5038 matches found
Microsoft Windows NT 4.0/2000 - Local Descriptor Table Privilege Escalation (MS04-011)
// source: https://www.securityfocus.com/bid/10122/info Microsoft Windows Local Descriptor Table programming interface is prone to a privilege-escalation vulnerability. A local attacker may be able to create a malicious entry in the Local Descriptor Table. This entry may point into protected...
CVE-2003-0910
CVE-2003-0910 concerns a privilege-elevation flaw in the Local Descriptor Table (LDT) interface on Windows NT 4.0 and Windows 2000. An attacker must be locally logged on to exploit by creating a malicious LDT entry to gain access to protected memory; Windows XP and Windows Server 2003 are not aff...
CVE-2003-0910
The NtSetLdtEntries function in the programming interface for the Local Descriptor Table LDT in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory...
Microsoft Windows fails to properly create entries in the Local Descriptor Table (LDT)
Overview Microsoft Windows NT4.0 and Windows 2000 contain a vulnerability that could permit a local user to gain elevated privileges on the system. Description Microsoft Windows NT4.0 and Windows 2000 provide an API to the kernel to create Local Descriptor Tables LDT for applications. A failure t...
Microsoft Windows Local Descriptor Table Local Privilege Escalation Vulnerability
Description Microsoft Windows Local Descriptor Table programming interface is prone to a privilege-escalation vulnerability. A local attacker may be able to create a malicious entry in the Local Descriptor Table. This entry may point into protected memory. Since this memory space is reserved for...
mremap(2) full details available
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Synopsis: Linux kernel domremap VMA limit local privilege escalation vulnerability Product: Linux kernel Version: 2.2 up to and including 2.2.25, 2.4 up to to and including 2.4.24, 2.6 up to to and including 2.6.2 Vendor: http://www.kernel.org/ URL:...
Apache mod_php and mod_perl file decriptor leak
Descriptor leakage allowws to spoof https session in child process...
Hijacking Apache 2 via mod_perl
Product: modperl Versions: 1.9909 / apache 2.0.47 URL: http://perl.apache.org Impact: Daemon Hijacking Bug class: Leaked Descriptor Vendor notified: Yes Fix available: No Date: 01/21/04 Issue: ====== Modperl under apache 2.0.x leaks critical file descriptors that can be used to takeover hijack th...
Hijacking Apache 2 via mod_perl
Product: modperl Versions: 1.9909 / apache 2.0.47 URL: http://perl.apache.org Impact: Daemon Hijacking Bug class: Leaked Descriptor Vendor notified: Yes Fix available: No Date: 01/21/04 Issue: ====== Modperl under apache 2.0.x leaks critical file descriptors that can be used to takeover hijack th...
Apache 2.0.4x mod_perl - File Descriptor Leakage (3)
Apache 2.0.4x modperl - File Descriptor Leakage 3 source: https://www.securityfocus.com/bid/9471/info A vulnerability has been reported to exist in the Apache modperl module that may allow local attackers to gain access to privileged file descriptors. This issue could be exploited by an attacker ...
Apache 2.0.4x mod_perl - File Descriptor Leakage (3)
source: https://www.securityfocus.com/bid/9471/info A vulnerability has been reported to exist in the Apache modperl module that may allow local attackers to gain access to privileged file descriptors. This issue could be exploited by an attacker to hijack a vulnerable server daemon. Other attack...
Hijacking Apache https by mod_php
Product: PHP - modphp Versions: 4.2.x, 4.3.x / apache 2.0.x URL: http://www.php.net Impact: Daemon Hijacking Bug class: Leaked Descriptor Vendor notified: Yes Fix available: No Date: 12/26/03 Issue: ====== Modphp under apache 2.0.x leaks a critical file descriptor that can be used to takeover...
Apache 2.0.4x mod_php - File Descriptor Leakage (1)
Apache 2.0.4x modphp - File Descriptor Leakage 1 // source: https://www.securityfocus.com/bid/9302/info Reportedly, the Apache modphp module may be prone to a vulnerability that may allow a local attacker to gain access to privileged file descriptors. As a result, the attacker may pose as a...
Apache 2.0.4x mod_php - File Descriptor Leakage (1)
// source: https://www.securityfocus.com/bid/9302/info Reportedly, the Apache modphp module may be prone to a vulnerability that may allow a local attacker to gain access to privileged file descriptors. As a result, the attacker may pose as a legitimate server and possibly steal or manipulate...
Important: Red Hat Security Advisory: Updated IA64 kernel packages address security vulnerabilities, bugfixes
Updated kernel packages that address several security vulnerabilites, fix a number of bugs, and update various drivers are now available. The Linux kernel handles the basic functions of the operating system. A flaw in bounds checking in the dobrk function in the Linux kernel versions 2.4.22 and...
stunnel file descriptors leak
Child process has access to critical descriptors...
PT-2003-1958 · Sco · Open Unix +1
Name of the Vulnerable Software and Affected Versions: SCO UnixWare versions 7.1.1, 7.1.3 Open UNIX version 8.0.0 Description: The issue allows local users to bypass protections for the address space file for a process ID by obtaining a procfs file descriptor for the file and calling execve on a...
CVE-2003-0740
Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen, which allows local users to hijack the Stunnel server...
CVE-2003-0740
Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen, which allows local users to hijack the Stunnel server...
DEBIAN-CVE-2003-0740
Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen, which allows local users to hijack the Stunnel server...