Lucene search
K

2021 matches found

OpenVAS
OpenVAS
added 2009/09/02 12:0 a.m.36 views

Fedora Core 11 FEDORA-2009-9044 (kernel)

The remote host is missing an update to kernel announced via advisory FEDORA-2009-9044. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

7.8CVSS7.1AI score0.14749EPSS
Exploits28References6
NVD
NVD
added 2009/08/14 3:16 p.m.16 views

CVE-2009-2691

The mmformaps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read 1 maps and 2 smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition...

2.1CVSS7AI score0.00393EPSS
Exploits1References17
Cvelist
Cvelist
added 2009/08/14 3:0 p.m.18 views

CVE-2009-2691

The mmformaps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read 1 maps and 2 smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition...

6.9AI score0.00393EPSS
Exploits1References17
CVE
CVE
added 2009/08/14 3:0 p.m.90 views

CVE-2009-2691

CVE-2009-2691 affects the Linux kernel (2.6.30.4 and earlier) via the mm_for_maps path in fs/proc/base.c, allowing a local attacker to read maps and smaps files under /proc during ELF loading for a setuid process, due to a race condition. Impact is information exposure (maps/smaps); exploitation ...

2.1CVSS6.3AI score0.00393EPSS
Exploits1References17Affected Software1
seebug.org
seebug.org
added 2009/08/12 12:0 a.m.33 views

Linux Kernel 'fs/proc/base.c'本地信息泄漏漏洞

Bugraq ID: 36019 CVE ID:CVE-2009-2691 Linux是一款开放源代码的操作系统。 fs/proc/base.c文件包含的"mmformaps"函数存在错误,攻击者可以利用这个漏洞在setuid进程启动时从"/proc"文件系统中获得"maps"和"smaps"文件的内容信息。造成敏感信息泄漏。 Linux kernel 2.6.31 -rc3 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secur...

2.1CVSS7AI score0.00393EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2009/08/10 12:0 a.m.30 views

CVE-2009-2691

The mmformaps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read 1 maps and 2 smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition...

2.1CVSS5.9AI score0.00393EPSS
Exploits1References1
myhack58
myhack58
added 2009/08/09 12:0 a.m.17 views

Ordinary users by udev vulnerability to elevate to root permissions demo-vulnerability warning-the black bar safety net

Recently exposed by the udev permissions hint of vulnerability, as long as with normal user permissions, you can elevate to root privileges, the experiment a handful, really easy to upgrade. Put the following code saved as test. sh file !/ bin/sh Linux 2.6 bug found by Sebastian Krahmer lame splo...

0.2AI score
Exploits0
Snyk
Snyk
added 2009/07/17 4:30 p.m.2 views

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition. Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LDBINDNOW to 1, and then calling execv on the...

8.4CVSS7AI score0.00736EPSS
Exploits6References2
Prion
Prion
added 2009/07/09 4:30 p.m.20 views

Design/Logic Flaw

Unspecified vulnerability in the proc filesystem in Sun OpenSolaris snv49 through snv109 allows local users to cause a denial of service deadlock and panic via unknown vectors, related to the ldtrewritesyscall function...

4.9CVSS6.8AI score0.00268EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2009/07/09 4:30 p.m.20 views

CVE-2009-2387

Unspecified vulnerability in the proc filesystem in Sun OpenSolaris snv49 through snv109 allows local users to cause a denial of service deadlock and panic via unknown vectors, related to the ldtrewritesyscall function...

4.9CVSS6.2AI score0.00268EPSS
Exploits0References2
Cvelist
Cvelist
added 2009/07/09 4:0 p.m.25 views

CVE-2009-2387

Unspecified vulnerability in the proc filesystem in Sun OpenSolaris snv49 through snv109 allows local users to cause a denial of service deadlock and panic via unknown vectors, related to the ldtrewritesyscall function...

6.2AI score0.00268EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2009/07/01 12:0 a.m.64 views

kernel security and bug fix update

2.6.9-89.0.3.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race avoidanc...

7.8CVSS1.6AI score0.33491EPSS
Exploits6
Oracle linux
Oracle linux
added 2009/06/17 12:0 a.m.68 views

kernel security and bug fix update

2.6.18-128.1.14.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki,Guru Anbalagane orabug 6045759 - MM shrink zone patch John Sobecki,Chris Mason orabug 6086839 - NET Add xen pv/bonding netconsole support Tina yang orabug 6993043 bz 7258 - nfs convert ENETUNREACH to ENOTCONN Guru...

7.8CVSS0.1AI score0.04268EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2009/06/17 12:0 a.m.60 views

RHEL 5 : kernel (RHSA-2009:1106)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1106 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: several flaws were found in the way th...

7.8CVSS5.8AI score0.04268EPSS
Exploits7References27
Exploit DB
Exploit DB
added 2009/05/03 12:0 a.m.29 views

Linux Kernel 2.6.x (Sparc64) - '/proc/iomem' Local Denial of Service

source: https://www.securityfocus.com/bid/35415/info The Linux kernel is prone to a local denial-of-service vulnerability that attackers can exploit to cause an affected computer to crash. This issue affects the Linux kernel 2.6.22-rc1 through 2.6.29 on the sparc64 architecture. The following...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2009/05/01 12:0 a.m.45 views

Memcached stats maps命令信息泄露漏洞

BUGTRAQ ID: 34756 CVECAN ID: CVE-2009-1255 Memcached是一个开源的多平台数据库缓存软件。 如果远程攻击者连接到了memcached的TCP端口(默认11211)并发布了stats maps命令,Memcached就会直接将/proc/self/maps的输出管道传输给客户端。这可能导致泄漏所分配内存区域的地址。 Danga Interactive memcached 1.2.7 MemcacheDB MemcacheDB 1.2 Danga Interactive -----------------...

5CVSS6.4AI score0.02252EPSS
Exploits2
FreeBSD
FreeBSD
added 2009/04/29 12:0 a.m.34 views

memcached -- memcached stats maps Information Disclosure Weakness

Secunia reports: A weakness has been reported in memcached, which can be exploited by malicious people to disclose system information. The weakness is caused due to the application disclosing the content of /proc/self/maps if a stats maps command is received. This can be exploited to disclose e.g...

5CVSS6.4AI score0.02252EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.23 views

Mandriva Linux Security Advisory : libxslt (MDVSA-2008:151)

A buffer overflow vulnerability in libxslt could be exploited via an XSL style sheet file with a long XLST transformation match condition, which could possibly lead to the execution of arbitrary code CVE-2008-1767. The updated packages have been patched to correct this issue. %NASLMINLEVEL 70300 ...

7.5CVSS8.7AI score0.1279EPSS
Exploits2References1
seebug.org
seebug.org
added 2009/04/08 12:0 a.m.20 views

Linux Kernel /proc/net/udp本地拒绝服务漏洞

BUGTRAQ ID: 34329 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的net/ipv4/udp.c文件中的udpgetnext函数在试图解锁仍未锁定的spinlock时存在错误,如果从/proc/net/udp/读取了0字节就会导致系统崩溃。 Linux kernel 2.6.x Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.29-git8.bz2...

6.8AI score
Exploits0
UbuntuCve
UbuntuCve
added 2009/04/06 2:30 p.m.22 views

CVE-2009-1243

net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an unlocking step in certain incorrect circumstances, which allows local users to cause a denial of service panic by reading zero bytes from the /proc/net/udp file and unspecified other files, related to the "udp seqfile infrastructure."...

5.5CVSS6.1AI score0.00267EPSS
Exploits0References1
Rows per page
Query Builder