Lucene search
K

5049 matches found

UbuntuCve
UbuntuCve
added 2005/04/14 4:0 a.m.38 views

CVE-2004-1235

Race condition in the 1 loadelflibrary and 2 binfmtaout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor...

6.2CVSS6.3AI score0.02893EPSS
Exploits2References2
Debian
Debian
added 2005/03/08 4:56 p.m.31 views

[SECURITY] [DSA 692-1] New kppp packages fix privileged file descriptor leak

-------------------------------------------------------------------------- Debian Security Advisory DSA 692-1 [email protected] http://www.debian.org/security/ Martin Schulze March 8th, 2005 http://www.debian.org/security/faq -...

4.6CVSS6.2AI score0.0036EPSS
Exploits0
OSV
OSV
added 2005/03/08 12:0 a.m.25 views

DSA-692-1 kppp - design flaw

Bulletin has no description...

4.6CVSS6.1AI score0.0036EPSS
Exploits0
Cvelist
Cvelist
added 2005/03/07 5:0 a.m.20 views

CVE-2005-0654

gifload.exe in GIMP 2.0.5, 2.2.3, and possibly 2.2.4 allows remote attackers or local users to cause a denial of service application crash via the image descriptor 1 height or 2 width fields set to zero...

6.6AI score0.01867EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2005/03/04 12:0 a.m.34 views

RHEL 2.1 / 3 : kdenetwork (RHSA-2005:175)

Updated kdenetwork packages that fix a file descriptor leak are now available. This update has been rated as having low security impact by the Red Hat Security Response Team The kdenetwork packages contain a collection of networking applications for the K Desktop Environment. A bug was found in t...

4.6CVSS5.2AI score0.0036EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2005/03/03 3:33 p.m.4 views

security flaw

KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of...

4.6CVSS5.8AI score0.0036EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2005/03/03 3:33 p.m.32 views

Low: Red Hat Security Advisory: kdenetwork security update

Updated kdenetwork packages that fix a file descriptor leak are now available. This update has been rated as having low security impact by the Red Hat Security Response Team The kdenetwork packages contain a collection of networking applications for the K Desktop Environment. A bug was found in t...

4.6CVSS5.7AI score0.0036EPSS
Exploits0References2
NVD
NVD
added 2005/03/01 5:0 a.m.22 views

CVE-2004-1033

Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable...

2.1CVSS6.2AI score0.00364EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2005/03/01 5:0 a.m.21 views

CVE-2004-1033

Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable...

2.1CVSS5.9AI score0.00364EPSS
Exploits0References1
Cvelist
Cvelist
added 2005/02/28 5:0 a.m.40 views

CVE-2005-0205

KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of...

6.1AI score0.0036EPSS
Exploits0References6
CVE
CVE
added 2005/02/28 5:0 a.m.72 views

CVE-2005-0205

CVE-2005-0205 affects KPPP 2.1.2 and earlier within KDE 3.1.5 and earlier. The issue is a local privilege problem where a setuid-root kppp can fail to close a privileged domain-socket file descriptor when wrappers are not used, enabling a local attacker to read/write /etc/hosts and /etc/resolv.co...

4.6CVSS6.1AI score0.0036EPSS
Exploits0References6Affected Software2
securityvulns
securityvulns
added 2005/02/28 12:0 a.m.41 views

iDEFENSE Security Advisory 02.28.05: KPPP Privileged File Descriptor Leak Vulnerability

KPPP Privileged File Descriptor Leak Vulnerability iDEFENSE Security Advisory 02.28.05 www.idefense.com/application/poi/display?id=208&type=vulnerabilities February 28, 2005 I. BACKGROUND KPPP is a dialer and front end for pppd. It allows for interactive script generation and network setup. More...

4.6CVSS0.9AI score0.0036EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2005/02/11 12:0 a.m.3 views

PT-2005-1444 · Armagetron · Armagetron +1

Name of the Vulnerable Software and Affected Versions: Armagetron versions 0.2.6.0 and earlier Armagetron Advanced versions 0.2.7.0 and earlier Description: The issue allows remote attackers to cause a denial of service, resulting in an application crash. This can be achieved by sending a packet...

5.3CVSS7.4AI score0.03547EPSS
Exploits0References5
securityvulns
securityvulns
added 2005/02/11 12:0 a.m.25 views

[Full-Disclosure] Crashes and socket unreacheable in Armagetron Advanced 0.2.7.0

Luigi Auriemma Application: Armagetron http://armagetron.sourceforge.net Armagetron Advanced http://armagetronad.sourceforge.net Versions: Armagetron = 0.2.6.0 Armagetron Advanced = 0.2.7.0 Platforms: multiplatform Windows, Linux and others Bugs: A crash caused by big descriptor ID B crash caused...

0.1AI score
Exploits0
CVE
CVE
added 2005/01/20 5:0 a.m.119 views

CVE-2004-1235

CVE-2004-1235 documents a race condition in the Linux kernel (load_elf_library and binfmt_aout paths used by uselib) affecting 2.4 (through 2.429-rc2) and 2.6 (through 2.6.10). Exploitation allows a local user to execute arbitrary code by manipulating the VMA descriptor. The initial description p...

6.2CVSS7.5AI score0.02893EPSS
Exploits2References25Affected Software14
Cvelist
Cvelist
added 2005/01/20 5:0 a.m.36 views

CVE-2004-1235

Race condition in the 1 loadelflibrary and 2 binfmtaout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor...

7.5AI score0.02893EPSS
Exploits2References25
UbuntuCve
UbuntuCve
added 2005/01/10 5:0 a.m.37 views

CVE-2004-1270

lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers...

2.1CVSS5.9AI score0.00454EPSS
Exploits1References2
NVD
NVD
added 2004/12/31 5:0 a.m.12 views

CVE-2004-2477

DiamondCS Process Guard Free 2.000 allows local users to disable the process guard protection system by overwriting the current Service Descriptor Table SDT in \device\physicalmemory with the original SDT found in ntoskrnl.exe...

2.1CVSS6.2AI score0.00439EPSS
Exploits1References6
NVD
NVD
added 2004/12/31 5:0 a.m.15 views

CVE-2004-2215

RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges...

4.6CVSS6.6AI score0.0034EPSS
Exploits0References5
OSV
OSV
added 2004/12/31 5:0 a.m.8 views

CVE-2004-2215

RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges...

6.9AI score
Exploits0References6
Rows per page
Query Builder