLIC HEALTH RISKS's California Climate Change Center JULY 2012 CEC5002012041 Prepared for: California Energy Commission of California. #12; ii ABSTRACT This study reviewed first available frameworks for climate change adaptation

251

Handbook of the Vulnerable Plaque  

Science Journals Connector (OSTI)

...predominantly a secondary phenomenon; the true culprit in unstable ischemic heart disease is rupture of the underlying vulnerable atherosclerotic plaque. Handbook of the Vulnerable Plaque was edited by two distinguished leaders in interventional cardiology, Patrick Serruys and Ron Waksman. They assembled a who's... Angiographic observations in the early 1980s confirmed that acute coronary thrombosis was the proximate cause of acute myocardial infarction seminal studies that led to revolutionary treatments for the recanalization of occluded vessels. However, during ...

Goldstein J.

2005-06-02T23:59:59.000Z

252

DOE (Department of Energy)-Nuclear Energy Standards Program annual assessment, FY 1990  

SciTech Connect

To meet the objectives of the programs funded by the Department of Energy (DOE)-Nuclear Energy (NE) Technology Support Programs, the Performance Assurance Project Office (PAPO) administers a nuclear standards program and related activities and fosters the development and application of standards. This standards program is carried out in accordance with the principles in DOE Order 1300.2, Department of Energy Standards Program, December 18, 1980. The purposes of this effort, as set forth in three subtasks, are to (1) manage the NE Standards Program, (2) manage the development and maintenance of NE standards, and (3) operate an NE Standards Information Program. This report assesses the Performance Assurance Project Office (PAPO) activities in terms of the objectives of the Department of Energy-Nuclear Energy (DOE-NE) funded programs. To meet these objectives, PAPO administers a nuclear standards program and related activities and fosters the development and application of standards. This task is carried out in accordance with the principles set forth in DOE Order 1300.2, Department of Energy Standards Program, December 18, 1980, and DOE memorandum, Implementation of DOE Orders on Quality Assurance, Standards, and Unusual Occurrence Reporting for Nuclear Energy Programs, March 3, 1982, and with guidance from the DOE-NE Technology Support Programs. 1 tab. (JF)

Williams, D.L. Jr.

1990-11-01T23:59:59.000Z

253

1992--1993 low-temperature geothermal assessment program, Colorada  

SciTech Connect

Previous assessments of Colorado`s low-temperature geothermal resources were completed by the Colorado Geological Survey in 1920 and in the mid- to late-1970s. The purpose of the 1992--1993 low-temperature geothermal resource assessment is to update the earlier physical, geochemical, and utilization data and compile computerized databases of the location, chemistry, and general information of the low-temperature geothermal resources in Colorado. The main sources of the data included published data from the Colorado Geological Survey, the US Geological Survey WATSTOR database, and the files of the State Division of Water Resources. The staff of the Colorado Geological Survey in 1992 and 1993 visited most of the known geothermal sources that were recorded as having temperatures greater than 30{degrees}C. Physical measurements of the conductivity, pH, temperature, flow rate, and notes on the current geothermal source utilization were taken. Ten new geochemical analyses were completed on selected geothermal sites. The results of the compilation and field investigations are compiled into the four enclosed Quattro Pro 4 databases. For the purposes of this report a geothermal area is defined as a broad area, usually less than 3 sq mi in size, that may have several wells or springs. A geothermal site is an individual well or spring within a geothermal area. The 1992-1993 assessment reports that there are 93 geothermal areas in the Colorado, up from the 56 reported in 1978; there are 157 geothermal sites up from the 125 reported in 1978; and a total of 382 geochemical analyses are compiled, up from the 236 reported in 1978. Six geothermal areas are recommended for further investigation: Trimble Hot Springs, Orvis Hot Springs, an area southeast of Pagosa Springs, the eastern San Luis Valley, Rico and Dunton area, and Cottonwood Hot Springs.

Cappa, J.A.; Hemborg, H.T.

1995-01-01T23:59:59.000Z

254

Low-temperature resource assessment program. Final report  

SciTech Connect

The US Department of Energy - Geothermal Division (DOE/GD) recently sponsored the Low-Temperature Resource Assessment project to update the inventory of the nation`s low- and moderate-temperature geothermal resources and to encourage development of these resources. A database of 8,977 thermal wells and springs that are in the temperature range of 20{degrees}C to 150{degrees}C has been compiled for ten western states, an impressive increase of 82% compared to the previous assessments. The database includes location, descriptive data, physical parameters, water chemistry and references for sources of data. Computer-generated maps are also available for each state. State Teams have identified 48 high-priority areas for near-term comprehensive resource studies and development. Resources with temperatures greater than 50{degrees}C located within 8 km of a population center were identified for 271 collocated cities. Geothermal energy cost evaluation software has been developed to quickly identify the cost of geothermally supplied heat to these areas in a fashion similar to that used for conventionally fueled heat sources.

Lienau, P.J. [Oregon Inst. of Tech., Klamath Falls, OR (United States). Geo-Heat Center] [Oregon Inst. of Tech., Klamath Falls, OR (United States). Geo-Heat Center; Ross, H. [Utah Univ., Salt Lake City, UT (United States). Earth Sciences and Resources Inst.] [Utah Univ., Salt Lake City, UT (United States). Earth Sciences and Resources Inst.

1996-02-01T23:59:59.000Z

255

GUNNISON BASIN CLIMATE CHANGE VULNERABILITY ASSESSMENT  

E-Print Network (OSTI)

Climate change is already changing ecosystems and affecting people in the southwestern United States, as well as ecosystem services, e.g., water supply. The climate of the Gunnison Basin, Colorado Fish and Wildlife Service, US Forest Service, Upper Gunnison River Water Conservancy District, Western

Neff, Jason

256

Assessment of the industrial energy-conservation program. Final report of the Committee on Assessment of the Industrial Energy Conservation Program  

SciTech Connect

Industrial operations in the United States account for some 37% of the nation's consumptions of energy. It has been estimated that this figure will increase to 50% by 1990 unless appropriate industrial energy conservation measures are adopted. However, such measures are difficult to implement in spite of the potential of various existing, emerging, and advanced technologies that can be applied to the problem. Specifically, the application of many industrial energy conservation measures entails high economic, technological, and institutional risks and uncertainties that constrain industries from adopting such measures. Accordingly, in 1975 the federal government started a program designed to mitigate these risks and uncertainties via government-industry partnership arrangements in the interests of national energy conservation. An important element of this program is the Industrial Energy Conservation Program in the Federal Department of Energy (DOE). In June 1980, DOE asked the National Materials Advisory Board, a unit of the National Academy of Sciences-National Research Council, to form a study committee to assess the effectiveness of the Industrial Energy Conservation Program. The committee concluded that federal support embodied in the DOE program, present and planned, is important to conserving additional industrial energy. However, the committee also concluded that the program needs various improvements in project selection and management and in transfer of results to industry. The committee's findings and recommendations and the results of the deliberation of the committee's three panels, a special report on heat and power, and a report on the visit by four members of the committee to Japan are presented.

none,

1982-01-01T23:59:59.000Z

257

Los Alamos Site Office Nuclear Maintenance Management Program Oversight Self-Assessment, April 2011  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

11-18 11-18 Site: Los Alamos National Laboratory Subject: Office of Enforcement and Oversight's Office of Safety and Emergency Management Evaluations Activity Report for the Los Alamos Site Office Nuclear Maintenance Management Program Oversight Self-Assessment Dates of Activity : 11/14/2011 - 11/18/2011 Report Preparer: Tim Martin Activity Description/Purpose: This activity report documents the results of the U.S. Department of Energy (DOE) Office of Health, Safety and Security (HSS) review of the Los Alamos Site Office (LASO) self-assessment of LASO's Nuclear Maintenance Management Program (NMMP) oversight program and activities. This self-assessment was led by the DOE LASO Facility Operations/Safety Engineering Team's (FO/SET) Nuclear Facility Maintenance Manager and was

258

The 1980-1982 Geothermal Resource Assessment Program in Washington  

SciTech Connect

Since 1978, the Division of Geology and Earth Resources of the Washington Department of Natural Resources has participated in the U.S. Department of Energy's (USDOE) State-Coupled Geothermal Resource Program. Federal and state funds have been used to investigate and evaluate the potential for geothermal resources, on both a reconnaissance and area-specific level. Preliminary results and progress reports for the period up through mid-1980 have already been released as a Division Open File Report (Korosec, Schuster, and others, 1981). Preliminary results and progress summaries of work carried out from mid-1980 through the end of 1982 are presented in this report. Only one other summary report dealing with geothermal resource investigations in the state has been published. An Information Circular released by the Division (Schuster and others, 1978) compiled the geology, geochemistry, and heat flow drilling results from a project in the Indian Heaven area in the south Cascades. The previous progress report for the geothermal program (Korosec, Schuster, and others, 1981) included information on temperature gradients measured throughout the state, heat flow drilling in the southern Cascades, gravity surveys for the southern Cascades, thermal and mineral spring investigations, geologic mapping for the White Pass-Tumac Mountain area, and area specific studies for the Camas area of Clark County and Mount St. Helens. This work, along with some additional studies, led to the compilation of the Geothermal Resources of Washington map (Korosec, Kaler, and others, 1981). The map is principally a nontechnical presentation based on all available geothermal information, presented as data points, tables, and text on a map with a scale of 1:500,000.

Korosec, Michael A.; Phillips, William M.; Schuster, J.Eric

1983-08-01T23:59:59.000Z

259

IMPACTS: Industrial Technologies Program, Summary of Program Results for CY2009, Appendix 7: Methodology for Technology Tracking and Assessment of Benefits  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

191 DOE Industrial Technologies Program 191 DOE Industrial Technologies Program Appendix 7: Methodology for Technology Tracking and Assessment of Benefits u Technology Tracking............................................................................................................................................ 192 u Methods of Estimating Benefits.............................................................................................................................. 192 u Deriving the ITP Cost/Benefit Curve ...................................................................................................................... 193 Methodology for Technology Tracking and Assessment of Benefits

260

Chief of Nuclear Safety (CNS) Senior Technical Safety Manager (STSM) Qualification Program Self-Assessment Report - August 2013  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Chief of Nuclear Safety (CNS) Chief of Nuclear Safety (CNS) Self-Assessment Report Senior Technical Safety Manager Qualification Program CONTENTS Background ................................................................................................................................ 1 Results ....................................................................................................................................... 1 Assessment Criteria ................................................................................................................... 1 Finding ....................................................................................................................................... 2 Observation ............................................................................................................................... 2

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


261

Voluntary Agreements for Energy Efficiency or GHG Emissions Reduction in Industry: An Assessment of Programs Around the World  

E-Print Network (OSTI)

Energy or CO2 tax Energy Audits and Assessments Emissionssuch as free or low-cost energy audits or tax exemptions forinvestments in wind energy, audit programs, benchmarking,

Price, Lynn

2005-01-01T23:59:59.000Z

262

Assessment  

NLE Websites -- All DOE Office Websites (Extended Search)

Assessment of the Surveillance Program of the High-Level Waste Storage Tanks at Hanford :.I LALI iE REJ 163 ROOM 1t 4 F77L. -77 .:earmn OfEeg Asitn Sertr fo niomn 4 z. r...

263

Are Vulnerability Disclosure Deadlines Justified?  

SciTech Connect

Vulnerability research organizations Rapid7, Google Security team, and Zero Day Initiative recently imposed grace periods for public disclosure of vulnerabilities. The grace periods ranged from 45 to 182 days, after which disclosure might occur with or without an effective mitigation from the affected software vendor. At this time there is indirect evidence that the shorter grace periods of 45 and 60 days may not be practical. However, there is strong evidence that the recently announced Zero Day Initiative grace period of 182 days yields benefit in speeding up the patch creation process, and may be practical for many software products. Unfortunately, there is also evidence that the 182 day grace period results in more vulnerability announcements without an available patch.

Miles McQueen; Jason L. Wright; Lawrence Wellman

2011-09-01T23:59:59.000Z

264

International Nonproliferation Export Control Program (INECP)  

NLE Websites -- All DOE Office Websites (Extended Search)

Nonproliferation and Nonproliferation and National Security Program > TNPS > Strategic Trade Control > International Programs > INECP Nonproliferation & National Security (NPNS) Overview Technical Nonproliferation Policy Support Strategic Trade Control Review of export license applications Multilateral Export Control Arrangements Interdiction Engagement & Training INECP INSEP GIPP Safeguards Concepts and Approaches Human Capital Development Additional Protocol Technical Assistance National Security Systems & Assessments National Security Information Systems Vulnerability Assessment Team (VAT) Radiation Detection & Response (RDR) Contact NPNS Other Major Programs Work with Argonne Contact us For Employees Site Map Help Join us on Facebook Follow us on Twitter NE Division on Flickr

265

Super-Efficient Refrigerator Program (SERP) evaluation volume 2: Preliminary impact and market transformation assessment  

SciTech Connect

The Super Efficient Refrigerator Program (SERP) is a collaborative utility program intended to transform the market for energy-efficient and environmentally friendly refrigerators. It is one of the first examples of a large-scale {open_quotes}market transformation{close_quotes} energy efficiency program. This report documents the preliminary impact and market transformation evaluation of SERP ({open_quotes}the Program{close_quotes}). Pacific Northwest National Laboratory (PNNL) conducted this evaluation for the U.S. Department of Energy. This study focuses on the preliminary impact evaluation and market transformation assessment, but also presents limited process evaluation information. It is based on interviews with refrigerator dealers and manufacturers, interviews with utility participants, industry data, and information from the Program administrators. Results from this study complement those from prior process evaluation also conducted by PNNL. 42 refs., 5 figs., 4 tabs.

Lee, A.D.; Conger, R.L.

1996-08-01T23:59:59.000Z

266

End-Use Load and Consumer Assessment Program: motivation and overview  

Science Journals Connector (OSTI)

The End-Use Load and Consumer Assessment Program (ELCAP) was a major end-use data collection program undertaken by the Bonneville Power Administration from 1983 through 1990 to obtain specific information to support a variety of conservation and forecasting activities. The objectives of the program were to test key assumptions used in current engineering and forecasting models, provide insights regarding how various factors affect energy consumption, provide information to support load management conservation and marketing programs, and identify conservation resource potential from new demand-side technologies or programs. To accomplish this, a well-designed experiment was required that accounted for adequate representation of both existing and new buildings in the residential and commercial sector of the Pacific Northwest. This paper summarizes the motivations for obtaining the data, information regarding the sample, an overview of the analysis agenda, and specifics regarding the data set, both engineering and characteristics.

F.J. Peterson; J.E. Patton; M.E. Miller; R.A. Gillman; W.M. Warwick; W.F. Sandusky

1993-01-01T23:59:59.000Z

267

T-594: IBM solidDB Password Hash Authentication Bypass Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

94: IBM solidDB Password Hash Authentication Bypass 94: IBM solidDB Password Hash Authentication Bypass Vulnerability T-594: IBM solidDB Password Hash Authentication Bypass Vulnerability April 4, 2011 - 6:08am Addthis PROBLEM: A vulnerability has been reported in IBM solidDB, which can be exploited by malicious people to bypass certain security restrictions. PLATFORM: IBM solidDB 4.x - IBM solidDB 6.x ABSTRACT: This vulnerability could allow remote attackers to execute arbitrary code on vulnerable installations of IBM solidDB. Authentication is not required to exploit this vulnerability. REFERENCE LINKS: IBM Security Alert Secunia Advisory: SA44030 ZDI Advisory: ZDI-11-115 IBM solidDB Support IMPACT ASSESSMENT: Medium Discussion: The specific flaw exists within the solid.exe process which listens by default on TCP ports 1315, 1964 and 2315. The authentication protocol

268

V-086: IntegraXor ActiveX Control Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: IntegraXor ActiveX Control Buffer Overflow Vulnerability 6: IntegraXor ActiveX Control Buffer Overflow Vulnerability V-086: IntegraXor ActiveX Control Buffer Overflow Vulnerability February 7, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in IntegraXor PLATFORM: Integraxor Versions prior to 4.x ABSTRACT: The vulnerability is caused due to an error in the PE3DO32A.ocx ActiveX control and can be exploited to cause a buffer overflow. REFERENCE LINKS: Secunia Advisory SA52073 CVE-2012-4700 US-CERT Advisory IMPACT ASSESSMENT: High DISCUSSION: Successfully exploiting this vulnerability could lead to a DoS for the application or could allow an attacker to execute arbitrary code. IMPACT: Successful exploitation may allow execution of arbitrary code. SOLUTION: Update to version 4.00 build 4280.0 Addthis Related Articles

269

U-214: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U-214: HP Network Node Manager Java JDK / JRE Multiple U-214: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities U-214: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities July 17, 2012 - 7:00am Addthis PROBLEM: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in version 9.0x running on HP-UX, Linux, Solaris, and Windows. ABSTRACT: Vulnerabilities could be remotely exploited resulting in unauthorized information disclosure, modification, Denial of Service (DoS). reference LINKS: HP Support document ID: c03405642 Secunia Advisory SA49966 IMPACT ASSESSMENT: High Discussion: HP has acknowledged some vulnerabilities in HP Network Node Manager, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to disclose potentially

270

U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability January 23, 2012 - 9:00am Addthis PROBLEM: Linux Kernel "/proc//mem" Privilege Escalation Vulnerability. PLATFORM: Linux Kernel 2.6.x ABSTRACT: A vulnerability has been discovered in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges reference LINKS: Linux Kernel Update CVE-2012-0056 Red Hat Bugzilla Bug 782642 IMPACT ASSESSMENT: Medium Discussion: The vulnerability is caused due to the kernel not properly restricting access to "/proc//mem" file, which can be exploited to gain escalated privileges by e.g. writing into the memory of a privileged process.

271

V-185: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing 5: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing Vulnerability V-185: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing Vulnerability June 25, 2013 - 12:41am Addthis PROBLEM: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing Vulnerability PLATFORM: Apache OpenOffice SDK 3.x ABSTRACT: Apache has acknowledged a vulnerability in Apache OpenOffice SDK REFERENCE LINKS: Apache OpenOffice Secunia Advisory SA53963 Secunia Advisory SA53846 CVE-2013-1571 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to a UDK 3.2.7 Java API Reference JavaDoc file having been generated using a vulnerable version of Oracle Java. IMPACT: Apache can be exploited by malicious people to conduct spoofing attacks. SOLUTION: The vendor has issued a fix. Addthis Related Articles

272

U-224: ISC DHCP Multiple Denial of Service Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: ISC DHCP Multiple Denial of Service Vulnerabilities 4: ISC DHCP Multiple Denial of Service Vulnerabilities U-224: ISC DHCP Multiple Denial of Service Vulnerabilities July 31, 2012 - 7:00am Addthis PROBLEM: ISC DHCP Multiple Denial of Service Vulnerabilities PLATFORM: ISC DHCP before versions DHCP 4.1-ESV-R6 or DHCP 4.2.4-P1 ABSTRACT: ISC DHCP is prone to multiple denial-of-service vulnerabilities. reference LINKS: BIND and DHCP Security Updates Released Bugtraq ID: 54665 Secunia Advisory SA50018 CVE-2012-3571 CVE-2012-3570 CVE-2012-3954 IMPACT ASSESSMENT: Medium Discussion: Multiple vulnerabilities have been reported in ISC DHCP, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error when handling client identifiers can be exploited to trigger an endless loop and prevent the server from processing further client requests

273

U-214: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: HP Network Node Manager Java JDK / JRE Multiple 4: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities U-214: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities July 17, 2012 - 7:00am Addthis PROBLEM: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in version 9.0x running on HP-UX, Linux, Solaris, and Windows. ABSTRACT: Vulnerabilities could be remotely exploited resulting in unauthorized information disclosure, modification, Denial of Service (DoS). reference LINKS: HP Support document ID: c03405642 Secunia Advisory SA49966 IMPACT ASSESSMENT: High Discussion: HP has acknowledged some vulnerabilities in HP Network Node Manager, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to disclose potentially

274

V-211: IBM iNotes Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

211: IBM iNotes Multiple Vulnerabilities 211: IBM iNotes Multiple Vulnerabilities V-211: IBM iNotes Multiple Vulnerabilities August 5, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in IBM Lotus iNotes PLATFORM: IBM iNotes 9.x ABSTRACT: IBM iNotes has two cross-site scripting vulnerabilities and an ActiveX Integer overflow vulnerability REFERENCE LINKS: Secunia Advisory SA54436 IBM Security Bulletin 1645503 CVE-2013-3027 CVE-2013-3032 CVE-2013-3990 IMPACT ASSESSMENT: High DISCUSSION: 1) Certain input related to MIME mail is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) An integer overflow error within the DWA9W ActiveX control can be exploited to execute arbitrary code.

275

U-020: McAfee Web Gateway Web Access Cross Site Scripting Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: McAfee Web Gateway Web Access Cross Site Scripting 0: McAfee Web Gateway Web Access Cross Site Scripting Vulnerability U-020: McAfee Web Gateway Web Access Cross Site Scripting Vulnerability October 26, 2011 - 9:00am Addthis PROBLEM: McAfee Web Gateway Web Access Cross Site Scripting Vulnerability. PLATFORM: The vulnerability is reported in versions prior to 7.1.5.2. ABSTRACT: Cross-Site Scripting vulnerabilities allow a third party to manipulate the content or behavior of a web application in a user's browser, without compromising the underlying system. Attackers can exploit this issue by enticing an unsuspecting user to follow a malicious URI. reference LINKS: McAfee Web Gateway Release Notes Bugtraq ID: 50341 Secunia Advisory: SA46570 IMPACT ASSESSMENT: Medium Discussion: A vulnerability has been reported in McAfee Web Gateway, which can be

276

V-213: PuTTY SSH Handshake Integer Overflow Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: PuTTY SSH Handshake Integer Overflow Vulnerabilities 3: PuTTY SSH Handshake Integer Overflow Vulnerabilities V-213: PuTTY SSH Handshake Integer Overflow Vulnerabilities August 7, 2013 - 6:00am Addthis PROBLEM: SEARCH-LAB has reported some vulnerabilities in PuTTY PLATFORM: PuTTY 0.x ABSTRACT: The vulnerabilities can be exploited by malicious people to potentially compromise a user's system. REFERENCE LINKS: Secunia Advisory SA54354 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3520 CVE-2013-4206 CVE-2013-4207 CVE-2013-4208 CVE-2013-4852 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerabilities are caused due to some integer overflow errors when handling the SSH handshake and can be exploited to cause heap-based buffer overflows via a negative handshake message length. IMPACT: Successful exploitation of may allow execution of arbitrary code

277

U-098: ISC BIND Deleted Domain Name Resolving Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

098: ISC BIND Deleted Domain Name Resolving Vulnerability 098: ISC BIND Deleted Domain Name Resolving Vulnerability U-098: ISC BIND Deleted Domain Name Resolving Vulnerability February 8, 2012 - 7:00am Addthis PROBLEM: A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to bypass certain security restrictions. PLATFORM: ISC BIND 9.2.x ISC BIND 9.3.x ISC BIND 9.4.x ISC BIND 9.5.x ISC BIND 9.6.x ISC BIND 9.7.x ISC BIND 9.8.x ABSTRACT: The vulnerability is caused due to an error within the cache update policy. reference LINKS: Original Advisory Secunia Advisory SA47884 CVE-2012-1033 IMPACT ASSESSMENT: High Discussion: Researchers discovered a vulnerability affecting the large majority of popular DNS implementations which allows a malicious domain name to stay resolvable long after it has been removed from the upper level servers. The

278

V-005: ModSecurity Multipart Message Parsing Security Bypass Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: ModSecurity Multipart Message Parsing Security Bypass 5: ModSecurity Multipart Message Parsing Security Bypass Vulnerability V-005: ModSecurity Multipart Message Parsing Security Bypass Vulnerability October 18, 2012 - 6:00am Addthis PROBLEM: ModSecurity Multipart Message Parsing Security Bypass Vulnerability PLATFORM: Modsecurity Versions prior to 2.70 ABSTRACT: SEC Consult has reported a vulnerability in ModSecurity, which can be exploited by malicious people to bypass certain security restrictions REFERENCE LINKS: SEC Consult Secunia Advisory SA49853 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to an error when parsing multipart requests and can be exploited to bypass certain filtering rules. IMPACT: Remote Security Bypass SOLUTION: Update to version 2.70. Addthis Related Articles V-017: Apache Tomcat Security Bypass and Denial of Service Vulnerabilities

279

U-272: IBM WebSphere Commerce User Information Disclosure Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: IBM WebSphere Commerce User Information Disclosure 2: IBM WebSphere Commerce User Information Disclosure Vulnerability U-272: IBM WebSphere Commerce User Information Disclosure Vulnerability October 2, 2012 - 6:00am Addthis PROBLEM: IBM WebSphere Commerce User Information Disclosure Vulnerability PLATFORM: WebSphere Commerce Versions 6.0.0.0 to 6.0.0.11 WebSphere Commerce Versions 7.0.0.0 to 7.0.0.6 ABSTRACT: A vulnerability in WebSphere Commerce could allow disclosure of user personal data. reference LINKS: IBM Security Bulletin 1612484 X-Force Vulnerability Database (78867) Secunia Advisory SA50821 CVE-2012-4830 IMPACT ASSESSMENT: Medium Discussion: A remote unauthenticated attacker could exploit a security vulnerability in WebSphere Commerce to expose user personal data. The attack can be performed manually and the effort required is comparatively low.

280

U-065: Microsoft Windows win32k.sys Memory Corruption Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Microsoft Windows win32k.sys Memory Corruption Vulnerability 5: Microsoft Windows win32k.sys Memory Corruption Vulnerability U-065: Microsoft Windows win32k.sys Memory Corruption Vulnerability December 20, 2011 - 9:45am Addthis PROBLEM: Microsoft Windows win32k.sys Memory Corruption Vulnerability. PLATFORM: Operating System Microsoft Windows 7 ABSTRACT: Successful exploitation may allow execution of arbitrary code with kernel-mode privileges. reference LINKS: Secunia Advisory SA47237 MS11-087:Article ID: 2639417 IMPACT ASSESSMENT: High Discussion: A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory via e.g. a specially crafted web page

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


281

V-082: Novell GroupWise Client Two Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Novell GroupWise Client Two Vulnerabilities 2: Novell GroupWise Client Two Vulnerabilities V-082: Novell GroupWise Client Two Vulnerabilities February 1, 2013 - 6:00am Addthis PROBLEM: Two vulnerabilities have been reported in Novell GroupWise Client PLATFORM: Novell GroupWise 2012 Novell GroupWise Client 2012 Novell GroupWise Client 8.x Novell GroupWise Server 8.x ABSTRACT: Two vulnerabilities have been reported in Novell GroupWise Client which can be exploited by malicious people to compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52031 CVE-2012-0439 CVE-2013-0804 Novell KB 7011687 Novell KB 7011688 IMPACT ASSESSMENT: High DISCUSSION: The GroupWise Client for Windows is vulnerable to an ActiveX Control exploit where by enticing a target user to open a malicious file or visit a malicious page, a remote attacker could execute arbitrary code on

282

U-276: VMware vCenter Operations Cross-Site Scripting Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

76: VMware vCenter Operations Cross-Site Scripting Vulnerability 76: VMware vCenter Operations Cross-Site Scripting Vulnerability U-276: VMware vCenter Operations Cross-Site Scripting Vulnerability October 8, 2012 - 7:00am Addthis PROBLEM: VMware vCenter Operations Cross-Site Scripting Vulnerability PLATFORM: VMware vCenter Operations 1.x ABSTRACT: A vulnerability has been reported in VMware vCenter Operations, which can be exploited by malicious people to conduct cross-site scripting attacks. reference LINKS: Original Advisory Secunia Advisory SA50795 CVE-2012-5050 IMPACT ASSESSMENT: Medium Discussion: Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Impact: A vulnerability in VMware vCenter Operations, which can be exploited to

283

T-655: Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability 5: Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability T-655: Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability June 27, 2011 - 4:31pm Addthis PROBLEM: Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability PLATFORM: Mozilla Firefox ABSTRACT: Mozilla Firefox is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. reference LINKS: Securityfocus Mozilla Firefox Homepage MFSA 2011-27: XSS encoding hazard with inline SVG IMPACT ASSESSMENT: High Discussion: Mozilla Firefox is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to

284

U-228: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities 8: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities U-228: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities August 6, 2012 - 7:00am Addthis PROBLEM: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities PLATFORM: Adobe Flash Player versions included with BlackBerry PlayBook tablet software versions 2.0.1.358 and earlier. ABSTRACT: Vulnerabilities in Adobe Flash Player version included with the BlackBerry PlayBook tablet software reference LINKS: BlackBerry Article ID: KB31675 Secunia Advisory SA50164 CVE-2012-0752 CVE-2012-0753 CVE-2012-0754 CVE-2012-0755 CVE-2012-0756 CVE-2012-0767 CVE-2012-0768 CVE-2012-0769 CVE-2012-0773 CVE-2012-0779 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in BlackBerry Tablet OS, which

285

Review of the Los Alamos Site Office Safety System Oversight Program Self-Assessment, March 2012  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Site Office Site Office Safety System Oversight Program Self-Assessment March 2012 Office of Safety and Emergency Management Evaluations Office of Enforcement and Oversight Office of Health, Safety and Security U.S. Department of Energy i Table of Contents 1.0 Purpose ................................................................................................................................................... 1 2.0 Background ............................................................................................................................................ 1 3.0 Scope ...................................................................................................................................................... 1

286

Assessing the Feasibility of An Energy Savings Incentive Program for Williams College  

E-Print Network (OSTI)

". http://www.williams.edu/resources/sustainability/co2_goals.php Accessed May 11, 2010. 2 "CollegeAssessing the Feasibility of An Energy Savings Incentive Program for Williams College By Corey Benson #12;2 Introduction In January 2007, Williams College committed to lower its CO2 emissions 10

Aalberts, Daniel P.

287

Graduate Program in Chemical and Biochemical Engineering Master of Engineering Degree Learning Goals and Assessment  

E-Print Network (OSTI)

Pharmaceutical Process Design I (Synthesis, Separation and Sterile Processing in the Pharmaceutical Industry to Pharmaceutical Engineering and Science. The graduate program also meets the expectations and standards of Pharmaceutical Engineering and Science Assessment of graduate student achievement of Goal 1: Grades in graduate

288

Project Information Form Project Title Program for Vehicle Regulatory Reform: Assessing Life Cycle-Based  

E-Print Network (OSTI)

,931.44 Total Project Cost $98,931.44 Agency ID or Contract Number DTRT13-G-UTC29 Start and End Dates November 1Project Information Form Project Title Program for Vehicle Regulatory Reform: Assessing Life Cycle, 2014 ­ October 31, 2015 Brief Description of Research Project Current greenhouse gas emissions

California at Davis, University of

289

Technical Qualification Program Self-Assessment Report- Los Alamos Site Office- 2011  

Energy.gov (U.S. Department of Energy (DOE))

The overall approach of the TQP self-assessment was to evaluate the personnel, procedures, and management control systems that demonstrate an effective program for ensuring the technical capability of LASO employees whose responsibilities require them to provide assistance, guidance, direction, oversight, or evaluation of contractor activities that could impact the safe operation of a defense nuclear facility.

290

Review of the Los Alamos Site Office Safety System Oversight Program Self-Assessment, March 2012  

NLE Websites -- All DOE Office Websites (Extended Search)

Site Office Site Office Safety System Oversight Program Self-Assessment March 2012 Office of Safety and Emergency Management Evaluations Office of Enforcement and Oversight Office of Health, Safety and Security U.S. Department of Energy i Table of Contents 1.0 Purpose ................................................................................................................................................... 1 2.0 Background ............................................................................................................................................ 1 3.0 Scope ...................................................................................................................................................... 1

291

The Status of Plant Life Assessment Program of Wolsong Unit 1  

SciTech Connect

Wolsong Unit 1 is a CANDU plant which began its commercial operation in 1983 with design life of 30 years. Korea Electric Power Research Institute (KEPRI) had performed the phase 1 of plant life assessment program of Wolsong Unit 1 from the year of 2000 to 2003. The following program phase II is on going to 2007 in order to assess in-detail life evaluation and aging management program development. The phase 1 performed life evaluations of critical components such as fuel channels, feeder pipes, steam-generators and so on. The phase II assesses aging degradations and residual life of the components, structures, and systems (SSCs) screened as important to the continued operation beyond its design life. This paper summarizes recent trends of CANDU PLiM (plant lifetime management) in Canada and introduces the status of Wolsong Unit 1 plant life assessment program in Korea. KEPRI and KHNP (Korea Hydro and Nuclear Power) had performed aging analysis of the fuel channels and feeder pipes of Wolsong Unit 1. The aging analysis showed that some fuel channels could be elongated longer and the thickness of some feeder pipes less than the criteria before plant design life. (authors)

Taek-Ho, Song; Ill-Seok, Jeong; Sung-Yull, Hong [Korea Electric Power Research Institute, 103-16, Munji-dong, Yousung-Gu, Daejeon (Korea, Republic of); Sue-Deuk, Lee [Korea Hydro and Nuclear Power (Korea, Republic of)

2006-07-01T23:59:59.000Z

292

Environmental Hazards Assessment Program annual report, July 1, 1993--June 30, 1994  

SciTech Connect

On June 23, 1992, the US Department of Energy (DOE) signed Assistance Instrument Number DE-FG01-92EW50625 with the Medical University of South Carolina (MUSC) to support the Environmental Hazards Assessment Program (EHAP). The objectives of the EHAP program stated in the proposal to DOE are to: (1) Develop a holistic, national basis for risk assessment, risk management, and risk communication which recognizes the direct impact of environmental hazards on the health and well-being of all. (2) Develop a pool of talented scientists and experts in cleanup activities, especially in human health aspects; and (3) Identify needs and develop programs addressing the critical shortage of well-educated, highly-skilled technical and scientific personnel to address the health oriented aspects of environmental restoration and waste management. This report describes activities and reports on progress for the second year of the grant.

Not Available

1994-08-17T23:59:59.000Z

293

Assessing green energy economy stimulus packages: Evidence from the U.S. programs targeting renewable energy  

Science Journals Connector (OSTI)

Abstract The paper provides a comprehensive empirical assessment of American stimulus policies aimed at renewable energy (RE) technologies. We use an indicator-based methodology to assess progress with respect to energy, environmental and socio-economic issues resulting from RE stimulus programs linked to the American Recovery and Reinvestment Act, and review and analyze the emerging but scattered literature. Overall, our results indicate that stimulus programs have had a positive effect on the RE sector. This is despite the fact that they were originally planned to work in combination with a greenhouse gas cap-and-trade system, which has not been implemented. From the methodological perspective, our approach is resource-intensive and our analysis highlights numerous challenges, notably related to causality and additionality. Despite these limitations, this research improves our understanding of the broad effects and impacts of RE stimulus programs.

Luis Mundaca; Jessika Luth Richter

2015-01-01T23:59:59.000Z

294

Vulnerability Analysis Considerations for the Transportation of Special Nuclear Material  

SciTech Connect

The vulnerability analysis methodology developed for fixed nuclear material sites has proven to be extremely effective in assessing associated transportation issues. The basic methods and techniques used are directly applicable to conducting a transportation vulnerability analysis. The purpose of this paper is to illustrate that the same physical protection elements (detection, delay, and response) are present, although the response force plays a dominant role in preventing the theft or sabotage of material. Transportation systems are continuously exposed to the general public whereas the fixed site location by its very nature restricts general public access.

Nicholson, Lary G.; Purvis, James W.

1999-07-21T23:59:59.000Z

295

Results of a Strategic Assessment of NRC's Low-Level Radioactive Waste Program  

SciTech Connect

NRC recently completed a strategic assessment of its low-level radioactive waste (LLW) regulatory program. In this paper, we provide the results of this assessment - a prioritized list of activities for our LLW program in the next several years - along with a description of the circumstances that required us to undertake this assessment and the process we used. We obtained ideas from a wide variety of stakeholders on activities we could undertake, and we evaluated them in light of our overall strategic objectives for ensuring safety and security, as well as a number of other factors. We ranked 7 of the 20 activities evaluated as high priority. Their completion in the next several years will help to ensure that LLW will continue to be managed and disposed of safely and securely. (authors)

Bradford, A.W.; Camper, L.W.; Flanders, S.C.; Kennedy, J.E.; Shaffner, J.A.; Tokar, M.; Whited, A.R. [NRC LLW Branch, Mail Stop T-8-F-5, U.S. Nuclear Regulatory Commission, Washington DC (United States)

2008-07-01T23:59:59.000Z

296

CLIMATE CHANGE IMPACTS, VULNERABILITIES, AND  

E-Print Network (OSTI)

CLIMATE CHANGE IMPACTS, VULNERABILITIES, AND ADAPTATION IN THE SAN FRANCISCO BAY AREA Commission's California Climate Change Center JULY 2012 CEC5002012071 Prepared for: California Energy, as well as projections of future changes in climate based on modeling studies using various plausible

297

Threat Insight Quarterly Vulnerability Management  

E-Print Network (OSTI)

X-Force ® Threat Insight Quarterly Vulnerability Management July 2006 #12;X - F O R C E T H R E.................. 7 X-Force Catastrophic Risk Index.............................. 10 Future X-Force Threat Insight Introduction There is a wide range of threats that can exist in any network. The presence of unpatched

298

Vulnerability Analysis of Energy Delivery Control Systems - 2011 |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Vulnerability Analysis of Energy Delivery Control Systems - 2011 Vulnerability Analysis of Energy Delivery Control Systems - 2011 Vulnerability Analysis of Energy Delivery Control Systems - 2011 Cybersecurity for energy delivery systems has emerged as one of the Nation's most serious grid modernization and infrastructure protection issues. Cyber adversaries are becoming increasingly targeted, sophisticated, and better financed. The energy sector must research, develop and deploy new cybersecurity capabilities faster than the adversary can launch new attack tools and techniques. The goal of the U.S. Department of Energy Office of Electricity Delivery and Energy Reliability (DOE/OE) National Supervisory Control and Data Acquisition (SCADA) Test Bed (NSTB) program is to enhance the reliability and resiliency of the Nation's energy infrastructure by reducing the risk

299

Strategic Environmental Research and Development Program: Atmospheric Remote Sensing and Assessment Program -- Final Report. Part 1: The lower atmosphere  

SciTech Connect

This report documents work done between FY91 and FY95 for the lower atmospheric portion of the joint Department of Defense (DoD) and Department of Energy (DOE) Atmospheric Remote Sensing and Assessment Program (ARSAP) within the Strategic Environmental Research and Development Program (SERDP). The work focused on (1) developing new measurement capabilities and (2) measuring atmospheric heating in a well-defined layer and then relating it to cloud properties an water vapor content. Seven new instruments were develop3ed for use with Unmanned Aerospace Vehicles (UAVs) as the host platform for flux, radiance, cloud, and water vapor measurements. Four major field campaigns were undertaken to use these new as well as existing instruments to make critically needed atmospheric measurements. Scientific results include the profiling of clear sky fluxes from near surface to 14 km and the strong indication of cloudy atmosphere absorption of solar radiation considerably greater than predicted by extant models.

Tooman, T.P. [ed.] [Sandia National Labs., Livermore, CA (United States). Exploratory Systems Technology Dept.

1997-01-01T23:59:59.000Z

300

Locating Climate Insecurity: Where Are the Most Vulnerable Places in  

Open Energy Info (EERE)

Locating Climate Insecurity: Where Are the Most Vulnerable Places in Locating Climate Insecurity: Where Are the Most Vulnerable Places in Africa? Jump to: navigation, search Tool Summary LAUNCH TOOL Name: Locating Climate Insecurity: Where Are the Most Vulnerable Places in Africa? Agency/Company /Organization: The Robert Strauss Center Topics: Co-benefits assessment, Background analysis Resource Type: Publications Website: ccaps.strausscenter.org/system/research_items/pdfs/19/original.pdf?128 UN Region: "Sub-Saharan Africa" is not in the list of possible values (Eastern Africa, Middle Africa, Northern Africa, Southern Africa, Western Africa, Caribbean, Central America, South America, Northern America, Central Asia, Eastern Asia, Southern Asia, South-Eastern Asia, Western Asia, Eastern Europe, Northern Europe, Southern Europe, Western Europe, Australia and New Zealand, Melanesia, Micronesia, Polynesia, Latin America and the Caribbean) for this property.

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


301

T-657: Drupal Prepopulate - Multiple vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Drupal Prepopulate - Multiple vulnerabilities 7: Drupal Prepopulate - Multiple vulnerabilities T-657: Drupal Prepopulate - Multiple vulnerabilities June 29, 2011 - 3:34pm Addthis PROBLEM: Prepopulate module enables pre-populating forms in Drupal using the $_REQUEST vairable. PLATFORM: Prepopulate module for Drupal 6.x versions prior to 6.x-2.2 ABSTRACT: The module does not adequately validate user input leading to an cross-site scripting (XSS) possibility in certain circumstances. reference LINKS: Advisory ID: DRUPAL-SA-CONTRIB-2011-023 Prepopulate module Prepopulate 6.x-2.2 Update IMPACT ASSESSMENT: High Discussion: The Prepopulate module enables pre-populating forms in Drupal using the $_REQUEST vairable. The module does not adequately validate user input leading to an cross-site scripting (XSS) possibility in certain circumstances. Users privileged to

302

V-107: Wireshark Multiple Denial of Service Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Wireshark Multiple Denial of Service Vulnerabilities 7: Wireshark Multiple Denial of Service Vulnerabilities V-107: Wireshark Multiple Denial of Service Vulnerabilities March 8, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Wireshark PLATFORM: Wireshark 1.6.x and 1.8.x ABSTRACT: Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). REFERENCE LINKS: Secunia Advisory SA52471 Wireshark Release Notes 1.8.6 Wireshark Release Notes 1.6.1.4 CVE-2013-2475 CVE-2013-2476 CVE-2013-2477 CVE-2013-2478 CVE-2013-2479 CVE-2013-2480 CVE-2013-2481 CVE-2013-2482 CVE-2013-2483 CVE-2013-2484 CVE-2013-2485 CVE-2013-2486 CVE-2013-2487 CVE-2013-2488 IMPACT ASSESSMENT: Medium DISCUSSION: 1) An error in the TCP dissector when processing certain packets can be

303

V-107: Wireshark Multiple Denial of Service Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Wireshark Multiple Denial of Service Vulnerabilities 7: Wireshark Multiple Denial of Service Vulnerabilities V-107: Wireshark Multiple Denial of Service Vulnerabilities March 8, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Wireshark PLATFORM: Wireshark 1.6.x and 1.8.x ABSTRACT: Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). REFERENCE LINKS: Secunia Advisory SA52471 Wireshark Release Notes 1.8.6 Wireshark Release Notes 1.6.1.4 CVE-2013-2475 CVE-2013-2476 CVE-2013-2477 CVE-2013-2478 CVE-2013-2479 CVE-2013-2480 CVE-2013-2481 CVE-2013-2482 CVE-2013-2483 CVE-2013-2484 CVE-2013-2485 CVE-2013-2486 CVE-2013-2487 CVE-2013-2488 IMPACT ASSESSMENT: Medium DISCUSSION: 1) An error in the TCP dissector when processing certain packets can be

304

Safeguarding Children and Vulnerable Adults Introduction  

E-Print Network (OSTI)

Safeguarding Children and Vulnerable Adults Introduction The University is expected and has a responsibility to take appropriate steps to safeguard children and vulnerable adults who are on University · Safeguarding:"Institutionshaveanenhanceddutytowardschildren,andsafeguardingispartofthatcommon-lawdutyof care

Aickelin, Uwe

305

Environmental Hazards Assessment Program. Volume 4: Annual report, July 1, 1993--June 30, 1994  

SciTech Connect

The Medical University of South Carolina`s (MUSC) vision is to become the premier national resource for medical information and for environmental/health risk assessment. A key component to the success of the many missions of the Environmental Hazards Assessment Program (EHAP) is timely access to large volumes of data. The significant growth in the number of environmental/health information systems that has occurred over the past few years has made data access challenging. This study documents the results of the needs assessment effort conducted to determine the information access and processing requirements of EHAP. The following topics are addressed in this report: immunological consequences of beryllium exposure; assessment of genetic risks to environmental diseases; low dose-rate radiation health effects; environmental risk perception in defined populations; information support and access systems; and environmental medicine and risk communication: curriculum and a professional support network-Department of Family Medicine.

Not Available

1994-09-01T23:59:59.000Z

306

Pollution prevention opportunity assessment for Sandia National Laboratories/California recycling programs.  

SciTech Connect

This Pollution Prevention Opportunity Assessment (PPOA) was conducted for the Sandia National Laboratories/California (SNL/CA) Environmental Management Department between May 2006 and March 2007, to evaluate the current site-wide recycling program for potential opportunities to improve the efficiency of the program. This report contains a summary of the information collected and analyses performed with recommended options for implementation. The SNL/NM Pollution Prevention (P2) staff worked with the SNL/CA P2 Staff to arrive at these options.

Wrons, Ralph Jordan; Vetter, Douglas Walter

2007-07-01T23:59:59.000Z

307

The North American Regional Climate Change Assessment Program: Overview of Phase I Results  

SciTech Connect

The North American Regional Climate Change Assessment Program is an international effort designed to systematically investigate the uncertainties in regional scale projections of future climate and produce high resolution climate change scenarios using multiple regional climate models (RCMs) nested within atmosphere ocean general circulation models (AOGCMs) forced with the A2 SRES scenario, with a common domain covering the conterminous US, northern Mexico, and most of Canada. The program also includes an evaluation component (Phase I) wherein the participating RCMs are nested within 25 years of NCEP/DOE global reanalysis II. The grid spacing of the RCM simulations is 50 km.

Mearns, L. O.; Arritt, R.; Biner, S.; Bukovsky, Melissa; McGinnis, Seth; Sain, Steve; Caya, Daniel; Correia Jr., James; Flory, Dave; Gutowski, William; Takle, Gene; Jones, Richard; Leung, Lai-Yung R.; Moufouma-Okia, Wilfran; McDaniel, Larry; Nunes, A.; Qian, Yun; Roads, J.; Sloan, Lisa; Snyder, Mark A.

2012-09-20T23:59:59.000Z

308

Waste Isolation Pilot Plant Medical Screening Program, Phase I: Needs Assessment  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Waste Isolation Pilot Plant Waste Isolation Pilot Plant Medical Screening Program Phase I: Needs Assessment Presented to the Office of Worker Screening and Compensation Support, Office of Health, Safety, and Security U.S. Department of Energy Prepared by Queens College, City University of New York United Steelworkers Original Draft: August 22, 2011 Updated Version: May 1, 2012 Table of Contents Summary.............................................................................3 I. Background on the Former Worker Program................................4 II. History of the WIPP Facility......................................................4 III. Scope of this Report.................................................................7 IV. Exposure Characterization........................................................8

309

V-211: IBM iNotes Multiple Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE))

IBM iNotes has two cross-site scripting vulnerabilities and an ActiveX Integer overflow vulnerability

310

Liquefied gaseous fuels safety and environmental control assessment program: third status report  

SciTech Connect

This Status Report contains contributions from all contractors currently participating in the DOE Liquefied Gaseous Fuels (LG) Safety and Environmental Control Assessment Program and is presented in two principal sections. Section I is an Executive Summary of work done by all program participants. Section II is a presentation of fourteen individual reports (A through N) on specific LGF Program activities. The emphasis of Section II is on research conducted by Lawrence Livermore National Laboratory (Reports A through M). Report N, an annotated bibliography of literature related to LNG safety and environmental control, was prepared by Pacific Northwest Laboratory (PNL) as part of its LGF Safety Studies Project. Other organizations who contributed to this Status Report are Aerojet Energy Conversion Company; Applied Technology Corporation; Arthur D. Little, Incorporated; C/sub v/ International, Incorporated; Institute of Gas Technology; and Massachusetts Institute of Technology. Separate abstracts have been prepared for Reports A through N for inclusion in the Energy Data Base.

Not Available

1982-03-01T23:59:59.000Z

311

CERTS 2012 Program Review - Reliability Standards Analysis and Assessment - Gil Tam, EPG  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

12-13, 2012 12-13, 2012 Washington, DC FY12 DOE/CERTS Transmission Reliability R&D Internal Program Review Research Projects Reliability Standards Analysis and Assessments  Frequency Response Event Collection and Analysis  NERC Interconnections 2011 Annual Grid Reliability Performance Analysis and Report Page 1 Reliability Standards Analysis and Assessment  Objective: Support the NERC committees/groups (Resource Subcommittee and RS- Frequency Working Group) in the following ways: - Perform grid reliability metrics analysis using data collected in CERTS applications as requested by the RS - Analyze collected data to assess reliability performance at different levels - Interconnection, Reliability Coordinator, Balancing Authority - Perform analysis, testing, and monitoring of current and proposed

312

Preliminary Assessment of the Hanford Tank Waste Feed Acceptance and Product Qualification Programs  

SciTech Connect

The U.S. Department of Energy Office of Environmental Management (EM) is engaging the national laboratories to provide the scientific and technological rigor to support EM program and project planning, technology development and deployment, project execution, and assessment of program outcomes. As an early demonstration of this new responsibility, Savannah River National Laboratory (SRNL) and Pacific Northwest National Laboratory (PNNL) have been chartered to implement a science and technology program addressing Hanford Tank waste feed acceptance and product qualification. As a first step, the laboratories examined the technical risks and uncertainties associated with the planned waste feed acceptance and qualification testing for Hanford tank wastes. Science and technology gaps were identified for work associated with 1) feed criteria development with emphasis on identifying the feed properties and the process requirements, 2) the Tank Waste Treatment and Immobilization Plant (WTP) process qualification program, and 3) the WTP HLW glass product qualification program. Opportunities for streamlining the accetpance and qualification programs were also considered in the gap assessment. Technical approaches to address the science and technology gaps and/or implement the opportunities were identified. These approaches will be further refined and developed as strong integrated teams of researchers from national laboratories, contractors, industry, and academia are brought together to provide the best science and technology solutions. Pursuing the identified approaches will have immediate and long-term benefits to DOE in reducing risks and uncertainties associated with tank waste removal and preparation, transfers from the tank farm to the WTP, processing within the WTP Pretreatment Facility, and in producing qualified HLW glass products. Additionally, implementation of the identified opportunities provides the potential for long-term cost savings given the anticipated facility life of WTP.

Herman, C. C.; Adamson, Duane J.; Herman, D. T.; Peeler, David K.; Poirier, Micheal R.; Reboul, S. H.; Stone, M. E.; Peterson, Reid A.; Chun, Jaehun; Fort, James A.; Vienna, John D.; Wells, Beric E.

2013-04-01T23:59:59.000Z

313

Climate Change and Infrastructure, Urban Systems, and Vulnerabilities  

SciTech Connect

This Technical Report on Climate Change and Infrastructure, Urban Systems, and Vulnerabilities has been prepared for the U.S. Department of Energy by the Oak Ridge National Laboratory in support of the U.S. National Climate Assessment (NCA). It is a summary of the currently existing knowledge base on its topic, nested within a broader framing of issues and questions that need further attention in the longer run. The report arrives at a number of assessment findings, each associated with an evaluation of the level of consensus on that issue within the expert community, the volume of evidence available to support that judgment, and the section of the report that provides an explanation for the finding. Cross-sectoral issues related to infrastructures and urban systems have not received a great deal of attention to date in research literatures in general and climate change assessments in particular. As a result, this technical report is breaking new ground as a component of climate change vulnerability and impact assessments in the U.S., which means that some of its assessment findings are rather speculative, more in the nature of propositions for further study than specific conclusions that are offered with a high level of confidence and research support. But it is a start in addressing questions that are of interest to many policymakers and stakeholders. A central theme of the report is that vulnerabilities and impacts are issues beyond physical infrastructures themselves. The concern is with the value of services provided by infrastructures, where the true consequences of impacts and disruptions involve not only the costs associated with the clean-up, repair, and/or replacement of affected infrastructures but also economic, social, and environmental effects as supply chains are disrupted, economic activities are suspended, and/or social well-being is threatened. Current knowledge indicates that vulnerability concerns tend to be focused on extreme weather events associated with climate change that can disrupt infrastructure services, often cascading across infrastructures because of extensive interdependencies threatening health and local economies, especially in areas where human populations and economic activities are concentrated in urban areas. Vulnerabilities are especially large where infrastructures are subject to multiple stresses, beyond climate change alone; when they are located in areas vulnerable to extreme weather events; and if climate change is severe rather than moderate. But the report also notes that there are promising approaches for risk management, based on emerging lessons from a number of innovative initiatives in U.S. cities and other countries, involving both structural and non-structural (e.g., operational) options.

Wilbanks, Thomas J [ORNL] [ORNL; Fernandez, Steven J [ORNL] [ORNL

2014-01-01T23:59:59.000Z

314

Visualization & Controls Program Peer Review | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Visualization & Controls Program Peer Review Visualization & Controls Program Peer Review Visualization & Controls Program Peer Review With mounting evidence suggesting an increased probability that malicious attacks may be launched against energy control systems, there is a critical need to understand specific cyber vulnerabilities and corresponding mitigation strategies. This need is being addressed by SCADA/ Energy Management System (EMS) Cyber Security Assessments conducted at the National SCADA Test Bed (NSTB) facility at INL and at on-site field installations of control systems. Visualization & Controls Program Peer Review More Documents & Publications DOE/OE National SCADA Test Bed Fiscal Year 2009 Work Plan DOE National SCADA Test Bed Program Multi-Year Plan Vulnerability Analysis of Energy Delivery Control Systems - 2011

315

V-057: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

V-057: eXtplorer "ext_find_user()" Authentication Bypass V-057: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability V-057: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability December 28, 2012 - 6:00am Addthis December 28 2012 - 6:00am PROBLEM: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability PLATFORM: eXtplorer 2.x ABSTRACT: A vulnerability has been reported in eXtplorer, which can be exploited by malicious people to bypass certain security restrictions. REFERENCE LINKS: Secunia Advisory SA51636 eXtplorer 2.1.3 Security Release IMPACT ASSESSMENT: Medium DISCUSSION: eXtplorer was notified of a problem within the authentication system of eXtplorer Versions 2.1.2, 2.1.1, 2.1.0 and 2.1.0RC5 that have been found to be vulnerable to an authentication bypass bug.

316

U-097: PHP "php_register_variable_ex()" Code Execution Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

097: PHP "php_register_variable_ex()" Code Execution 097: PHP "php_register_variable_ex()" Code Execution Vulnerability U-097: PHP "php_register_variable_ex()" Code Execution Vulnerability February 7, 2012 - 9:00am Addthis PROBLEM: PHP "php_register_variable_ex()" Code Execution Vulnerability PLATFORM: PHP 5.3.x ABSTRACT: Execution of arbitrary code via network as well as user access via network reference LINKS: PHP Security Archive SecurityTracker Alert ID: 1026631 Secunia Advisory SA47806 CVE-2012-0830 IMPACT ASSESSMENT: High Discussion: A vulnerability has been reported in PHP, which can be exploited by malicious people to compromise a vulnerable system. Impact: A remote user can send specially crafted data to trigger a memory error in php_register_variable_ex() and execute arbitrary code on the target system.

317

V-017: Apache Tomcat Security Bypass and Denial of Service Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Apache Tomcat Security Bypass and Denial of Service 7: Apache Tomcat Security Bypass and Denial of Service Vulnerabilities V-017: Apache Tomcat Security Bypass and Denial of Service Vulnerabilities November 6, 2012 - 6:00am Addthis PROBLEM: Apache Tomcat Security Bypass and Denial of Service Vulnerabilities PLATFORM: Apache Tomcat 5.x Apache Tomcat 6.x Apache Tomcat 7.x ABSTRACT: Two vulnerabilities were reported in Apache Tomcat REFERENCE LINKS: Apache.org Apache Tomcat Denial of Service Apache Tomcat DIGEST authentication weaknesses Secunia Advisory SA51138 CVE-2012-2733 CVE-2012-3439 IMPACT ASSESSMENT: Medium DISCUSSION: A weakness and a vulnerability have been reported in Apache Tomcat, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service). 1) An error within the "parseHeaders()" function

318

U-172: OpenOffice.org Two Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

72: OpenOffice.org Two Vulnerabilities 72: OpenOffice.org Two Vulnerabilities U-172: OpenOffice.org Two Vulnerabilities May 18, 2012 - 7:00am Addthis PROBLEM: OpenOffice.org Two Vulnerabilities PLATFORM: OpenOffice.org 3.3, Other versions may also be affected. ABSTRACT: Two vulnerabilities have been reported in OpenOffice.org, which can be exploited by malicious people to compromise a user's system. Reference LINKS: Secunia Advisory SA46992 CVE-2012-1149 CVE-2012-2149 IMPACT ASSESSMENT: High Discussion: 1) An integer overflow error in the vclmi.dll module when allocating memory for an embedded image object can be exploited to cause a heap-based buffer overflow e.g. via a specially crafted JPEG object within a DOC file. 2) An error within libwpd when parsing Wordperfect documents can be exploited to overwrite arbitrary memory via a specially crafted Wordperfect

319

U-069: Telnet code execution vulnerability: FreeBSD and Kerberos |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

69: Telnet code execution vulnerability: FreeBSD and Kerberos 69: Telnet code execution vulnerability: FreeBSD and Kerberos U-069: Telnet code execution vulnerability: FreeBSD and Kerberos December 27, 2011 - 5:18am Addthis PROBLEM: Telnet code execution vulnerability: FreeBSD and Kerberos PLATFORM: Operating System: FreeBSD 7.1, 7.3, 8.0 and 8.1 and Software: Kerberos ABSTRACT: Vulnerability was reported in FreeBSD Telnet. A remote user can execute arbitrary code on the target system. reference LINKS: FreeBSD-SA-11:08.telnetd MITKRB5-SA-2011-008 Secunia Advisory: SA47397 (FreeBSD) Secunia Advisory: SA47348 (Kerberos) SecurityTracker Alert ID: 1026460 CVE-2011-4862 IMPACT ASSESSMENT: High Discussion: When an encryption key is supplied via the TELNET protocol, its length is not validated before the key is copied into a fixed-size buffer. The telnet

320

V-162: Apache Struts "ParameterInterceptor" Security Bypass Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Apache Struts "ParameterInterceptor" Security Bypass 2: Apache Struts "ParameterInterceptor" Security Bypass Vulnerability V-162: Apache Struts "ParameterInterceptor" Security Bypass Vulnerability May 23, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in Apache Struts PLATFORM: The vulnerability is reported in versions prior to 2.3.14.1 ABSTRACT: A vulnerability has been reported in Apache Struts, which can be exploited by malicious people to bypass certain security restrictions. REFERENCE LINKS: Secunia Advisory SA53495 Apache Struts Advisory S2-012 Apache Struts Advisory S2-013 CVE-2013-1965 CVE-2013-1966 IMPACT ASSESSMENT: High DISCUSSION: A request that included a specially crafted request parameter could be used to inject arbitrary OGNL code into the stack, afterward used as request

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


321

V-056: FreeType BDF Glyph Processing Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: FreeType BDF Glyph Processing Buffer Overflow Vulnerability 6: FreeType BDF Glyph Processing Buffer Overflow Vulnerability V-056: FreeType BDF Glyph Processing Buffer Overflow Vulnerability December 27, 2012 - 6:00am Addthis PROBLEM: FreeType BDF Glyph Processing Buffer Overflow Vulnerability PLATFORM: Version(s): prior to 2.4.11 ABSTRACT: Several vulnerabilities were reported in FreeType. A remote user can cause arbitrary code to be executed on the target user's system. REFERENCE LINKS: SecurityTracker Alert ID: 1027921 CVE-2012-5668 CVE-2012-5669 CVE-2012-5670 IMPACT ASSESSMENT: High DISCUSSION: A remote user can create a specially crafted font file that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user or application. A null pointer dereference can be triggered in bdf_free_font()

322

U-149: Apache OFBiz Cross-Site Scripting and Code Execution Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Apache OFBiz Cross-Site Scripting and Code Execution 9: Apache OFBiz Cross-Site Scripting and Code Execution Vulnerabilities U-149: Apache OFBiz Cross-Site Scripting and Code Execution Vulnerabilities April 17, 2012 - 8:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Apache OFBiz, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system. PLATFORM: Apache OFBiz 10.x ABSTRACT: The vulnerabilities are reported in version 10.04.01. Prior versions may also be affected. references LINKS: Vendor Advisory Secunia Advisory 48800 CVE-2012-1621 IMPACT ASSESSMENT: High Discussion: 1) Certain unspecified input is not properly sanitised within the "getServerError()" function in checkoutProcess.js before being returned to the user. This can be exploited to execute arbitrary HTML and script code

323

T-572: VMware ESX/ESXi SLPD denial of service vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

72: VMware ESX/ESXi SLPD denial of service vulnerability 72: VMware ESX/ESXi SLPD denial of service vulnerability T-572: VMware ESX/ESXi SLPD denial of service vulnerability March 8, 2011 - 3:05pm Addthis PROBLEM: A vulnerability was reported in VMware ESX. A remote user can cause denial of service conditions. PLATFORM: ESX/ESXi 4.0, 4.1 ABSTRACT: VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. reference LINKS: VMware Security Advisory: VMSA-2011-0004 VMware vSphere 4 VMware ESXi 4.1 Update CVE-2010-3609 IMPACT ASSESSMENT: Moderate Discussion: A remote user can send specially crafted data to cause the target Service Location Protocol daemon (SLPD) to enter an infinite loop and consume excessive CPU resources.A remote user can consume excessive CPU resources.

324

U-108: Net4Switch ipswcom ActiveX Control Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Net4Switch ipswcom ActiveX Control Buffer Overflow 8: Net4Switch ipswcom ActiveX Control Buffer Overflow Vulnerability U-108: Net4Switch ipswcom ActiveX Control Buffer Overflow Vulnerability February 22, 2012 - 8:00am Addthis PROBLEM: A vulnerability was reported in Net4Switch ipswcom ActiveX Control, which can be exploited by malicious people to compromise a user's system. PLATFORM: Net4Switch ipswcom ActiveX Control 1.x ABSTRACT: The vulnerability is caused due to a boundary error within the "CxDbgPrint()" function (cxcmrt.dll) when creating a debug message string. reference LINKS: Vendor Advisory Secunia Advisroy 48125 No CVE references. IMPACT ASSESSMENT: High Discussion: The vulnerability is caused due to a boundary error within the "CxDbgPrint()" function (cxcmrt.dll) when creating a debug message string.

325

V-219: Kingsoft Writer 2012 WPS Font Names Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

19: Kingsoft Writer 2012 WPS Font Names Buffer Overflow 19: Kingsoft Writer 2012 WPS Font Names Buffer Overflow Vulnerability V-219: Kingsoft Writer 2012 WPS Font Names Buffer Overflow Vulnerability August 16, 2013 - 5:52am Addthis PROBLEM: Kaveh Ghaemmaghami has discovered a vulnerability in Kingsoft Writer 2012, which can be exploited by malicious people to compromise a user's system. PLATFORM: Kingsoft Office 2012, Kingsoft Weirwe 2012 8.x ABSTRACT: The vulnerability is confirmed in the following products and versions: * Kingsoft Writer 2012 version 8.1.0.3030. * Kingsoft Writer 2012 bundled in Kingsoft Office 2012 version 8.1.0.3385. REFERENCE LINKS: Secunia Advisory SA53266 CVE-2013-3934 IMPACT ASSESSMENT: High DISCUSSION: The vulnerability is caused due to a boundary error in when handling font names and can be exploited to cause a stack-based buffer overflow via a

326

U-018: Oracle AutoVue ActiveX Control Insecure Method Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

18: Oracle AutoVue ActiveX Control Insecure Method 18: Oracle AutoVue ActiveX Control Insecure Method Vulnerabilities U-018: Oracle AutoVue ActiveX Control Insecure Method Vulnerabilities October 25, 2011 - 8:45am Addthis PROBLEM: Oracle AutoVue ActiveX Control Insecure Method Vulnerabilities. PLATFORM: The vulnerabilities are confirmed in version 20.0.2 build 7910 (AutoVueX.ocx 20.1.1.7910). Other versions may also be affected. ABSTRACT: Successful exploitation of the vulnerabilities allows execution of arbitrary code. reference LINKS: Bugtraq ID: 50321 Secunia Advisory SA46473 Oracle AutoVue IMPACT ASSESSMENT: High Discussion: Successfully exploiting this issue will allow attackers to create or overwrite arbitrary files on the victim's computer within the context of the affected application (typically Internet Explorer) that uses the

327

V-236: MediaWiki CentralAuth Extension Authentication Bypass Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: MediaWiki CentralAuth Extension Authentication Bypass 6: MediaWiki CentralAuth Extension Authentication Bypass Vulnerability V-236: MediaWiki CentralAuth Extension Authentication Bypass Vulnerability September 6, 2013 - 4:36am Addthis PROBLEM: A vulnerability has been reported in the CentralAuth extension for MediaWiki, which can be exploited by malicious people to bypass certain security restrictions. PLATFORM: MediaWiki CentralAuth Extension ABSTRACT: A vulnerability has been reported in the CentralAuth extension for MediaWik REFERENCE LINKS: Secunia Advisory SA54723 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to an error when handling auto-logins and can be exploited to bypass the authentication mechanism by providing a valid username within the "centralauth_User" cookie. IMPACT:

328

U-022: Apple QuickTime Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Apple QuickTime Multiple Vulnerabilities 2: Apple QuickTime Multiple Vulnerabilities U-022: Apple QuickTime Multiple Vulnerabilities October 28, 2011 - 8:15am Addthis PROBLEM: Apple QuickTime Multiple Vulnerabilities. PLATFORM: Apple QuickTime prior to 7.7.1 ABSTRACT: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system. reference LINKS: Apple Product Security Article: HT5016 Secunia Advisory SA46618 SecurityTracker Alert ID: 1026251 CVE-2011-3218, CVE-2011-3219, CVE-2011-3220 CVE-2011-3221, CVE-2011-3222, CVE-2011-3223 CVE-2011-3228, CVE-2011-3247, CVE-2011-3248 CVE-2011-3249, CVE-2011-3250, CVE-2011-3251 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in Apple Quicktime, which can be exploited by malicious people to compromise a user's system.

329

V-148: Novell iPrint Client Unspecified Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Novell iPrint Client Unspecified Buffer Overflow 8: Novell iPrint Client Unspecified Buffer Overflow Vulnerability V-148: Novell iPrint Client Unspecified Buffer Overflow Vulnerability May 3, 2013 - 6:00am Addthis PROBLEM: Novell iPrint Client Unspecified Buffer Overflow Vulnerability PLATFORM: Novell iPrint Client 5.x ABSTRACT: A vulnerability has been reported in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system REFERENCE LINKS: Secunia Advisory SA53261 Novell KB 7012344 Novell KB 7008708 CVE-2013-1091 IMPACT ASSESSMENT: High DISCUSSION: The vulnerability is caused due to an unspecified error and can be exploited to cause a stack-based buffer overflow. IMPACT: Successful exploitation may allow execution of arbitrary code SOLUTION: Vendor recommendation is to update to Version 5.90

330

Wildfire ignition resistant home design(WIRHD) program: Full-scale testing and demonstration final report.  

SciTech Connect

The primary goal of the Wildfire ignition resistant home design(WIRHD) program was to develop a home evaluation tool that could assess the ignition potential of a structure subjected to wildfire exposures. This report describes the tests that were conducted, summarizes the results, and discusses the implications of these results with regard to the vulnerabilities to homes and buildings.

Quarles, Stephen, L.; Sindelar, Melissa

2011-12-13T23:59:59.000Z

331

Climate program plan. Volume 1 of 2. [For assessing interrelationships between energy and climate  

SciTech Connect

As part of the United States Climate Program Plan developed by the Interdepartmental Committee for Atmospheric Sciences, DOE is responsible for developing an understanding of and assessment capabilities for the effects of climate and climate fluctuations on man's generation of power, the effects of power generation and its various fuel processes and/or control technologies on climate, and development of blends of power generation and distribution modes that minimize adverse environmental and climatic effects. The DOE Climate Program Plan focuses on these three major roles in basic and applied research. The purpose of this document is to present background information relevant to these roles, to identify the perceived and potential effects of energy technologies on climate that now merit assessment, to define the need for research on the prediction of weather and climate variations and assessment of their effects on power production, and to outline research goals appropriate to the DOE mission. This report focuses on the need for assessing the cycles and budgets of the entire range of substances emitted in power production by the many technologies now in use. Emissions include but are not limited to /sup 85/Kr, particles, sulfur, and nitrogen oxides, waste heat, and hydrocarbons. To provide the basis for assessing the impacts of these emissions, this plan calls for specialized, mission-oriented research to improve understanding of processes that determine how these emissions are transported, transformed, and scavenged in the atmosphere, and of the natural processes that can be affectd by energy activities. This latter category includes potential modification of surface properties caused, for example, by large arrays of solar collectors, extensive biomass production, and wind power modification of the boundary layer. (JGB)

Not Available

1980-01-01T23:59:59.000Z

332

Experimental Analysis of the Arabidopsis Mitochondrial Proteome Highlights Signaling and Regulatory Components, Provides Assessment of Targeting Prediction Programs, and Indicates Plant-Specific Mitochondrial Proteins  

Science Journals Connector (OSTI)

...Isolation, and Purity Assessment An Arabidopsis thaliana...TIGR) and National Center for Biotechnology Information...Commonwealth Scientific and Industrial Research Organization...components, provides assessment of targeting prediction...programs, allowing an assessment of the benefits and...

Joshua L. Heazlewood; Julian S. Tonti-Filippini; Alexander M. Gout; David A. Day; James Whelan; A. Harvey Millar

2003-12-11T23:59:59.000Z

333

International Code Assessment and Applications Program: Summary of code assessment studies concerning RELAP5/MOD2, RELAP5/MOD3, and TRAC-B. International Agreement Report  

SciTech Connect

Members of the International Code Assessment Program (ICAP) have assessed the US Nuclear Regulatory Commission (USNRC) advanced thermal-hydraulic codes over the past few years in a concerted effort to identify deficiencies, to define user guidelines, and to determine the state of each code. The results of sixty-two code assessment reviews, conducted at INEL, are summarized. Code deficiencies are discussed and user recommended nodalizations investigated during the course of conducting the assessment studies and reviews are listed. All the work that is summarized was done using the RELAP5/MOD2, RELAP5/MOD3, and TRAC-B codes.

Schultz, R.R. [EG and G Idaho, Inc., Idaho Falls, ID (United States)

1993-12-01T23:59:59.000Z

334

Economic vulnerability to Peak Oil  

Science Journals Connector (OSTI)

Abstract Peak Oil, which refers to the maximum possible global oil production rate, is increasingly gaining attention in both science and policy discourses. However, little is known about how this phenomenon will impact economies, despite its apparent imminence and potential dangers. In this paper, we construct a vulnerability map of the U.S. economy, combining two approaches for analyzing economic systems, i.e. inputoutput analysis and social network analysis (applied to economic data). Our approach reveals the relative importance of individual economic sectors, and how vulnerable they are to oil price shocks. As such, our dual-analysis helps identify which sectors, due to their strategic position, could put the entire U.S. economy at risk from Peak Oil. For the U.S., such sectors would include Iron Mills, Fertilizer Production and Transport by Air. Our findings thus provide early warnings to downstream companies about potential trouble in their supply chain, and inform policy action for Peak Oil. Although our analysis is embedded in a Peak Oil narrative, it is just as valid and useful in the context of developing a climate roadmap toward a low carbon economy.

Christian Kerschner; Christina Prell; Kuishuang Feng; Klaus Hubacek

2013-01-01T23:59:59.000Z

335

Annual Coded Wire Tag Program; Oregon Stock Assessment, 2001 Annual Report.  

SciTech Connect

This annual report is in fulfillment of contract obligations with Bonneville Power Administration which is the funding source for the Oregon Department of Fish and Wildlife project 'Annual Stock Assessment - Coded Wire Tag Program (ODFW)'. Results for the 2001 contract period: Objective 1--Over 1 million juvenile salmon were coded-wire by this program (Table 1); Objective 2--ODFW recovered and processed over 40,000 snout collected from coded-wire tagged fish (Table 2); Objective 3--Survival data is summarized below; Objective 4--The last group of VIE tagged coho was released in 2001 and returning coho were samples at Sandy Hatchery. This sampling showed only 1 of 1,160 returning coho VIE marked as juveniles retained the VIE mark as adults.

Lewis, Mark; Mallette, Christine; Murray, William

2002-03-01T23:59:59.000Z

336

Department of Energy Small-Scale Hydropower Program: Feasibility assessment and technology development summary report  

SciTech Connect

This report summarizes two subprograms under the US Department of Energy's Small-Scale Hydroelectric Power Program. These subprograms were part of the financial assistance activities and included the Program Research and Development Announcement (PRDA) feasibility assessments and the technology development projects. The other major subprograms included engineering research and development, legal and institutional aspects, and technology transfer. These other subprograms are covered in their respective summary reports. The problems of energy availability and increasing costs of energy led to a national effort to develop economical and environmental attractive alternative energy resources. One such alternative involved the utilization of existing dams with hydraulic heads of <65 ft and the capacity to generate hydroelectric power of 15 MW or less. Thus, the PRDA program was initiated along with the Technology Development program. The purpose of the PRDA feasibility studies was to encourage development of renewable hydroelectric resources by providing engineering, economic, environmental, safety, and institutional information. Fifty-five feasibility studies were completed under the PRDA. This report briefly summarizes each of those projects. Many of the PRDA projects went on to become technology development projects. 56 refs., 1 fig., 2 tabs.

Rinehart, B.N.

1991-06-01T23:59:59.000Z

337

Semi-annual report of the Department of Energy, Office of Environmental Management, Quality Assessment Program  

SciTech Connect

This report presents the results from the analysis of the 43rd set of environmental quality assessment samples (QAP XLIII) that were received on or before December 1, 1995. This Quality Assessment Program (QAP) is designed to test the quality of the environmental measurements being reported to the Department of Energy by its contractors. Since 1976, real or synthetic environmental samples that have been prepared and thoroughly analyzed at the Environmental Measurements Laboratory (EML) have been distributed at first quarterly and then semi-annually to these contractors. Their results, which are returned to EML within 90 days, are compiled with EML`s results and are reported back to the participating contractors 30 days later. A summary of the reported results is available to the participants 2 days after the reporting deadline via a modem-telephone connection to the EML computer.

Sanderson, C.G.; Greenlaw, P.

1996-02-01T23:59:59.000Z

338

Semi-annual report of the Department of Energy Quality Assessment Program  

SciTech Connect

This report presents the results from the analysis of the 35th set of environmental quality assessment samples (QAP XXXV) that were received on or before December 5, 1991. This Quality Assessment Program (QAP) is designed to test the quality of the environmental measurements being reported to the Department of Energy by its contractors. Since 1976, real or synthetic environmental samples that have been prepared and thoroughly analyzed at the Environmental Measurements Laboratory (EML) have been distributed at first quarterly and then semi-annually to these contractors. Their results, which are returned to EML within 90 days, are compiled with EML`s results and are reported back to the participating contractors 30 days later. A summary of the reported results is available to the participants 3 days after the reporting deadline via a modem-telephone connection to the EML computer.

Sanderson, C.G.; Scarpitta, S.C.

1992-01-02T23:59:59.000Z

339

Semi-annual report of the Department of Energy, Office of Environmental Management, Quality Assessment Program  

SciTech Connect

This report presents the results from the analysis of the 42st set of environmental quality assessment samples (QAP XLII) that were received on or before June 1, 1995. This Quality Assessment Program (QAP) is designed to test the quality of the environmental measurements being reported to the Department of Energy by its contractors. Since 1976, real or synthetic environmental samples that have been prepared and thoroughly analyzed at the Environmental Measurements Laboratory (EML) have been distributed at first quarterly and then semi-annually to these contractors. Their results, which are returned to EML within 90 days, are compiled with EML`s results and are reported back to the participating contractors 30 days later. A summary of the reported results is available to the participants 2 days after the reporting deadline via a modem-telephone connection to the EML computer.

Sanderson, C.G.; Greenlaw, P.; Pan, V.

1995-07-03T23:59:59.000Z

340

Semi-annual report of the Department of Energy Quality Assessment Program  

SciTech Connect

This report presents the results from the analysis of the 35th set of environmental quality assessment samples (QAP XXXV) that were received on or before December 5, 1991. This Quality Assessment Program (QAP) is designed to test the quality of the environmental measurements being reported to the Department of Energy by its contractors. Since 1976, real or synthetic environmental samples that have been prepared and thoroughly analyzed at the Environmental Measurements Laboratory (EML) have been distributed at first quarterly and then semi-annually to these contractors. Their results, which are returned to EML within 90 days, are compiled with EML's results and are reported back to the participating contractors 30 days later. A summary of the reported results is available to the participants 3 days after the reporting deadline via a modem-telephone connection to the EML computer.

Sanderson, C.G.; Scarpitta, S.C.

1992-01-02T23:59:59.000Z

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


341

NNSA NSO Technical Qualification Program Accreditation Self Assessment Report, October 2009  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

IAl,W~\/Al IAl,W~\/Al llVl'~~t Nalional N uciea1 S ecurity Administration Department of Energy National Nuclear Security Administration Nevada Site Office P.O. Box 98518 Las Vegas, NV 89193-8518 FEB 0 . ~ 2010 Patricia R. Worthington, Director, Office of Health and Safety, DOE/HQ (HS-10) GTN NATIONAL NUCLEAR SECURITY ADMINISTRATION NEV ADA SITE OFFICE (NNSA/NSO) TECHNICAL QUALIFICATION PROGRAM (TQP) ACCREDITATION NNSA/NSO recently completed the attached TQP Self-Assessment. Based on the completion of this self assessment, I am formally requesting TQP Accreditation from your office. Barry L. Mellor, NNSA/NSO Training Manager, has been working with Ali H. Ghovanlou in preparation for this event. We would like to schedule the accreditation team for June, 2010.

342

U-198: IBM Lotus Expeditor Multiple Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE))

The vulnerabilities can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system..

343

Pacific Northwest National Laboratory FY96 evaluation of Integrated Assessment Program  

SciTech Connect

The Pacific Northwest National Laboratory`s Integrated Assessment Program (IAP) is the primary system to assess and monitor overall performance and to drive continuous improvement in the Laboratory. The approach used is a significant departure from the Laboratory`s traditional reliance on auditing methods. It is a move toward the contemporary concepts of measuring organizational performance by encouraging scientific, operational, and business excellence, through self-assessment and strengthening line management accountability for results in product and service quality, safety, and cost. This report describes the approach used (methods and processes), the deployment of that approach in the six Laboratory organizations selected to pilot the approach, and a summary of how the pilot organizations used the results they obtained. Section 3.0 of this report summarizes the top strengths and weaknesses in performance as identified by Division/Directorate self-assessments, Independent Oversight, Internal Audit and peer reviews, and includes the actions that have been, or will be taken, to improve performance in areas that are weak.

NONE

1996-10-01T23:59:59.000Z

344

Medical University of South Carolina Environmental Hazards Assessment Program. Volume 5: Annual report, July 1, 1993--June 30, 1994 deliverables  

SciTech Connect

The Medical University of South Carolina`s vision is to become the premier national resource for medical information and for environmental/health risk assessment. A key component to the success of the many missions of the Environmental Hazards Assessment Program (EHAP) is timely access to large volumes of data. This study documents the results of the needs assessment effort conducted to determine the information access and processing requirement of EHAP. The following topics are addressed in this report: environmental medicine and risk communication: curriculum and a professional support network-Department of Family Medicine; environmental hazards assessment and education program in pharmacy graduate education in risk assessment; and graduate education risk assessment.

Not Available

1994-09-01T23:59:59.000Z

345

Assessing the Costs and Benefits of the Superior Energy Performance Program  

NLE Websites -- All DOE Office Websites (Extended Search)

Costs and Benefits of the Superior Energy Performance Program Costs and Benefits of the Superior Energy Performance Program Title Assessing the Costs and Benefits of the Superior Energy Performance Program Publication Type Conference Paper Refereed Designation Unknown LBNL Report Number LBNL-6349E Year of Publication 2013 Authors Therkelsen, Peter, Aimee T. McKane, Ridah Sabouni, and Tracy Evans Conference Name American Council for an Energy-Efficient Economy (ACEEE) Summer Study on Energy Efficiency in Industry Date Published 07/2013 Keywords ACEEE Conference Paper, energy efficiency, Energy Performance Program Abstract Industrial companies are seeking to manage energy consumption and costs, mitigate risks associated with energy, and introduce transparency into reports of their energy performance achievements. Forty industrial facilities are participating in the U.S. DOE supported Superior Energy Performance (SEP) program in which facilities implement an energy management system based on the ISO 50001 standard, and pursue third-party verification of their energy performance improvements. SEP certification provides industrial facilities recognition for implementing a consistent, rigorous, internationally recognized business process for continually improving energy performance and achievement of established energy performance improvement targets. This paper focuses on the business value of SEP and ISO 50001, providing an assessment of the costs and benefits associated with SEP implementation at nine SEP-certified facilities across a variety of industrial sectors. These cost-benefit analyses are part of the U.S. DOE's contribution to the Global Superior Energy Performance (GSEP) partnership, a multi-country effort to demonstrate, using facility data, that energy management system implementation enables companies to improve their energy performance with a greater return on investment than business-as-usual (BAU) activity. To examine the business value of SEP certification, interviews were conducted with SEPcertified facilities. The costs of implementing the SEP program, including internal facility staff time, are described and a marginal payback of SEP certification has been determined. Additionally, more qualitative factors with regard to the business value and challenges related to SEP and ISO 50001 implementation are summarized.

346

Nuclear proliferation and civilian nuclear power. Report of the Nonproliferation Alternative Systems Assessment Program. Volume IV. Commercial potential  

SciTech Connect

This volume of the Nonproliferation Alternative Systems Assessment Program (NASAP) report provides time and cost estimates for positioning new nuclear power systems for commercial deployment. The assessment also estimates the rates at which the new systems might penetrate the domestic market, assuming the continuing viability of the massive light-water reactor network that now exists worldwide. This assessment does not recommend specific, detailed program plans and budgets for individual systems; however, it is clear from this analysis that any of the systems investigated could be deployed if dictated by national interest.

Not Available

1980-06-01T23:59:59.000Z

347

Liquefied Gaseous Fuels Safety and Environmental Control Assessment Program: second status report  

SciTech Connect

The Assistant Secretary for Environment has responsibility for identifying, characterizing, and ameliorating the environmental, health, and safety issues and public concerns associated with commercial operation of specific energy systems. The need for developing a safety and environmental control assessment for liquefied gaseous fuels was identified by the Environmental and Safety Engineering Division as a result of discussions with various governmental, industry, and academic persons having expertise with respect to the particular materials involved: liquefied natural gas, liquefied petroleum gas, hydrogen, and anhydrous ammonia. This document is arranged in three volumes and reports on progress in the Liquefied Gaseous Fuels (LGF) Safety and Environmental Control Assessment Program made in Fiscal Year (FY)-1979 and early FY-1980. Volume 1 (Executive Summary) describes the background, purpose and organization of the LGF Program and contains summaries of the 25 reports presented in Volumes 2 and 3. Annotated bibliographies on Liquefied Natural Gas (LNG) Safety and Environmental Control Research and on Fire Safety and Hazards of Liquefied Petroleum Gas (LPG) are included in Volume 1.

Not Available

1980-10-01T23:59:59.000Z

348

The West Virginia mineral lands program: Statewide GIS resource evaluation and assessment  

SciTech Connect

In 1995, the West Virginia legislature enacted H.B. 2222 that provided a mandate and funding for a statewide evaluation of mineral resources, specifically coal, to promote a more open and equitable means to assess the taxable value of mineral holdings by West Virginia property owners. Written into the legislation was an appropriation for the initial development of a Geographic Information System (GIS) to integrate the work. Designated as the Mineral Lands Mapping Program, the lead agencies are the VIV Geological and Economic Survey, the WV Department of Tax and Revenue, and the State GIS Technical Support Center at West Virginia University. The complex topography and geology of West Virginia require that large volumes of two- and three-dimensional spatial data be created to support the identification, mapping, and evaluation of coal resources for improved tax assessment of land parcels. The political and economic context of the project, data requirements and sources, inputs and digital conversion procedures, adoption of metadata and data standards, geological base mapping, coal resource modeling methods, tax parcel reconciliation, and integration of the various data sets are all important issues for this program.

Neidig, C.A. [Office of State GIS Coordinator, Charleston, WV (United States); Fedorko, N. [West Virginia Geological and Economic Survey, Morgantown, WV (United States); Maki, E. [West Virginia Dept. of Tax and Revenue, Charleston, WV (United States); Elmes, G. [West Virginia Univ., Morgantown, WV (United States)

1996-09-01T23:59:59.000Z

349

Adventures in supercomputing, a K-12 program in computational science: An assessment  

SciTech Connect

In this paper, the authors describe only those elements of the Department of Energy Adventures in Supercomputing (AiS) program for high school teachers, such as school selection, which have a direct bearing on assessment. Schools submit an application to participate in the AiS program. They propose a team of at least two teachers to implement the AiS curriculum. The applications are evaluated by selection committees in each of the five participating states to determine which schools are the most qualified to carry out the program and reach a significant number of women, minorities, and economically disadvantaged students, all of whom have historically been underrepresented in the sciences. Typically, selected schools either have a large disadvantaged student population, or the applying teachers propose specific means to attract these segments of their student body into AiS classes. Some areas with AiS schools have significant numbers of minority students, some have economically disadvantaged, usually rural, students, and all areas have the potential to reach a higher proportion of women than technical classes usually attract. This report presents preliminary findings based on three types of data: demographic, student journals, and contextual. Demographic information is obtained for both students and teachers. Students have been asked to maintain journals which include replies to specific questions that are posed each month. An analysis of the answers to these questions helps to form a picture of how students progress through the course of the school year. Onsite visits by assessment professionals conducting student and teacher interviews, provide a more in depth, qualitative basis for understanding student motivations.

Oliver, C.E.; Hicks, H.R. [Oak Ridge National Lab., TN (United States); Iles-Brechak, K.D. [Vanderbilt Univ., Oak Ridge, TN (United States); Honey, M.; McMillan, K. [Education Development Center, New York, NY (United States)

1994-10-01T23:59:59.000Z

350

Program Plan for Revision of the Z-Area Saltstone Disposal Facility Performance Assessment  

SciTech Connect

Savannah River National Laboratory (SRNL) and the Saltstone Project, are embarking on the next revision to the Saltstone Disposal Facility (SDF) performance assessment (PA). This program plan has been prepared to outline the general approach, scope, schedule and resources for the PA revision. The plan briefly describes the task elements of the PA process. It discusses critical PA considerations in the development of conceptual models and interpretation of results. Applicable quality assurance (QA) requirements are identified and the methods for implementing QA for both software and documentation are described. The plan identifies project resources supporting the core team and providing project oversight. Program issues and risks are identified as well as mitigation of those risks. Finally, a preliminary program schedule has been developed and key deliverables identified. A number of significant changes have been implemented since the last PA revision resulting in a new design for future SDF disposal units. This revision will encompass the existing and planned disposal units, PA critical radionuclides and exposure pathways important to SDF performance. An integrated analysis of the overall facility layout, including all disposal units, will be performed to assess the impact of plume overlap on PA results. Finally, a rigorous treatment of uncertainty will be undertaken using probabilistic simulations. This analysis will be reviewed and approved by DOE-SR, DOE-HQ and potentially the Nuclear Regulatory Commission (NRC). This revision will be completed and ready for the start of the DOE review at the end of December 2006. This work supports a Saltstone Vault 2 fee-bearing milestone. This milestone includes completion of the Vault 2 module of the PA revision by the end of FY06.

Cook, James R.

2005-12-07T23:59:59.000Z

351

Detecting Network Vulnerabilities Through Graph Theoretical Methods  

E-Print Network (OSTI)

benchmark power networks. 1 Introduction The electric power grid network is susceptible to power outages of our work is power networks, our techniques are applicable to other systems such as the transportation vulnerabilities in power networks is an important prob- lem, as even a small number of vulnerable connections can

Geddes, Cameron Guy Robinson

352

Assessment of the DOE/NREL Historically Black College and University Photovoltaic Research Associates Program  

SciTech Connect

This report details the DOE/NREL Historically Black College and University (HBCU) Photovoltaic Research Associates Program, a small but remarkable program that directly affected dozens of minority undergraduate students in ways that changed many of their lives. The progress and accomplishments of undergraduates within the nine participating universities were monitored and assessed through their presentations at an annual NREL-sponsored HBCU conference. Although the funding was small, typically $400,000 per year, the money made a significant impact. The best students sometimes went on to the nation's top graduate schools (e.g., MIT) or important management positions in large companies. Other students had opportunities to learn how renewable energy could positively affect their lives and their neighbors' lives. A few were lucky enough to install photovoltaic lighting and water-pumping systems in Africa, and to see and feel firsthand the technical and emotional benefits of this technology for families and villages. Two of the schools, Texas Southern University and Central State University, were particularly successful in leveraging their DOE/NREL funding to obtain additional funding for expanded programs.

Posey-Eddy, F.; McConnell, R. D.

2002-08-01T23:59:59.000Z

353

T-596: 0-Day Windows Network Interception Configuration Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: 0-Day Windows Network Interception Configuration 6: 0-Day Windows Network Interception Configuration Vulnerability T-596: 0-Day Windows Network Interception Configuration Vulnerability April 6, 2011 - 5:48am Addthis PROBLEM: 0-Day exploit of IPv4 and IPv6 mechanics and how it applies to Microsoft Windows Operating systems. PLATFORM: Microsoft Operating Systems (OS) Windows Vista, Windows 7, and Windows 2008 Server ABSTRACT: The links below describe a parasitic IPv6 layered over a native IPv4 network. This attack can be used to stage potential man-in-the-middle (MITM) attacks on IPv4 traffic. Please see the "Other Links" section below, as it provides an external URL reference. reference LINKS: InfoSec Institute - SLAAC Attack Cisco Threat Comparison and Best-Practice White Paper IMPACT ASSESSMENT: High

354

Vulnerability Take Grant (VTG): An efficient approach to analyze network vulnerabilities  

Science Journals Connector (OSTI)

Modeling and analyzing information system vulnerabilities help predict possible attacks to computer networks using vulnerabilities information and the network configuration. In this paper, we propose a comprehensive approach to analyze network vulnerabilities in order to answer the safety problem focusing on vulnerabilities. The approach which is called Vulnerability Take Grant (VTG) is a graph-based model consists of subject/objects as nodes and rights/relations as edges to represent the system protection state. Each node may have properties including single vulnerabilities such as buffer overflow. We use the new concept of vulnerability rewriting rule to specify the requirements and consequences of exploiting vulnerabilities. Analysis of the model is achieved using our bounded polynomial algorithm, which generates the most permissive graph in order to verify whether a subject can obtain an access right over an object. The algorithm also finds the likely attack scenarios. Applicability of the approach is investigated by modeling widespread vulnerabilities in their general patterns. A real network is modeled as a case study in order to examine how an attacker can gain unauthorized access via exploiting the chain of vulnerabilities. Our experience shows the efficiency, applicability, and expressiveness in modeling a broader range of vulnerabilities in our approach in comparison to the previous approaches.

Hamid Reza Shahriari; Rasool Jalili

2007-01-01T23:59:59.000Z

355

E-Print Network 3.0 - assessment program western Sample Search...  

NLE Websites -- All DOE Office Websites (Extended Search)

Assessment University... -induced tree death in snow-dominated coniferous forests 12;Western Water Assessment Research... Water Assessment What we know ... Source: Neff, Jason...

356

DOE-STD-1158-2002; Self-Assessment Standard for DOE Contractor Criticality Safety Programs  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

02 02 November 2002 DOE STANDARD SELF-ASSESSMENT STANDARD FOR DOE CONTRACTOR CRITICALITY SAFETY PROGRAMS U.S. Department of Energy AREA SAFT Washington, D.C. 20585 DISTRIBUTION STATEMENT A. Approved for public release; distribution is unlimited. NOT MEASUREMENT SENSITIVE This document has been reproduced from the best available copy. Available to DOE and DOE contractors from ES&H Technical Information Services, U.S. Department of Energy, (800) 473-4375, fax: (301) 903-9823. Available to the public from the U.S. Department of Commerce, Technology Administration, National Technical Information Service, Springfield, VA 22161; (703) 605-6000. DOE-STD-1158-2202 iii FOREWARD 1. This Department of Energy standard is approved for use by all DOE Components and their

357

Tucannon River Spring Chinook Captive Broodstock Program Final Environmental Assessment and Finding of No Significant Impact  

SciTech Connect

Bonneville Power Administration (BPA) is proposing to fund the Tucannon River Spring Chinook Captive Broodstock Program, a small-scale production initiative designed to increase numbers of a weak but potentially recoverable population of spring chinook salmon in the Tucannon River in the State of Washington. BPA has prepared an Environmental Assessment (EA) (DOE/EA-l326) evaluating the proposed project. Based on the analysis in the EA, BPA has determined that the proposed action is not a major Federal action significantly affecting the quality of the human environment, within the meaning of the National Environmental Policy Act (NEPA) of 1969. Therefore, the preparation of an Environmental Impact Statement (EIS) is not required, and BPA is issuing this Finding of No Significant Impact (FONSI).

N /A

2000-05-24T23:59:59.000Z

358

WEATHERIZING THE HOMES OF LOW-INCOME HOME ENERGY ASSISTANCE PROGRAM CLIENTS: A PROGRAMMATIC ASSESSMENT  

NLE Websites -- All DOE Office Websites (Extended Search)

CON-486 CON-486 WEATHERIZING THE HOMES OF LOW-INCOME HOME ENERGY ASSISTANCE PROGRAM CLIENTS: A PROGRAMMATIC ASSESSMENT Bruce Tonn Richard Schmoyer Sarah Wagner OAK RIDGE NATIONAL LABORATORY DOCUMENT AVAILABILITY Reports produced after January 1, 1996, are generally available free via the U.S. Department of Energy (DOE) Information Bridge. Web site http://www.osti.gov/bridge Reports produced before January 1, 1996, may be purchased by members of the public from the following source. National Technical Information Service 5285 Port Royal Road Springfield, VA 22161 Telephone 703-605-6000 (1-800-553-6847) TDD 703-487-4639 Fax 703-605-6900 E-mail info@ntis.fedworld.gov Web site http://www.ntis.gov/support/ordernowabout.htm Reports are available to DOE employees, DOE contractors, Energy Technology Data Exchange (ETDE) representatives,

359

CERTS 2012 Program Review - Measurement-Based Stability Assessment - Dan Trudnowski, U Montana  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Stability Stability Assessment DOE/CERTS Transmission Reliability R&D Internal Program Review Meeting June 12-13, 2012 Washington DC Presenter: Dan Trudnowski, Montana Tech Participants: Dan Trudnowski John Pierre, U of Wyoming Ning Zhou, PNNL Louis Scharf, Consultant 2 Project Objective and Application * Objective: Develop, test, and refine algorithms to automatically estimate oscillations from PMUs in real time. - estimate modal frequency, damping, and shape - estimate mode-estimation performance and validation indices (e.g., error bounds) - detect forced oscillations and identify the cause(s) of such oscillations - collaborate with power-industry partners to test potential algorithms - assist in the WECC system tests * Application - Real-Time Situational Awareness based upon actual system

360

DOE/EA-1326: Tucannon River Spring Chinook Captive Broodstock Program Final Environmental Assessment (05/24/00)  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

TUCANNON RIVER SPRING CHINOOK TUCANNON RIVER SPRING CHINOOK CAPTIVE BROODSTOCK PROGRAM Final Environmental Assessment and Finding of No Significant Impact DOE/EA-1326 B o n n e v i l l e P o w e r A d m i n i s t r a t i o n BONNEVILLE POWER ADMINISTRATION Tucannon River Spring Chinook Captive Broodstock Program Final Environmental Assessment DOE/EA-1326 May 23, 2000 Tucannon River Spring Chinook Captive Broodstock Program PreliminaryFinal Environmental Assessment B o n n e v i l l e P o w e r A d m i n i s t r a t i o n i Table of Contents Page 1. PURPOSE AND NEED FOR ACTION ........................................................................................ 1 1.1 INTRODUCTION ................................................................................................................................ 1 1.2 NEED FOR ACTION ...........................................................................................................................

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


361

U-188: MySQL User Login Security Bypass and Unspecified Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: MySQL User Login Security Bypass and Unspecified 8: MySQL User Login Security Bypass and Unspecified Vulnerability U-188: MySQL User Login Security Bypass and Unspecified Vulnerability June 12, 2012 - 7:00am Addthis PROBLEM: A security issue and vulnerability have been reported in MySQL PLATFORM: MySQL 5.x ABSTRACT: An error when verifying authentication attempts can be exploited to bypass the authentication mechanism. Reference LINKS: Original Advisory CVE-2012-2122 Secunia Advisory 49409 IMPACT ASSESSMENT: High Discussion: Successful exploitation of this vulnerability requires MySQL to be built on a system with a library that allows "memcmp()" to return a value outside of the -128 through 127 range (e.g. sse-optimized glibc). NOTE: Vendor binaries are reportedly not affected. The security issue is reported in versions prior to 5.1.63 and 5.5.25.

362

U-237: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing 7: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability U-237: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability August 16, 2012 - 7:00am Addthis PROBLEM: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability PLATFORM: Version(s): Mozilla Firefox 6 - 12 ABSTRACT: To exploit this issue, an attacker must entice an unsuspecting user to follow a crafted URI. REFERENCE LINKS: http://www.securityfocus.com/bid/54585 CVE-2012-1950 IMPACT ASSESSMENT: Medium Discussion: The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load. mozilla Firefox is prone to a URI-spoofing spoofing vulnerability. Attackers may exploit this issue to display

363

U-237: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

37: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing 37: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability U-237: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability August 16, 2012 - 7:00am Addthis PROBLEM: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability PLATFORM: Version(s): Mozilla Firefox 6 - 12 ABSTRACT: To exploit this issue, an attacker must entice an unsuspecting user to follow a crafted URI. REFERENCE LINKS: http://www.securityfocus.com/bid/54585 CVE-2012-1950 IMPACT ASSESSMENT: Medium Discussion: The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load. mozilla Firefox is prone to a URI-spoofing spoofing vulnerability. Attackers may exploit this issue to display

364

U-117: Potential security vulnerability has been identified with certain HP  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Potential security vulnerability has been identified with 7: Potential security vulnerability has been identified with certain HP printers and HP digital senders U-117: Potential security vulnerability has been identified with certain HP printers and HP digital senders March 5, 2012 - 7:00am Addthis PROBLEM: The vulnerability could be exploited remotely to install unauthorized printer firmware. PLATFORM: Select HP printers and Digital Senders ABSTRACT: Remote attackers could execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update. reference LINKS: Vendor Advisory CVE-2011-4161 Previous JC3 Advisory Bulletin IMPACT ASSESSMENT: High Discussion: The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx;

365

V-191: Apple Mac OS X Multiple Vulnerabilities | Department of Energy  

NLE Websites -- All DOE Office Websites (Extended Search)

1: Apple Mac OS X Multiple Vulnerabilities 1: Apple Mac OS X Multiple Vulnerabilities V-191: Apple Mac OS X Multiple Vulnerabilities July 3, 2013 - 6:00am Addthis PROBLEM: Apple has issued a security update for Mac OS X PLATFORM: Apple Macintosh OS X ABSTRACT: The vulnerabilities are caused due to a bundled version of QuickTime REFERENCE LINKS: Secunia Advisory SA54049 APPLE-SA-2013-07-02-1 Security Update 2013-003 CVE-2013-1018 CVE-2013-1019 CVE-2013-1022 IMPACT ASSESSMENT: High DISCUSSION: A boundary error when parsing compressed data within H.264 encoded movie files can be exploited to cause a buffer overflow A boundary error when handling the Sorenson Video 3 "mdat" section within a MOV file can be exploited to cause a buffer overflow A boundary error when handling "mvhd" atoms can be exploited to cause a

366

U-202: Apple QuickTime Multiple Stack Overflow Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

202: Apple QuickTime Multiple Stack Overflow Vulnerabilities 202: Apple QuickTime Multiple Stack Overflow Vulnerabilities U-202: Apple QuickTime Multiple Stack Overflow Vulnerabilities June 29, 2012 - 7:00am Addthis PROBLEM: Apple QuickTime is prone to multiple stack-based buffer-overflow vulnerabilities. PLATFORM: Version(s): prior to 7.7.2 ABSTRACT: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. Reference links: Vendor Advisory Security Focus ID 53571 CVE-2012-0663 IMPACT ASSESSMENT: Medium Discussion: These issues arise when the application handles specially crafted files. Successful exploits may allow attackers to execute arbitrary code in the context of the currently logged-in user; failed exploit attempts will cause denial-of-service conditions.Versions prior to

367

U-202: Apple QuickTime Multiple Stack Overflow Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Apple QuickTime Multiple Stack Overflow Vulnerabilities 2: Apple QuickTime Multiple Stack Overflow Vulnerabilities U-202: Apple QuickTime Multiple Stack Overflow Vulnerabilities June 29, 2012 - 7:00am Addthis PROBLEM: Apple QuickTime is prone to multiple stack-based buffer-overflow vulnerabilities. PLATFORM: Version(s): prior to 7.7.2 ABSTRACT: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. Reference links: Vendor Advisory Security Focus ID 53571 CVE-2012-0663 IMPACT ASSESSMENT: Medium Discussion: These issues arise when the application handles specially crafted files. Successful exploits may allow attackers to execute arbitrary code in the context of the currently logged-in user; failed exploit attempts will cause denial-of-service conditions.Versions prior to

368

V-191: Apple Mac OS X Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Apple Mac OS X Multiple Vulnerabilities 1: Apple Mac OS X Multiple Vulnerabilities V-191: Apple Mac OS X Multiple Vulnerabilities July 3, 2013 - 6:00am Addthis PROBLEM: Apple has issued a security update for Mac OS X PLATFORM: Apple Macintosh OS X ABSTRACT: The vulnerabilities are caused due to a bundled version of QuickTime REFERENCE LINKS: Secunia Advisory SA54049 APPLE-SA-2013-07-02-1 Security Update 2013-003 CVE-2013-1018 CVE-2013-1019 CVE-2013-1022 IMPACT ASSESSMENT: High DISCUSSION: A boundary error when parsing compressed data within H.264 encoded movie files can be exploited to cause a buffer overflow A boundary error when handling the Sorenson Video 3 "mdat" section within a MOV file can be exploited to cause a buffer overflow A boundary error when handling "mvhd" atoms can be exploited to cause a

369

V-033: ownCloud Cross-Site Scripting and File Upload Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: ownCloud Cross-Site Scripting and File Upload 3: ownCloud Cross-Site Scripting and File Upload Vulnerabilities V-033: ownCloud Cross-Site Scripting and File Upload Vulnerabilities November 26, 2012 - 2:00am Addthis PROBLEM: ownCloud Cross-Site Scripting and File Upload Vulnerabilities PLATFORM: ownCloud 4.5.2, 4.5.1, 4.0.9 ABSTRACT: Multiple vulnerabilities have been reported in ownCloud REFERENCE LINKS: ownCloud Server Advisories Secunia Advisory SA51357 IMPACT ASSESSMENT: Medium DISCUSSION: 1) Input passed via the filename to apps/files_versions/js/versions.js and apps/files/js/filelist.js and event title to 3rdparty/fullcalendar/js/fullcalendar.js is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

370

U-151: Bugzilla Cross-Site Request Forgery Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

51: Bugzilla Cross-Site Request Forgery Vulnerability 51: Bugzilla Cross-Site Request Forgery Vulnerability U-151: Bugzilla Cross-Site Request Forgery Vulnerability April 19, 2012 - 8:15am Addthis PROBLEM: A vulnerability has been reported in Bugzilla, which can be exploited by malicious people to conduct cross-site request forgery attacks. PLATFORM: Bugzilla 2.x Bugzilla 3.x Bugzilla 4.x ABSTRACT: The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. reference LINKS: Vendor Advisory Secunia Advisory 48835 CVE-2012-0465 CVE-2012-0466 IMPACT ASSESSMENT: Medium Discussion: When abusing the X-FORWARDED-FOR header, an attacker could bypass the lockout policy allowing a possible brute-force discovery of a valid user password. An attacker can get access to some bug information using the victim's

371

T-730: Vulnerability in Citrix Provisioning Services could result...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Vulnerability in Citrix Provisioning Services could result in Arbitrary Code Execution T-730: Vulnerability in Citrix Provisioning Services could result in Arbitrary Code...

372

T-565: Vulnerability in Microsoft Malware Protection Engine Could...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

in Microsoft Malware Protection Engine Could Allow Elevation of PrivilegeVulnerability T-565: Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of...

373

Locating Climate Insecurity: Where Are the Most Vulnerable Places...  

Open Energy Info (EERE)

Insecurity: Where Are the Most Vulnerable Places in Africa? Jump to: navigation, search Tool Summary LAUNCH TOOL Name: Locating Climate Insecurity: Where Are the Most Vulnerable...

374

Assessing the Costs and Benefits of the Superior Energy Performance Program  

SciTech Connect

Industrial companies are seeking to manage energy consumption and costs, mitigate risks associated with energy, and introduce transparency into reports of their energy performance achievements. Forty industrial facilities are participating in the U.S. DOE supported Superior Energy Performance (SEP) program in which facilities implement an energy management system based on the ISO 50001 standard, and pursue third-party verification of their energy performance improvements. SEP certification provides industrial facilities recognition for implementing a consistent, rigorous, internationally recognized business process for continually improving energy performance and achievement of established energy performance improvement targets. This paper focuses on the business value of SEP and ISO 50001, providing an assessment of the costs and benefits associated with SEP implementation at nine SEP-certified facilities across a variety of industrial sectors. These cost-benefit analyses are part of the U.S. DOE?s contribution to the Global Superior Energy Performance (GSEP) partnership, a multi-country effort to demonstrate, using facility data, that energy management system implementation enables companies to improve their energy performance with a greater return on investment than business-as-usual (BAU) activity. To examine the business value of SEP certification, interviews were conducted with SEP-certified facilities. The costs of implementing the SEP program, including internal facility staff time, are described and a marginal payback of SEP certification has been determined. Additionally, more qualitative factors with regard to the business value and challenges related to SEP and ISO 50001 implementation are summarized.

Therkelsen, Peter; McKane, Aimee; Sabouini, Ridah; Evans, Tracy

2013-07-01T23:59:59.000Z

375

Significant ELCAP analysis results: Summary report. [End-use Load and Consumer Assessment Program  

SciTech Connect

The evolution of the End-Use Load and Consumer Assessment Program (ELCAP) since 1983 at Bonneville Power Administration (Bonneville) has been eventful and somewhat tortuous. The birth pangs of a data set so large and encompassing as this have been overwhelming at times. The early adolescent stage of data set development and use has now been reached and preliminary results of early analyses of the data are becoming well known. However, the full maturity of the data set and the corresponding wealth of analytic insights are not fully realized. This document is in some sense a milestone in the brief history of the program. It is a summary of the results of the first five years of the program, principally containing excerpts from a number of previous reports. It is meant to highlight significant accomplishments and analytical results, with a focus on the principal results. Many of the results have a broad application in the utility load research community in general, although the real breadth of the data set remains largely unexplored. The first section of the document introduces the data set: how the buildings were selected, how the metering equipment was installed, and how the data set has been prepared for analysis. Each of the sections that follow the introduction summarize a particular analytic result. A large majority of the analyses to date involve the residential samples, as these were installed first and had highest priority on the analytic agenda. Two exploratory analyses using commercial data are included as an introduction to the commercial analyses that are currently underway. Most of the sections reference more complete technical reports which the reader should refer to for details of the methodology and for more complete discussion of the results. Sections have been processed separately for inclusion on the data base.

Pratt, R.G.; Conner, C.C.; Drost, M.K.; Miller, N.E.; Cooke, B.A.; Halverson, M.A.; Lebaron, B.A.; Lucas, R.G.; Jo, J.; Richman, E.E.; Sandusky, W.F. (Pacific Northwest Lab., Richland, WA (USA)); Ritland, K.G. (Ritland Associates, Seattle, WA (USA)); Taylor, M.E. (USDOE Bonneville Power Administration, Portland, OR (USA)); Hauser, S.G. (Solar Energy Research Inst., Golden, CO (USA))

1991-02-01T23:59:59.000Z

376

End-Use Load and Consumer Assessment Program: Analysis of residential refrigerator/freezer performance  

SciTech Connect

The Bonneville Power Administration (Bonneville) is conducting a large end-use data acquisition program in an effort to understand how energy is utilized in buildings with permanent electric space heating equipment in the Pacific Northwest. The initial portion of effort, known as the End-Use Load and Consumer Assessment Program (ELCAP), was conducted for Bonneville by the Pacific Northwest Laboratory (PNL). The collection of detailed end-use data provided an opportunity to analyze the amount of energy consumed by both refrigerators and separate freezers units located in residential buildings. By obtaining this information, the uncertainty of long- term regional end-use forecasting can be improved and potential utility marketing programs for new appliances with a reduced overall energy demand can be identified. It was found that standby loads derived from hourly averages between 4 a.m. and 5 a.m. reflected the minimum consumption needed to maintain interior refrigerator temperatures at a steady-state condition. Next, an average 24-hour consumption that included cooling loads from door openings and cooling food items was also determined. Later, analyses were conducted to develop a model capable of predicting refrigerator standby loads and 24-hour consumption for comparison with national refrigerator label ratings. Data for 140 residential sites with a refrigeration end-use were screened to develop a sample of 119 residences with pure refrigeration for use in this analysis. To identify those refrigerators that were considered to be pure (having no other devices present on the circuit) in terms of their end-use classification, the screening procedure used a statistical clustering technique that was based on standby loads with 24-hour consumption. 5 refs., 18 figs., 4 tabs.

Ross, B.A.

1991-09-01T23:59:59.000Z

377

Report to Congress on Insular Area energy vulnerability  

SciTech Connect

This report was prepared in response to Section 1406 of the Energy Policy Act of 1992 (Public Law 102-486), which directed the Department of Energy (DOE) to ``conduct a study of the implications of the unique vulnerabilities of the insular areas to an oil supply disruption,`` and to ``outline how the insular areas shall gain access to vital oil supplies during times of national emergency.`` The Act defines the insular areas to be the US Virgin Islands and Puerto Rico in the Caribbean, and Guam, American Samoa, the Commonwealth of the Northern Mariana Islands (CNMI), and Palau in the Pacific. In the study, ``unique vulnerabilities`` were defined as susceptibility to: (1) more frequent or more likely interruptions of oil supplies compared to the US Mainland, and/or (2) disproportionately larger or more likely economic losses in the event of an oil supply disruption. In order to assess unique vulnerabilities, the study examined the insular areas` experience during past global disruptions of oil supplies and during local emergencies caused by natural disasters. The effects of several possible future global disruptions and local emergencies were also analyzed. Analyses were based on historical data, simulations using energy and economic models, and interviews with officials in the insular governments and the energy industry.

Not Available

1994-05-01T23:59:59.000Z

378

Independent Oversight Program  

NLE Websites -- All DOE Office Websites (Extended Search)

Independent Oversight Program Independent Oversight Program Home Office of Security and Cyber Evaluations Office of Safety and Emergency Management Evaluations Guidance Documents › Security and Cyber Evaluations › Safety and Emergency Management Evaluations Reports › Physical Security › Cyber Security › Safety and Emergency Management Evaluations Reports › Prior Environment, Safety and Health Evaluations Reports ›Prior Emergency Management Evaluations Reports Contact Us HSS Logo Welcome to the Independent Oversight Program The Independent Oversight Program is implemented by the Office of Health, Safety and Security's (HSS) Office of Enforcement and Oversight. The mission of this program is to provide DOE line management, Congress, and other stakeholders with an independent evaluation of the effectiveness of DOE policy and line management performance in safety and security, and other critical areas as directed by the Secretary of Energy. The Office of Enforcement and Oversight performs this mission by conducting activity, facility, site, and Department-wide performance-based assessments that are designed to verify that the Department's safeguards and security interests are protected, that the Department can effectively respond to emergencies, and that Departmental employees, the public, and the environment are protected from hazardous operations and materials. These assessments complement line management's responsibility for security and safety program oversight and self-assessments. The outcome of these assessments are reports that provide information and analysis regarding the effectiveness, vulnerabilities, and trends in DOE safety and security programs, and identify issues requiring corrective action as well as recommended areas for improvement.

379

Assessment of Financial Savings from Peer Reviews of In-Progress Projects: A Case Study from the Department of Energy's Hydrogen Program  

Office of Energy Efficiency and Renewable Energy (EERE)

Results of a study to assess the financial savings to the Department of Energys (DOE) Hydrogen Program due to decisions made from peer reviews.

380

Safeguarding Children and Vulnerable Adults 1. Introduction  

E-Print Network (OSTI)

1 Safeguarding Children and Vulnerable Adults 1. Introduction 2. Definition & Legislation 3. Scope 4. Roles & Responsibilities 5. Action Appendix 1 ­ Handling a Safeguarding Case & Contacts as best practice for all safeguarding activity; however, this policy reflects the different practices

Anderson, Jim

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


381

JC3 Low Impact Assessment Bulletins  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

low-impact-assessment-bulletins low-impact-assessment-bulletins Office of the Chief Information Officer 1000 Independence Ave., SW Washington, DC 202-586-0166 en V-207: Wireshark Multiple Denial of Service Vulnerabilities http://energy.gov/cio/articles/v-207-wireshark-multiple-denial-service-vulnerabilities vulnerabilities" class="title-link">V-207: Wireshark Multiple Denial of Service Vulnerabilities

382

Medical University of South Carolina Environmental Hazards Assessment Program. Volume 6: Annual report, July 1, 1993--June 30, 1994 deliverables  

SciTech Connect

The Medical University of South Carolina`s vision is to become the premier national resource for medical information and for environmental/health risk assessment. A key component to the success of the many missions of the Environmental Hazards Assessment Program (EHAP) is timely access to large volumes of data. This study documents the results of the needs assessment effort conducted to determine the information access and processing requirements of EHAP. This report addresses the Department of Environmental Health Science, education and training initiative.

Not Available

1994-09-01T23:59:59.000Z

383

Office of Cyber Assessments | Department of Energy  

Office of Environmental Management (EM)

through expert program and technical analysis, including detailed network penetration testing to detect vulnerabilities and risks that could be exploited by sophisticated...

384

Medical University of South Carolina Environmental Hazards Assessment Program. Deliverables: Volume 3, Annual report, July 1, 1993--June 30, 1994  

SciTech Connect

This reference is concerned with the Crossroads of Humanity workshop which is part of the Environmental Hazards Assessment Program at the Medical University of South Carolina. This workshop was held during the month of June and July 1994. Topics discussed include: Perceived Risk Advisory Committee Meeting, surveys of public opinion about hazardous and radioactive materials, genetics,antibodies, and regulatory agencies.

Not Available

1994-08-18T23:59:59.000Z

385

Medical University of South Carolina Environmental Hazards Assessment Program. Deliverables: Volume 2, Annual report, July 1, 1993--June 30, 1994  

SciTech Connect

This reference is concerned with the Crossroads of Humanity workshop which is part of the Environmental Hazards Assessment Program at the Medical University of South Carolina. This workshop was held during the months of June and July 1994. Topics discussed include: Radioactive contamination, aging, medical ethics, and environmental risk analysis.

Not Available

1994-08-18T23:59:59.000Z

386

Assessment of the Emergency Management Program Training and Drills Functional Area at the Los Alamos National Laboratory, August 2011  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

LANL-2011-08-04 LANL-2011-08-04 Site: Los Alamos National Laboratory Subject: Office of Enforcement and Oversight's Office of Safety and Emergency Management Evaluations Activity Report of the Assessment of the Emergency Management Program Training and Drills Functional Area Dates of Activity : 08/01/2011 - 08/04/2011 Report Preparer: David Odland/Randy Griffin Activity Description/Purpose: Since the 2007 Office of Health, Safety and Security (HSS) inspection of the Los Alamos National Laboratory (LANL) emergency management program, HSS personnel have conducted periodic visits to follow-up on the corrective actions taken to address the findings in the review. This 2011 assessment was conducted to continue the corrective action follow-up activities and to support the Los Alamos Site Office (LASO) Emergency Management Program Manager in accomplishing

387

V-167: GnuTLS TLS Record Decoding Denial of Service Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: GnuTLS TLS Record Decoding Denial of Service Vulnerability 7: GnuTLS TLS Record Decoding Denial of Service Vulnerability V-167: GnuTLS TLS Record Decoding Denial of Service Vulnerability May 30, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in GnuTLS PLATFORM: GnuTLS 2.x ABSTRACT: A vulnerability has been reported in GnuTLS, which can be exploited by malicious people to cause a DoS (Denial of Service) REFERENCE LINKS: Secunia Advisory SA53600 GnuTLS Library GNUTLS-SA-2013-2 CVE-2013-2116 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to an out-of-bounds read error within the "_gnutls_ciphertext2compressed()" function in lib/gnutls_cipher.c and can be exploited to cause a crash of the application using the library. IMPACT: Possible DoS SOLUTION: Vendor recommends applying Patch or upgrading to Version 3.x

388

V-226: HP StoreOnce D2D Backup Systems Denial of Service Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: HP StoreOnce D2D Backup Systems Denial of Service 6: HP StoreOnce D2D Backup Systems Denial of Service Vulnerability V-226: HP StoreOnce D2D Backup Systems Denial of Service Vulnerability August 24, 2013 - 3:45am Addthis PROBLEM: A vulnerability has been reported in HP StoreOnce D2D Backup Systems, which can be exploited by malicious people to cause a DoS (Denial of Service). PLATFORM: HP StoreOnce D2D Backup Systems 1.x, HP StoreOnce D2D Backup Systems 2.x ABSTRACT: The vulnerability is reported in versions 2.2.18 and prior and 1.2.18 and prior. REFERENCE LINKS: Secunia Advisory SA54598 CVE-2013-2353 IMPACT ASSESSMENT: Moderate DISCUSSION: A vulnerability has been reported in HP StoreOnce D2D Backup Systems, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error. No further

389

U-171: DeltaV Products Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

71: DeltaV Products Multiple Vulnerabilities 71: DeltaV Products Multiple Vulnerabilities U-171: DeltaV Products Multiple Vulnerabilities May 17, 2012 - 7:00am Addthis PROBLEM: DeltaV Products Multiple Vulnerabilities PLATFORM: DeltaV and DeltaV Workstations versions 9.3.1, 10.3.1, 11.3, and 11.3.1 DeltaV ProEssentials Scientific Graph version 5.0.0.6 ABSTRACT: Multiple vulnerabilities have been reported in DeltaV products, which can be exploited by malicious people to conduct cross-site scripting attacks, SQL injection attacks, cause a DoS (Denial of Service), and compromise a vulnerable system. Reference LINKS: Secunia Advisory SA49210 CVE-2012-1814 CVE-2012-1815 CVE-2012-1816 CVE-2012-1817 CVE-2012-1818 IMPACT ASSESSMENT: High Discussion: 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and

390

JC3 High Impact Assessment Bulletins | Department of Energy  

NLE Websites -- All DOE Office Websites (Extended Search)

High Impact High Impact Assessment Bulletins JC3 High Impact Assessment Bulletins RSS August 9, 2013 V-215: NetworkMiner Directory Traversal and Insecure Library Loading Vulnerabilities The vulnerabilities are reported in versions 1.4.1 and prior August 8, 2013 V-214: Mozilla Firefox Multiple Vulnerabilities The vulnerabilities are reported in versions prior to 23.0. August 5, 2013 V-211: IBM iNotes Multiple Vulnerabilities IBM iNotes has two cross-site scripting vulnerabilities and an ActiveX Integer overflow vulnerability August 2, 2013 V -209:Cisco WAAS (Wide Area Application Services) Arbitrary Code Execution Vulnerabilities Cisco Wide Area Application Services (WAAS) when configured as Central Manager (CM), contains a vulnerability that could allow an unauthenticated,

391

T-565: Vulnerability in Microsoft Malware Protection Engine Could Allow  

NLE Websites -- All DOE Office Websites (Extended Search)

65: Vulnerability in Microsoft Malware Protection Engine Could 65: Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of PrivilegeVulnerability T-565: Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of PrivilegeVulnerability February 25, 2011 - 7:40am Addthis PROBLEM: Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of PrivilegeVulnerability. PLATFORM: Microsoft Malware Protection Engine Last version of the Microsoft Malware Protection Engine affected by this vulnerability: Version 1.1.6502.0 This version is the last version of the Microsoft Malware Protection Engine that is affected by the vulnerability. First version of the Microsoft Malware Protection Engine with this vulnerability addressed:Version 1.1.6603.0 If the version of the Microsoft Malware Protection Engine is equal to or

392

Performance Assessment Uncertainty Analysis for Japan's HLW Program Feasibility Study (H12)  

SciTech Connect

Most HLW programs in the world recognize that any estimate of long-term radiological performance must be couched in terms of the uncertainties derived from natural variation, changes through time and lack of knowledge about the essential processes. The Japan Nuclear Cycle Development Institute followed a relatively standard procedure to address two major categories of uncertainty. First, a FEatures, Events and Processes (FEPs) listing, screening and grouping activity was pursued in order to define the range of uncertainty in system processes as well as possible variations in engineering design. A reference and many alternative cases representing various groups of FEPs were defined and individual numerical simulations performed for each to quantify the range of conceptual uncertainty. Second, parameter distributions were developed for the reference case to represent the uncertainty in the strength of these processes, the sequencing of activities and geometric variations. Both point estimates using high and low values for individual parameters as well as a probabilistic analysis were performed to estimate parameter uncertainty. A brief description of the conceptual model uncertainty analysis is presented. This paper focuses on presenting the details of the probabilistic parameter uncertainty assessment.

BABA,T.; ISHIGURO,K.; ISHIHARA,Y.; SAWADA,A.; UMEKI,H.; WAKASUGI,K.; WEBB,ERIK K.

1999-08-30T23:59:59.000Z

393

Assessing plantation biomass for co-firing with coal in northern Indiana: A linear programming approach  

Science Journals Connector (OSTI)

Tightening environmental regulations and the signing of the Kyoto Protocol have prompted electric utilities to consider co-firing biomass with coal to reduce the levels of CO2, SO2, and \\{NOx\\} in stack emissions. This analysis examines the cost competitiveness of plantation produced woody biomass and waste wood with coal in electricity production. A case study of woody biomass production and co-firing in northern Indiana is presented. A Salix (willow) production budget was created to assess the feasibility of plantation tree production to supply biomass to the utility for fuel blending. Co-firing with waste wood from primary and secondary wood processing activities and local municipalities also is considered. A linear programming model was developed to examine the optimal co-firing blend of coal and biomass while minimizing variable cost, including the cost of ash disposal and material procurement costs. This model was used to examine situations where coal is the primary fuel and waste wood, willow trees, or both are available for fuel blending. The results indicate that co-firing woody biomass is cost-effective for the power plant. Sensitivity analysis explored the effect of waste wood prices on co-firing cost.

Sara Nienow; Kevin T McNamara; Andrew R Gillespie

2000-01-01T23:59:59.000Z

394

Performance Assessment Program for the Savannah River Site Liquid Waste Facilities - 13610  

SciTech Connect

The Liquid Waste facilities at the U.S. Department of Energy's (DOE) Savannah River Site (SRS) are operated by Liquid Waste Operations contractor Savannah River Remediation LLC (SRR). A separate Performance Assessment (PA) is prepared to support disposal operations at the Saltstone Disposal Facility and closure evaluations for the two liquid waste tank farm facilities at SRS, F-Tank Farm and H-Tank Farm. A PA provides the technical basis and results to be used in subsequent documents to demonstrate compliance with the pertinent requirements identified in operations and closure regulatory guidance. The Saltstone Disposal Facility is subject to a State of South Carolina industrial solid waste landfill permit and the tank farms are subject to a state industrial waste water permit. The three Liquid Waste facilities are also subject to a Federal Facility Agreement approved by the State, DOE and the Environmental Protection Agency (EPA). Due to the regulatory structure, a PA is a key technical document reviewed by the DOE, the State of South Carolina and the EPA. As the waste material disposed of in the Saltstone Disposal Facility and the residual material in the closed tank farms is also subject to reclassification prior to closure via a waste determination pursuant to Section 3116 of the Ronald W. Reagan National Defense Authorization Act of Fiscal Year 2005, the U.S. Nuclear Regulatory Commission (NRC) is also a reviewing agency for the PAs. Pursuant to the Act, the NRC also has a continuing role to monitor disposal actions to assess compliance with stated performance objectives. The Liquid Waste PA program at SRS represents a continual process over the life of the disposal and closure operations. When the need for a PA or PA revision is identified, the first step is to develop a conceptual model to best represent the facility conditions. The conceptual model will include physical dimensions of the closed system, both the engineered and natural system, and modeling input parameters associated with the modeled features, both initial values (at the time of facility closure) and degradation rates/values. During the development of the PA, evaluations are conducted to reflect not only the results associated with the best available information at the time but also to evaluate potential uncertainties and sensitivities associated with the modeled system. While the PA will reflect the modeled system results from the best available information, it will also identify areas for future work to reduce overall PA uncertainties moving forward. DOE requires a PA Maintenance Program such that work continues to reduce model uncertainties, thus bolstering confidence in PA results that support regulatory decisions. This maintenance work may include new Research and Development activities or modeling as informed by previous PA results and other new information that becomes available. As new information becomes available, it is evaluated against previous PAs and appropriate actions are taken to ensure continued confidence in the regulatory decisions. Therefore, the PA program is a continual process that is not just the development of a PA but seeks to incorporate new information to reduce overall model uncertainty and provide continuing confidence in regulatory decisions. (author)

Rosenberger, Kent H. [Savannah River Remediation LLC, Building 705-1C, Aiken, SC 29808 (United States)] [Savannah River Remediation LLC, Building 705-1C, Aiken, SC 29808 (United States)

2013-07-01T23:59:59.000Z

395

Resource assessment of low- and moderate-temperature geothermal waters in Calistoga, Napa County, California. Report of the second year, 1979 to 1980 of the US Department of Energy-California State-Coupled Program for reservoir assessment and confirmation  

SciTech Connect

Statewide assessment studies included updating and completing the USGS GEOTHERM File for California and compiling all data needed for a California Geothermal Resources Map. Site specific assessment studies included a program to assess the geothermal resource at Calistoga, Napa County, California. The Calistoga effort was comprised of a series of studies involving different disciplines, including geologic, hydrologic, geochemical and geophysical studies.

Youngs, L.G.; Bacon, C.F.; Chapman, R.H.; Chase, G.W.; Higgins, C.T.; Majmundar, H.H.; Taylor, G.C.

1980-11-10T23:59:59.000Z

396

Enhancing Energy Infrastructure Resiliency and Addressing Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE))

Quadrennial Energy Review Task Force Secretariat and Energy Policy and Systems Analysis Staff, U. S. Department of Energy (DOE) Public Meeting on Enhancing Resilience in Energy Infrastructure and Addressing Vulnerabilities On Friday, April 11, 2014, at 10 a.m. in room HVC-215 of the U.S. Capitol, the Department of Energy (DOE), acting as the Secretariat for the Quadrennial Energy Review Task Force, will hold a public meeting to discuss and receive comments on issues related to the Quadrennial Energy Review (QER). The meeting will focus on infrastructure vulnerabilities related to the electricity, natural gas and petroleum transmission, storage and distribution systems (TS&D). The meeting will consist of two facilitated panels of experts on identifying and addressing vulnerabilities within the nations energy TS&D infrastructure. Following the panels, an opportunity will be provided for public comment via an open microphone session. The meeting will be livestreamed at energy.gov/live

397

Joint Environmental Assessment of the California Department of Food and Agriculture Curly Tope Virus Control Program for the Bureau of Land Management and Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

JOINT ENVIRONMENTAL ASSESSMENT JOINT ENVIRONMENTAL ASSESSMENT 2002-2006 OF THE CALIFORNIA DEPARTMENT OF FOOD AND AGRICULTURE CURLY TOP VIRUS CONTROL PROGRAM FOR BUREAU OF LAND MANAGEMENT AND DEPARTMENT OF ENERGY DOE/EA-# 1363 April, 2002 2 TABLE OF CONTENTS Page No. I. INTRODUCTION 9 A. Purpose and Need......................................................... 10 B. Background................................................................... 10-11 II. PROPOSED ACTIONS AND ALTERNATIVES Alternative 1 - Proposed Action........................................... 12 General Program.................................................... 12-15 Program Specifics.................................................. 15-18 Public Health and Environmental Considerations:

398

Literature Review for the Baseline Knowledge Assessment of the DOE Hydrogen, Fuel Cells, and Infrastructure Technologies Program.  

NLE Websites -- All DOE Office Websites (Extended Search)

3/258 3/258 LITERATURE REVIEW FOR THE BASELINE KNOWLEDGE ASSESSMENT OF THE HYDROGEN, FUEL CELLS, AND INFRASTRUCTURE TECHNOLOGIES PROGRAM Tykey Truett Center for Transportation Analysis Oak Ridge National Laboratory October 2003 Prepared by the OAK RIDGE NATIONAL LABORATORY Oak Ridge, Tennessee 37831-6073 Managed by UT-BATTELLE, LLC For the U.S. DEPARTMENT OF ENERGY Under contract No. DE-AC05-00OR22725 Prepared for the Hydrogen, Fuel Cells, and Infrastructure Technologies Program Office of Energy Efficiency and Renewable Energy U.S. DEPARTMENT OF ENERGY Washington, D.C. CONTENTS ABSTRACT................................................................................................................. iii ACRONYMS ............................................................................................................... iv

399

A comparative application of the Repository Integration Program (RIP) to Total System Performance Assessment, 1991  

SciTech Connect

During Fiscal Year (FY) 1991 and FY 1992, Sandia National Laboratory and Battelle Pacific Northwest Laboratory were assigned the responsibility to generate initial Total System Performance Assessments (TSPAs) of the Yucca Mountain site. The analyses performed by these organizations (called TSPA-1991) are reported in Barnard et al(1992) and Eslinger et al. (1993). During this same time period, Golder Associates Inc. was assigned the task of generating a model capable of analyzing the total system performance of a high-level radioactive waste repository. The developed model, called Repository Integration Program (RIP), is documented in Kossik and Hachey (1993), Miller et al. (1993), and Golder Associates Inc. (1993). In FY 1993, the Civilian Radioactive Waste Management System Contractor was assigned the responsibility to plan, coordinate, and contribute to the second iteration of TSPA-2. Prior to initiating the next TSPA iteration, it was decided that it would be valuable to evaluate the applicability of RIP for use in this iteration. Therefore, analyses were conducted to compare the results generated by RIP to those reported in TSPA-1991. In particular, the aim was to generate a RIP input data set as equivalent as possible to that documented in Barnard et al. (1992) and to analyze the total system performance (as well as the performance of the individual subsystem components of the waste package/Engineered Barrier System (EBS), unsaturated gaseous flow and transport, unsaturated aqueous flow and transport, saturated flow and transport, and disruptive processes/events). The performance measure for comparison with the results of TSPA-1991 is the cumulative release of radionuclides to the accessible environment over a 10,000-year period following closure normalized to the US Environmental Protection Agency (EPA) release limits specified in 40 CFR 191.

NONE

1993-07-16T23:59:59.000Z

400

Technical Qualification Program Self-Assessment Report- Oak Ridge Office- 2014  

Energy.gov (U.S. Department of Energy (DOE))

This assessment, using criteria referred to in DOE O 426.1, Federal Technical Capability, is designed to evaluate the effectiveness of the implementation of the FTCP and the TQP at ORO. The purpose of this report is to document the results of ORO's self-assessment. The remaining sections of this report include the assessment scope and methodology, the results of the assessment, and supporting information.

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


401

Fire Protection Program Assessment, Building 9116- Y12 Plant, Oak Ridge, Tennessee  

Energy.gov (U.S. Department of Energy (DOE))

This assessment is intended to evaluate the fire hazards, life safety and fire protection features inherent in Building 9116.

402

Subbasin Assessment Template for the Northwest Power Planning Council's Fish and Wildlife Program  

E-Print Network (OSTI)

FINAL 1 Subbasin Assessment Template for the Northwest Power Planning Council's Fish and Wildlife progress. Subbasin assessments provide technical information upon which subbasin plans and other planning but are separate and distinct technical exercises. Assessments help to estimate the resource potential of each

403

Technical Qualification Program Self-Assessment Report- Nevada Field Office- 2014  

Energy.gov (U.S. Department of Energy (DOE))

This self-assessment examined how the Nevada Field Office (NFO) implements the FTCP and TQP as measured by the current FTCP criteria review and approach documents (CRADs) included in the assessment plan. The self-assessment was conducted April 21 May 5, 2014.

404

EA-507; Environmental Assessment and FONSI For The FAA Explosive Detection System Independent Validation And Verification Program INEL  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

07; Environmental Assessment and FONSI For The FAA Explosive 07; Environmental Assessment and FONSI For The FAA Explosive Detection System Independent Validation And Verification Program INEL Table of Contents 1. NEED FOR PROPOSED ACTION 2. DESCRIPTION OF THE PROPOSED ACTION 3. ALTERNATIVES TO PROPOSED ACTION 4. ENVIRONMENTAL IMPACTS OF PROPOSED ACTION 5. CONCLUSIONS/SUMMARY 6. LIST OF PREPARERS 7. REFERENCES APPENDIX I Map of WRRTF APPENDIX II Accident Safety Analysis FINDING OF NO SIGNIFICANT IMPACT FEDERAL AVIATION ADMINISTRATION EXPLOSIVE DETECTION SYSTEM - INDEPENDENT VALIDATION AND VERIFICATION PROGRAM LIST OF FIGURES Page XXX WATER REACTOR RESEARCH TEST FACT 1. NEED FOR PROPOSED ACTION The urgent development, fabrication, and operation of advanced explosive detection systems are needed by the Federal Aviation Agency (FAA) to

405

Semi-annual report of the Department of Energy, Operational Safety, Health and Environment Division, Quality Assessment Program  

SciTech Connect

This report presents the results from the analysis of the 32nd set of environmental quality assessment samples (QAP XXXII) that were received on or before June 5, 1990. This Quality Assessment Program (QAP) is designed to test the quality of the environmental measurements being reported to the Department of Energy by its contractors. Since 1976, real or synthetic environmental samples that have been prepared and thoroughly analyzed at the Environmental Measurements Laboratory (EML) have been distributed at first quarterly and then semi-annually to these contractors. Their results, which are returned to EML within 90 days, are compiled with EML's results and are reported back to the participating contractors 30 days later. A summary of the reported results is available to the participants 3 days after the reporting deadline via a modem-telephone connection to the EML computer. This is the 39th report of this program.

Sanderson, C.G.; Scarpitta, S.C.

1990-07-02T23:59:59.000Z

406

Analysis of vulnerability to facebook users  

Science Journals Connector (OSTI)

Facebook, the largest social network nowadays currently has 901 million active users, with 526 million of them accessing the system daily. With a very rapid growth, Facebook has become a potential site for the collection of personal information by unauthorized ... Keywords: exposure, facebook, social networks, vulnerability

Michelle Hanne; Cristiano Silva; Jussara Almeida; Marcos Gonalves

2012-10-01T23:59:59.000Z

407

WATER AND ENERGY SECTOR VULNERABILITY TO CLIMATE  

E-Print Network (OSTI)

WATER AND ENERGY SECTOR VULNERABILITY TO CLIMATE WARMING IN THE SIERRA NEVADA: Water Year explores the sensitivity of water indexing methods to climate change scenarios to better understand how water management decisions and allocations will be affected by climate change. Many water management

408

Fragile Networks: Identifying Vulnerabilities and Synergies  

E-Print Network (OSTI)

, Efficiency Measurement, and Vulnerability Analysis · Part II: Applications and Extensions · Part III: Mergers the foundations for transportation and logistics, for communication, energy provision, social interactions that underlie our societies and economies are large-scale and complex in nature, they are liable to be faced

Nagurney, Anna

409

Medical University of South Carolina Environmental Hazards Assessment Program annual report, July 1, 1993--June 30, 1994  

SciTech Connect

The Institute of Medicine and the Pew Health Profession Commission have advocated that physicians broaden their participation in the envirorunental aspects of medical care. Accordingly, both organizations recommend training of future primary care physicians for greater competencies and appreciation of this area of medicine. The extent to which family practice educators are receptive to incorporating this topic into the residency curriculum is not known. A national survey of directors of family practice programs was conducted to assess their attitudes about environmental health education in family practice residency training. The ultimate goal of this study was to provide information that will guide the development of an environmental health curriculum for family practice residency programs. Videotapes supporting this program have been indexed individually.

Not Available

1994-09-01T23:59:59.000Z

410

Joint Assessment of Renewable Energy and Water Desalination Research Center (REWDC) Program Capabilities and Facilities In Radioactive Waste Management  

SciTech Connect

The primary goal of this visit was to perform a joint assessment of the Renewable Energy and Water Desalination Center's (REWDC) program in radioactive waste management. The visit represented the fourth technical and scientific interaction with Libya under the DOE/NNSA Sister Laboratory Arrangement. Specific topics addressed during the visit focused on Action Sheet P-05-5, ''Radioactive Waste Management''. The Team, comprised of Mo Bissani (Team Lead), Robert Fischer, Scott Kidd, and Jim Merrigan, consulted with REWDC management and staff. The team collected information, discussed particulars of the technical collaboration and toured the Tajura facility. The tour included the waste treatment facility, waste storage/disposal facility, research reactor facility, hot cells and analytical labs. The assessment team conducted the first phase of Task A for Action Sheet 5, which involved a joint assessment of the Radioactive Waste Management Program. The assessment included review of the facilities dedicated to the management of radioactive waste at the Tourja site, the waste management practices, proposed projects for the facility and potential impacts on waste generation and management.

Bissani, M; Fischer, R; Kidd, S; Merrigan, J

2006-04-03T23:59:59.000Z

411

Environmental Assessment Proposed Changes to the Sanitary Biosolids Land Application Program on the Oak Ridge Reservation Oak Ridge, Tennessee  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

56 56 Environmental Assessment Proposed Changes to the Sanitary Biosolids Land Application Program on the Oak Ridge Reservation Oak Ridge, Tennessee February 2003 U.S. Department of Energy Oak Ridge Operations i ACRONYMS AND ABBREVIATIONS ac acres ALARA as low as reasonably achievable AMSA American Metropolitan Sewer Association CEQ Council on Environmental Quality CSF cancer slope factor DOE U.S. Department of Energy EA environmental assessment EFPC East Fork Poplar Creek EPA U.S. Environmental Protection Agency EPS Effluent Polishing System (West End Treatment Facility) FONSI Finding of No Significant Impact g gram ha hectares HEAST Health Effects Assessment Summary Tables HI hazard index HQ hazard quotient IDP Industrial Discharge Permit IRIS Integrated Risk Information System kg kilogram

412

V-177: VMware vCenter Chargeback Manager File Upload Handling Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

177: VMware vCenter Chargeback Manager File Upload Handling 177: VMware vCenter Chargeback Manager File Upload Handling Vulnerability V-177: VMware vCenter Chargeback Manager File Upload Handling Vulnerability June 13, 2013 - 6:00am Addthis PROBLEM: vCenter Chargeback Manager Remote Code Execution PLATFORM: VMware vCenter Chargeback Manager 2.x ABSTRACT: The vCenter Chargeback Manager contains a critical vulnerability that allows for remote code execution REFERENCE LINKS: Secunia Advisory SA53798 VMWare Security Advisory VMSA-2013-0008 CVE-2013-3520 IMPACT ASSESSMENT: Medium DISCUSSION: The vCenter Chargeback Manager (CBM) contains a flaw in its handling of file uploads. Exploitation of this issue may allow an unauthenticated attacker to execute code remotely. IMPACT: System Access SOLUTION: Vendor recommends updating to version 2.5.1

413

E-Print Network 3.0 - assessment program annual Sample Search...  

NLE Websites -- All DOE Office Websites (Extended Search)

Data in Your Program Review... Creativity: Student Writing Showcase Judith Chitwood Creativity: Dance ... Source: Kostic, Milivoje M. - Department of Mechanical Engineering,...

414

Assessing Residents in a Nuclear Medicine Physician Training Program: The Philippine Experience  

Science Journals Connector (OSTI)

Like any similar training programs in nuclear medicine, the objective of nuclear medicine physician training in the Philippines setting ... in image interpretation, therapy procedures, molecular imaging research,...

Thomas N. B. Pascual; Jerry M. Obaldo; Teofilo O. L. San Luis Jr.

2012-01-01T23:59:59.000Z

415

E-Print Network 3.0 - assessment programs standards Sample Search...  

NLE Websites -- All DOE Office Websites (Extended Search)

standards. ... Source: Australian National University, Department of Engineering, Solar Energy Program Collection: Renewable Energy ; Engineering Page: << < 1 2 3 4 5 > >>...

416

Chemical Safety Vulnerability Working Group report. Volume 2  

SciTech Connect

The Chemical Safety Vulnerability (CSV) Working Group was established to identify adverse conditions involving hazardous chemicals at DOE facilities that might result in fires or explosions, release of hazardous chemicals to the environment, or exposure of workers or the public to chemicals. A CSV Review was conducted in 148 facilities at 29 sites. Eight generic vulnerabilities were documented related to: abandoned chemicals and chemical residuals; past chemical spills and ground releases; characterization of legacy chemicals and wastes; disposition of legacy chemicals; storage facilities and conditions; condition of facilities and support systems; unanalyzed and unaddressed hazards; and inventory control and tracking. Weaknesses in five programmatic areas were also identified related to: management commitment and planning; chemical safety management programs; aging facilities that continue to operate; nonoperating facilities awaiting deactivation; and resource allocations. Volume 2 consists of seven appendices containing the following: Tasking memorandums; Project plan for the CSV Review; Field verification guide for the CSV Review; Field verification report, Lawrence Livermore National Lab.; Field verification report, Oak Ridge Reservation; Field verification report, Savannah River Site; and the Field verification report, Hanford Site.

Not Available

1994-09-01T23:59:59.000Z

417

V-057: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: eXtplorer "ext_find_user()" Authentication Bypass 7: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability V-057: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability December 28, 2012 - 6:00am Addthis PROBLEM: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability PLATFORM: eXtplorer 2.x ABSTRACT: A vulnerability has been reported in eXtplorer, which can be exploited by malicious people to bypass certain security restrictions. REFERENCE LINKS: Secunia Advisory SA51636 eXtplorer 2.1.3 Security Release IMPACT ASSESSMENT: Medium DISCUSSION: eXtplorer was notified of a problem within the authentication system of eXtplorer Versions 2.1.2, 2.1.1, 2.1.0 and 2.1.0RC5 that have been found to be vulnerable to an authentication bypass bug. IMPACT: An error within the "ext_find_user()" function in users.php can be

418

Technical Qualification Program Self-Assessment Report- Los Alamos Field Office- 2014  

Energy.gov (U.S. Department of Energy (DOE))

This self-assessment for the Verification of the Closure of Federal Training & Qualification Deficiencies was conducted to provide Los Alamos Field Office (NA-LA) management specific information related to effectiveness of the closure actions for Federal Training and Qualification (T &Q) deficiencies identified by a recent self-assessment and by a CDNS Biennial review. The conclusion of this assessment is that most deficiencies have corrective actions assigned that are effectively completed and adequately documented.

419

Save Energy Now Assessment Helps Expand Energy Management Program at Shaw Industries  

Energy.gov (U.S. Department of Energy (DOE))

This case study details how a DOE energy assessment helped Shaw Industries identify significant energy savings opportunities in their Dalton, Georgia, plant's steam system.

420

Factors Affecting the Acceptance and Application of Developmental Feedback from an Executive Assessment Program.  

E-Print Network (OSTI)

??Developmental assessment centers are designed to give participants feedback about their behavior relative to success in senior management. In the current study a theoretical model (more)

Byham, Tacy M.

2005-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


421

E-Print Network 3.0 - assessment program fiscal Sample Search...  

NLE Websites -- All DOE Office Websites (Extended Search)

The effectiveness of fiscal stimulus cannot be assessed independently of the medium-term fis- cal outlook. Given... Debt consolidation and fiscal stabilization of deep recessions...

422

Fire Protection Program Assessment, Building 9203 & 9203A Complex- Y12 Plant, Oak Ridge, Tennessee  

Energy.gov (U.S. Department of Energy (DOE))

This assessment is intended to evaluate the fire hazards, life safety and fire protection features inherent in the Building 9203 and 9203A complex.

423

T-597: WordPress Multiple Security Vulnerabilities | Department...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

7: WordPress Multiple Security Vulnerabilities T-597: WordPress Multiple Security Vulnerabilities April 7, 2011 - 5:42am Addthis PROBLEM: WordPress is prone to multiple security...

424

V-041: Red Hat CloudForms Multiple Vulnerabilities | Department...  

Energy Savers (EERE)

V-041: Red Hat CloudForms Multiple Vulnerabilities V-041: Red Hat CloudForms Multiple Vulnerabilities December 6, 2012 - 4:01am Addthis PROBLEM: Red Hat CloudForms Multiple...

425

IVF: characterizing the vulnerability of microprocessor structures to intermittent faults  

Science Journals Connector (OSTI)

With the advancement of CMOS manufacturing process to nano-scale, future shipped microprocessors will be increasingly vulnerable to intermittent faults. Quantitatively characterizing the vulnerability of microprocessor structures to intermittent faults ...

Songjun Pan; Yu Hu; Xiaowei Li

2010-03-01T23:59:59.000Z

426

U-186: IBM WebSphere Sensor Events Multiple Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE))

Some vulnerabilities have unknown impacts and others can be exploited by malicious people to conduct cross-site scripting attacks.

427

Aeronautical System Center's environmental compliance assessment and management program's cost-saving initiatives support the Air Force's acquisition reform initiative  

SciTech Connect

The Environmental Management directorate of ASC (ASC/EM) has the responsibility of providing government oversight for the Government Owned Contractor Operated Aircraft and Missile plants (GOCOs). This oversight is manifested as a landlord role where Air Force provides the funding required to maintain the plant facilities including buildings and utilities as well as environmental systems. By agreement the companies operating the plants are required to operate them in accordance with environmental law. Presently the GOCOs include Air Force Plant (AFP) 6 in Marietta Ga., AFP 4 in Fort Worth, Tx., AFP 44 in Tucson, Az., AFP 42 in Palmdale, Ca., and AFP PJKS in Denver, Co. Lockheed Martin corporation operates AFPs 4,6, PJKS and a portion of AFP 42 while AFP 44 is operated by Raytheon Missile Systems Company. Other GOCOs at AFP 42 are Northrup-Grumman, Boeing, and Cabaco, the facilities engineer. Since 1992 the Environmental Management division has conducted its Environmental Compliance Assessment and Management Program assessments (ECAMP) annually at each of the plants. Using DOD's ECAMP Team Guide and teams comprised of both Air Force and consultant engineering personnel, each plant is assessed for its environmental compliance well being. In the face of rising operational costs and diminishing budgets ASC/EM performed a comprehensive review of its ECAMP. As a result, the basic ECAMP program was improved to reduce costs without compromising on quality of the effort. The program retained its emphasis in providing a snap-shot evaluation of each Air Force plant's environmental compliance health supported by complete but tailored protocol assessments.

Meanor, T.

1999-07-01T23:59:59.000Z

428

EPA`s program for risk assessment guidelines: Cancer classification issues  

SciTech Connect

Issues presented are related to classification of weight of evidence in cancer risk assessments. The focus in this paper is on lines of evidence used in constructing a conclusion about potential human carcinogenicity. The paper also discusses issues that are mistakenly addressed as classification issues but are really part of the risk assessment process. 2 figs.

Wiltse, J. [Environmental Protection Agency, Washington, DC (United States)

1990-12-31T23:59:59.000Z

429

Wind resource assessment handbook: Fundamentals for conducting a successful monitoring program  

SciTech Connect

This handbook presents industry-accepted guidelines for planning and conducting a wind resource measurement program to support a wind energy feasibility initiative. These guidelines, which are detailed and highly technical, emphasize the tasks of selecting, installing, and operating wind measurement equipment, as well as collecting and analyzing the associated data, once one or more measurement sites are located. The handbook's scope encompasses state-of-the-art measurement and analysis techniques at multiple heights on tall towers (e.g., 40 m) for a measurement duration of at least one year. These guidelines do not represent every possible method of conducting a quality wind measurement program, but they address the most important elements based on field-proven experience. The intended audience for this handbook is any organization or individual who desires the planning framework and detailed procedures for conducting a formally structured wind measurement program. Personnel from the management level to field technicians will find this material applicable. The organizational aspects of a measurement program, including the setting of clear program objectives and designing commensurate measurement and quality assurance plans, all of which are essential to ensuring the program's successful outcome, are emphasized. Considerable attention is also given to the details of actually conducting the measurement program in its many aspects, from selecting instrumentation that meets minimum performance standards to analyzing and reporting on the collected data. 5 figs., 15 tabs.

Bailey, B.H.; McDonald, S.L.; Bernadett, D.W.; Markus, M.J.; Elsholz, K.V. [AWS Scientific, Inc., Albany, NY (US)

1997-04-01T23:59:59.000Z

430

Assessment of cost savings of DOE's return-on-investment program  

SciTech Connect

The U.S. Department of Energy (DOE) Office of Pollution Prevention (EM-77) created is successful internally competed program to fund innovative projects based on projected returns. This is called the Return-on-Investment (ROI) program. EM-77 conducted a successful ROI pilot, developed and implemented sound management practices, and successfully transferred the program to several Operations Offices. Over the past 4 years sites have completed 262 ROI projects (costing $18.8 million) with claimed first-year savings of $88 million and claimed life cycle savings exceeding $300 million. EM-77 requested that Oak Ridge National Laboratory perform an independent evaluation of the site-led, DOE-HQ-funded pollution prevention (P2) ROI program to assist the Department in determining whether claimed savings are real.

Yuracko, K.L.; Tonn, B.; Morris, M.

1999-08-01T23:59:59.000Z

431

Technical Qualification Program Self-Assessment Report- Livermore Field Office- 2013  

Energy.gov (U.S. Department of Energy (DOE))

The purpose of the Livermore Field Office (LFO) Teclmical Qualification Program (TQP) is to ensure that federal teclmical personnel with safety oversight responsibilities at defense nuclear facilities at Lawrence Livermore National Laboratory possess competence commensurate with responsibilities.

432

US Department of Energy State Coupled Resource Assessment Program. Final report for FY 1983  

SciTech Connect

The State Coupled Program has been instrumental in identifying low- and moderate-temperature geothermal resources throughout the nation. In several cases, such as Pagosa Springs, Colorado, development has taken place that would not have occurred without the program. Twenty-two maps depicting geothermal resources have raised the profile of this alternative energy. Numerous reports produced within each state have transferred the data compiled to public and technical audiences.

Foley, D.,

1984-01-01T23:59:59.000Z

433

JC3 High Impact Assessment Bulletins  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

high-impact-assessment-bulletins high-impact-assessment-bulletins Office of the Chief Information Officer 1000 Independence Ave., SW Washington, DC 202-586-0166 en V-215: NetworkMiner Directory Traversal and Insecure Library Loading Vulnerabilities http://energy.gov/cio/articles/v-215-networkminer-directory-traversal-and-insecure-library-loading-vulnerabilities vulnerabilities" class="title-link">V-215: NetworkMiner Directory Traversal and Insecure Library Loading Vulnerabilities

434

Annual Coded Wire Tag Program; Oregon Stock Assessment, 2000 Annual Report.  

SciTech Connect

This annual report is in fulfillment of contract obligations with Bonneville Power Administration which is the funding source for the Oregon Department of Fish and Wildlife's Annual Stock Assessment - Coded Wire Tag Program (ODFW) Project. Tule stock fall chinook were caught primarily in British Columbia and Washington ocean, and Columbia Basin fisheries. Up-river bright stock fall chinook contributed primarily to Alaska and British Columbia ocean commercial, Columbia Basin gillnet and freshwater sport fisheries. Contribution of Rogue stock fall chinook released in the lower Columbia River occurred primarily in Oregon ocean commercial, Columbia Basin gillnet and freshwater sport fisheries. Willamette stock spring chinook contributed primarily to Alaska and British Columbia ocean, and Columbia Basin sport fisheries. Willamette stock spring chinook released by CEDC contributed to similar ocean fisheries, but had much higher catch in Columbia Basin gillnet fisheries than the same stocks released in the Willamette Basin. Up-river stocks of spring chinook contributed almost exclusively to Columbia Basin fisheries. The up-river stocks of Columbia River summer steelhead contributed almost exclusively to the Columbia Basin gillnet and freshwater sport fisheries. Coho ocean fisheries from Washington to California were closed or very limited from 1994 through 1999 (1991 through 1996 broods). This has resulted in a lower percent of catch in Washington, Oregon and California ocean fisheries, and a higher percent of catch in Alaska and British Columbia ocean and Columbia Basin freshwater fisheries. Coho stocks released by ODFW below Bonneville Dam were caught mainly in Oregon, Washington, and British Columbia ocean, Columbia Gillnet and freshwater sport fisheries. Coho stocks released in the Klaskanine River and Youngs Bay area had similar ocean catch distributions, but a much higher percent catch in gillnet fisheries than the other coho releases. Ocean catch distribution of coho stocks released above Bonneville Dam was similar to the other coho groups. However, they had a higher percent catch in gillnet fisheries above Bonneville Dam than coho released below the dam. Survival rates of salmon and steelhead are influenced, not only by factors in the hatchery (disease, density, diet, size and time of release) but also by environmental factors in the river and ocean. These environmental factors are influenced by large scale oceanic and weather patterns such as El Nino. Changes in rearing conditions in the hatchery do impact survival, however, these can be offset by impacts caused by environmental factors. Coho salmon released in the Columbia River generally experience better survival rates when released later in the spring. However, for the 1990 brood year June releases of Columbia River coho had much lower survival than May releases, for all ODFW hatcheries. In general survival of ODFW Columbia River hatchery coho has declined to low levels in recent years. Preliminary results from the evaluation of Visual Implant Elastomer (VIE) tags showed tagging rate and pre-release tag retention improved from the first to second years of tagging. Tagging rate remained identical from 1999 to 2000 while pre-release tag retention dropped to 95%. Returning jack and adult salmon were sampled for CWT and VIE tags in the fall of 2000. Of 606 adults recovered at Sandy Fish Hatchery in 2000, only 1 or 0.2%, retained their VIE tag. Of 36 jacks recovered in 2000, 13 or 36.1% retained their VIE tag.

Lewis, Mark; Mallette, Christine; Murray, William

2002-03-01T23:59:59.000Z

435

Semi-annual report of the Department of Energy Office of Environmental Management quality assessment program  

SciTech Connect

This report presents the results from the soil inorganic analysis of the 45th set of environmental quality assessment samples (QAP XLV) that were received on or before December 2, 1996.

Sanderson, C.G.; Greenlaw, P.

1997-01-01T23:59:59.000Z

436

Assessing the Costs and Benefits of the Superior Energy Performance Program  

Energy.gov (U.S. Department of Energy (DOE))

This paper focuses on the business value of Superior Energy Performance (SEP) and ISO 50001, providing an assessment of the costs and benefits associated with SEP implementation at nine SEP-certified facilities across a variety of industrial sectors.

437

Enhanced Geothermal Systems (EGS) R&D Program: US Geothermal Resources Review and Needs Assessment  

SciTech Connect

The purpose of this report is to lay the groundwork for an emerging process to assess U.S. geothermal resources that might be suitable for development as Enhanced Geothermal Systems (EGS). Interviews of leading geothermists indicate that doing that will be intertwined with updating assessments of U.S. higher-quality hydrothermal resources and reviewing methods for discovering ''hidden'' hydrothermal and EGS resources. The report reviews the history and status of assessment of high-temperature geothermal resources in the United States. Hydrothermal, Enhanced, and Hot Dry Rock resources are addressed. Geopressured geothermal resources are not. There are three main uses of geothermal resource assessments: (1) They inform industry and other interest parties of reasonable estimates of the amounts and likely locations of known and prospective geothermal resources. This provides a basis for private-sector decisions whether or not to enter the geothermal energy business at all, and for where to look for useful resources. (2) They inform government agencies (Federal, State, local) of the same kinds of information. This can inform strategic decisions, such as whether to continue to invest in creating and stimulating a geothermal industry--e.g., through research or financial incentives. And it informs certain agencies, e.g., Department of Interior, about what kinds of tactical operations might be required to support such activities as exploration and leasing. (3) They help the experts who are performing the assessment(s) to clarify their procedures and data, and in turn, provide the other two kinds of users with a more accurate interpretation of what the resulting estimates mean. The process of conducting this assessment brings a spotlight to bear on what has been accomplished in the domain of detecting and understanding reservoirs, in the period since the last major assessment was conducted.

Entingh, Dan; McLarty, Lynn

2000-11-30T23:59:59.000Z

438

Western Water Assessment White Paper No. 9  

E-Print Network (OSTI)

University of Colorado Boulder, Colo. July 2011 Research supported by the Western Water Assessment #12;LISTWestern Water Assessment Western Water Assessment White Paper No. 9 ASSESSING MEASURES OF DROUGHT;Western Water Assessment White Paper No. 9 ASSESSING MEASURES OF DROUGHT IMPACT AND VULNERABILITY

Neff, Jason

439

Vulnerability assessment of water supply systems for insufficient fire flows  

E-Print Network (OSTI)

and Data Acquisition (SCADA) systems. Generally speaking, SCADA systems are the monitoring and control systems in the utility industries which help in operating the water system components with proper timing and sequence, measuring water quality... parameters, etc., without physically accessing the network. Thus, SCADA systems can reduce operating cost for a water utility and thereby increase a water system?s efficiency. The proposed hardening methodology of the water supply system was based...

Kanta, Lufthansa Rahman

2009-05-15T23:59:59.000Z

440

Semi-annual report of the Department of Energy, Office of Environmental Restoration and Waste Management, Quality Assessment Program  

SciTech Connect

This Quality Assessment Program (QAP) is designed to test the quality of the environmental measurements being reported to the Department of Energy by its contractors. Since 1976. real or synthetic environmental samples that have been prepared and thoroughly analyzed at the Environmental Measurements Laboratory (EML) have been distributed at first quarterly and then semi-annually to these contractors. Their results, which are returned to EML within 90 days, are compiled with EML`s results and are reported back to the participating contractors 30 days later. A summary of the reported results is available to the participants 3 days after the reporting deadline via a modem-telephone connection to the EML computer. This is the 42nd report of this program.

Sanderson, C.G.; Klusek, C.S.

1993-01-04T23:59:59.000Z

Note: This page contains sample records for the topic "vulnerability assessment programs" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


441

Semi-annual report of the Department of Energy, Office of Environmental Restoration and Waste Management, Quality Assessment Program  

SciTech Connect

This Quality Assessment Program (QAP) is designed to test the quality of the environmental measurements being reported to the Department of Energy by its contractors. Since 1976. real or synthetic environmental samples that have been prepared and thoroughly analyzed at the Environmental Measurements Laboratory (EML) have been distributed at first quarterly and then semi-annually to these contractors. Their results, which are returned to EML within 90 days, are compiled with EML's results and are reported back to the participating contractors 30 days later. A summary of the reported results is available to the participants 3 days after the reporting deadline via a modem-telephone connection to the EML computer. This is the 42nd report of this program.

Sanderson, C.G.; Klusek, C.S.

1993-01-04T23:59:59.000Z

442

Semi-annual report of the Department of Energy, Office of Environmental Restoration and Waste Management, Quality Assessment Program  

SciTech Connect

This report presents the results from the analysis of the 36th set of environmental quality assessment samples (QAP 36) that were received on or before January 2, 1992. This Quality Assessment Program (QAP) is designed to test the quality of the environmental measurements being reported to the Department of Energy by its contractors. Since 1976, real or synthetic environmental samples that have been prepared and thoroughly analyzed at the Environmental Measurements Laboratory (EML) have been distributed at first quarterly and then semi-annually to these contractors. Their results, which are returned to EML within 90 days, are complied with EML`s results and are reported back to the participating contractors 30 days later. A summary of the reported results is available to the participants 3 days after the reporting deadline via a modem-telephone connection to the EML computer.

Sanderson, C.G.; Scarpitta, S.C.

1992-07-01T23:59:59.000Z

443

Semi-annual report of the Department of Energy, Operational Safety, Health and Environment Division: Quality assessment program  

SciTech Connect

This report presents the results from the analysis of the 28th set of environmental quality assessment samples (QAP XXVIII) that were received on or before June 7, 1988. This Quality Assessment Program (QAP) is designed to test the Quality of the environmental measurements being reported to the Department of Energy by its contractors. Since 1976, real or synthetic environmental samples that have been prepared and thoroughly analyzed at the Environmental Measurements Laboratory (EML) have been distributed, at first Quarterly and then semiannually to these contractors. Their results, which are returned to EML within 90 days, are compiled with EML's results and are reported back to the participation contractors 30 days later. A summary of the reported results is available to the participants 3 days after the reporting deadline via a modem-telephone connection to the EML computer.

Sanderson, C.G.; Feiner, M.S.

1988-07-01T23:59:59.000Z

444

Semi-annual report of the Department of Energy, Operational Safety, Health and Environment Division: Quality assessment program  

SciTech Connect

This report presents the results from the analysis of the 27th set of environmental quality assessment samples (QAP XXVII) that were received on or before December 3, 1987. This Quality Assessment Program (QAP) is designed to test the Quality of the environmental measurements being reported to the Department of Energy by its contractors. Since 1976, real or synthetic environmental samples that have been prepared and thoroughly analyzed at the Environmental Measurements Laboratory (EML) have been distributed, at first Quarterly and then semi-annually to these contractors. Their results, which are returned to EML within 90 days, are compiled with EML's results and are reported back to the participation contractors 30 days later. A summary of the reported results is available to the participants 3 days after the reporting deadline via a modem-telephone connection to the EML computer.

Sanderson, C.G.; Feiner, M.S.

1988-01-04T23:59:59.000Z

445

Semi-annual report of the Department of Energy, Office of Environmental Restoration and Waste Management, Quality Assessment Program  

SciTech Connect

This report presents the results from the analysis of the 36th set of environmental quality assessment samples (QAP 36) that were received on or before January 2, 1992. This Quality Assessment Program (QAP) is designed to test the quality of the environmental measurements being reported to the Department of Energy by its contractors. Since 1976, real or synthetic environmental samples that have been prepared and thoroughly analyzed at the Environmental Measurements Laboratory (EML) have been distributed at first quarterly and then semi-annually to these contractors. Their results, which are returned to EML within 90 days, are complied with EML's results and are reported back to the participating contractors 30 days later. A summary of the reported results is available to the participants 3 days after the reporting deadline via a modem-telephone connection to the EML computer.

Sanderson, C.G.; Scarpitta, S.C.

1992-07-01T23:59:59.000Z

446

Semi-annual report of the Department of Energy, Office of Environmental Restoration and Waste Management, Quality Assessment Program  

SciTech Connect

This Quality Assessment Program (QAP) is designed to test the quality of the environmental measurements being reported to the Department of Energy by its contractors. Since 1976, real or synthetic environmental samples that have been prepared and thoroughly analyzed at the Environmental Measurements Laboratory (EML) have been distributed at first quarterly and then semi-annually to these contractors. Their results, which are returned to EML within 90 days, are compiled with EML`s results and are reported back to the participating contractors 30 days later. A summary of the reported results is available to the participants 3 days after the reporting deadline via a modem-telephone connection to the EML computer. This report presents the results from the analysis of the 38th set of environmental quality assessment samples (QAP XXXVIII) that were received on or before June 2, 1993.

Sanderson, C.G.; Klusek, C.S.

1993-07-01T23:59:59.000Z

447

Programming  

NLE Websites -- All DOE Office Websites (Extended Search)

provided on the Cray systems at NERSC. The Programming Environment is managed by a meta-module named similar to "PrgEnv-gnu4.6". The "gnu" indicates that it is providing the GNU...

448

Environmental Assessment and Finding of No Significant Impact: Implementation of the Wetland Mitigation Bank Program at the Savannah River Site  

SciTech Connect

The Department of Energy (DOE) has prepared an environmental assessment (EA) (DOE/EA-1205) for the proposed implementation of a wetland mitigation bank program at the Savannah River Site (SRS), located near Aiken, South Carolina. Based on the analyses in the EA, DOE has determined that the proposed action is not a major Federal action significantly affecting the quality of the human environment within the meaning of the National Environmental Policy Act of 1969 (NEPA). Therefore, the preparation of an environmental impact statement (EIS) is not required, and DOE is issuing this Finding of No Significant Impact (FONSI) and Floodplain Statement of Findings.

N /A

1999-04-28T23:59:59.000Z

449

Preliminary assessment of the Louisiana Home Energy Rebate Offer program using IPMVP guidelines  

Science Journals Connector (OSTI)

The Louisiana Home Energy Rebate Offer (HERO) is a residential energy conservation program established in 1999 to provide rebates for qualified applicants to build new homes that are more energy efficient or improve the energy efficiency of existing homes. Energy conservation programs require careful evaluation because of the high cost to implement the measures and the expectation that they will reduce energy use. The purpose of this paper is to demonstrate that residential energy conservation measures in a hot and humid climate can be evaluated using the International Performance Measurement and Verification Protocol (IPMVP), a best practice methodology commonly used in industrial and commercial performance-based contracts, but rarely, if ever, applied to residential programs. Using a random sample of 60 HERO participants, we were able to construct statistically significant electricity consumption baseline models for 90% of households. We determined that more than half of the sample participants consumed more electricity after their efficiency improvement, with an average net household savings of 172kWh/yr, about 1% pre-retrofit consumption. A description of the baseline model construction, preliminary program evaluation, and recommendations are provided. All program conclusions are considered preliminary until a larger and more comprehensive study is conducted.

Mark J. Kaiser; Allan G. Pulsipher

2010-01-01T23:59:59.000Z

450

Information resources for assessing health effects from chemical exposure: Office of pesticides programs  

SciTech Connect

The US Environmental Protection Agency (EPA) Office of Pesticide Programs is trying to develop a complete picture of a chemical`s toxicity and exposure profile. It is also important to share information in the office`s files because of pesticides, particularly as a consequence of agricultural use, find their way into places not necessarily intended.

Fenner-Crisp, P. [Environmental Protection Agency, Washington, DC (United States)

1990-12-31T23:59:59.000Z

451

Assessing the economic revitalization impact of urban design improvements: the Texas Main Street Program  

E-Print Network (OSTI)

, the number of sales tax permits, the retail sales volume, and the commercial property values were compared for the same time period among three categories of cities: those active in the Main Street Program, those formerly active but now inactive, and those...

Ozdil, Taner Recep

2007-09-17T23:59:59.000Z

452

Water assessment of Heber commercial Geothermal Development program, Imperial County, California (Section 13C)  

SciTech Connect

The U.S. Water Resources Council, at the request of the U.S. Department of Energy, conducted an assessment of water needs, water availability and water resources impacts for the proposed 45 MWe Heber Binary Geothermal Demonstration Project in Imperial County, California.

Not Available

1981-01-01T23:59:59.000Z

453

Technical Qualification Program Self-Assessment Report- NNSA Production Office- 2014  

Energy.gov (U.S. Department of Energy (DOE))

In preparation for the upcoming Chief for Defense Nuclear Safety (CDNS) review, a self-assessment of NNSA Production Office (NPO) oversight of the B&W Pantex Plant and the Y-12 National Security Complex was completed from October 2013 January 2014. The scope included all available CDNS Criteria, Review, and Approach Documents (CRADS) identified as of September 2013.

454

Technical Qualification Program Self-Assessment Report- Savannah River Operations Office- 2010  

Energy.gov (U.S. Department of Energy (DOE))

A set of disciplined Criteria, Review, and Approach Documents (CRADs) were developed by the Team Leader utilizing criteria and objectives provided on the FTCP website. Specific "lines of inquiry" were tailored to the organization and assessment processes of the DOE-SR.

455

Healthy Home Assessment Program: The Wampanoag Environmental Life Learning (W.E.L.L.)  

E-Print Network (OSTI)

(chemistry) and an M.S. from Harvard University (organic chemistry). Connie May was an English teacher health hazards and conducting indoor environmental assessments to public and non-profit organizations known speaker, he is author or co-author of four books on indoor air quality - published by Johns

456

Environmental assessment of a BOF steel slag used in road construction: The ECLAIR research program  

E-Print Network (OSTI)

1 Environmental assessment of a BOF steel slag used in road construction: The ECLAIR research and to the lack of environmental regulations. This study aimed at investigating the potential release and impact of pollutants, especially Cr and V that are present in rather high concentrations in slag, from a BOF slag used

Boyer, Edmond

457

ORNL results for Test Case 1 of the International Atomic Energy Agency`s research program on the safety assessment of Near-Surface Radioactive Waste Disposal Facilities  

SciTech Connect

The International Atomic Energy Agency (IAEA) started the Coordinated Research Program entitled ```The Safety Assessment of Near-Surface Radioactive Waste Disposal Facilities.`` The program is aimed at improving the confidence in the modeling results for safety assessments of waste disposal facilities. The program has been given the acronym NSARS (Near-Surface Radioactive Waste Disposal Safety Assessment Reliability Study) for ease of reference. The purpose of this report is to present the ORNL modeling results for the first test case (i.e., Test Case 1) of the IAEA NSARS program. Test Case 1 is based on near-surface disposal of radionuclides that are subsequently leached to a saturated-sand aquifer. Exposure to radionuclides results from use of a well screened in the aquifer and from intrusion into the repository. Two repository concepts were defined in Test Case 1: a simple earth trench and an engineered vault.

Thorne, D.J.; McDowell-Boyer, L.M.; Kocher, D.C.; Little, C.A. [Oak Ridge National Lab., Grand Junction, CO (United States); Roemer, E.K. [Oak Ridge Inst. for Science and Education, TN (United States)

1993-07-01T23:59:59.000Z

458

Repository Integration Program: RIP performance assessment and strategy evaluation model theory manual and user`s guide  

SciTech Connect

This report describes the theory and capabilities of RIP (Repository Integration Program). RIP is a powerful and flexible computational tool for carrying out probabilistic integrated total system performance assessments for geologic repositories. The primary purpose of RIP is to provide a management tool for guiding system design and site characterization. In addition, the performance assessment model (and the process of eliciting model input) can act as a mechanism for integrating the large amount of available information into a meaningful whole (in a sense, allowing one to keep the ``big picture`` and the ultimate aims of the project clearly in focus). Such an integration is useful both for project managers and project scientists. RIP is based on a `` top down`` approach to performance assessment that concentrates on the integration of the entire system, and utilizes relatively high-level descriptive models and parameters. The key point in the application of such a ``top down`` approach is that the simplified models and associated high-level parameters must incorporate an accurate representation of their uncertainty. RIP is designed in a very flexible manner such that details can be readily added to various components of the model without modifying the computer code. Uncertainty is also handled in a very flexible manner, and both parameter and model (process) uncertainty can be explicitly considered. Uncertainty is propagated through the integrated PA model using an enhanced Monte Carlo method. RIP must rely heavily on subjective assessment (expert opinion) for much of its input. The process of eliciting the high-level input parameters required for RIP is critical to its successful application. As a result, in order for any project to successfully apply a tool such as RIP, an enormous amount of communication and cooperation must exist between the data collectors, the process modelers, and the performance. assessment modelers.

NONE

1995-11-01T23:59:59.000Z

459

Assessment of Building Energy-Saving Policies and Programs in China During the 11th Five Year Plan  

SciTech Connect

China's 11th Five-Year Plan (FYP) sets an ambitious target to reduce the energy intensity per unit of gross domestic product (GDP) by 20% from 2005 to 2010 (NDRC, 2006). In the building sector, the primary energy-saving target allocated during the 11 FYP period is 100 Mtce. Savings are expected to be achieved through the strengthening of enforcement of building energy efficiency codes, existing building retrofits and heat supply system reform, followed by energy management of government office buildings and large scale public buildin