5049 matches found
CVE-2004-1235
Race condition in the 1 loadelflibrary and 2 binfmtaout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor...
[SECURITY] [DSA 692-1] New kppp packages fix privileged file descriptor leak
-------------------------------------------------------------------------- Debian Security Advisory DSA 692-1 [email protected] http://www.debian.org/security/ Martin Schulze March 8th, 2005 http://www.debian.org/security/faq -...
DSA-692-1 kppp - design flaw
Bulletin has no description...
CVE-2005-0654
gifload.exe in GIMP 2.0.5, 2.2.3, and possibly 2.2.4 allows remote attackers or local users to cause a denial of service application crash via the image descriptor 1 height or 2 width fields set to zero...
RHEL 2.1 / 3 : kdenetwork (RHSA-2005:175)
Updated kdenetwork packages that fix a file descriptor leak are now available. This update has been rated as having low security impact by the Red Hat Security Response Team The kdenetwork packages contain a collection of networking applications for the K Desktop Environment. A bug was found in t...
security flaw
KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of...
Low: Red Hat Security Advisory: kdenetwork security update
Updated kdenetwork packages that fix a file descriptor leak are now available. This update has been rated as having low security impact by the Red Hat Security Response Team The kdenetwork packages contain a collection of networking applications for the K Desktop Environment. A bug was found in t...
CVE-2004-1033
Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable...
CVE-2004-1033
Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable...
CVE-2005-0205
KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of...
CVE-2005-0205
CVE-2005-0205 affects KPPP 2.1.2 and earlier within KDE 3.1.5 and earlier. The issue is a local privilege problem where a setuid-root kppp can fail to close a privileged domain-socket file descriptor when wrappers are not used, enabling a local attacker to read/write /etc/hosts and /etc/resolv.co...
iDEFENSE Security Advisory 02.28.05: KPPP Privileged File Descriptor Leak Vulnerability
KPPP Privileged File Descriptor Leak Vulnerability iDEFENSE Security Advisory 02.28.05 www.idefense.com/application/poi/display?id=208&type=vulnerabilities February 28, 2005 I. BACKGROUND KPPP is a dialer and front end for pppd. It allows for interactive script generation and network setup. More...
PT-2005-1444 · Armagetron · Armagetron +1
Name of the Vulnerable Software and Affected Versions: Armagetron versions 0.2.6.0 and earlier Armagetron Advanced versions 0.2.7.0 and earlier Description: The issue allows remote attackers to cause a denial of service, resulting in an application crash. This can be achieved by sending a packet...
[Full-Disclosure] Crashes and socket unreacheable in Armagetron Advanced 0.2.7.0
Luigi Auriemma Application: Armagetron http://armagetron.sourceforge.net Armagetron Advanced http://armagetronad.sourceforge.net Versions: Armagetron = 0.2.6.0 Armagetron Advanced = 0.2.7.0 Platforms: multiplatform Windows, Linux and others Bugs: A crash caused by big descriptor ID B crash caused...
CVE-2004-1235
CVE-2004-1235 documents a race condition in the Linux kernel (load_elf_library and binfmt_aout paths used by uselib) affecting 2.4 (through 2.429-rc2) and 2.6 (through 2.6.10). Exploitation allows a local user to execute arbitrary code by manipulating the VMA descriptor. The initial description p...
CVE-2004-1235
Race condition in the 1 loadelflibrary and 2 binfmtaout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor...
CVE-2004-1270
lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers...
CVE-2004-2477
DiamondCS Process Guard Free 2.000 allows local users to disable the process guard protection system by overwriting the current Service Descriptor Table SDT in \device\physicalmemory with the original SDT found in ntoskrnl.exe...
CVE-2004-2215
RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges...
CVE-2004-2215
RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges...