119 matches found
[SECURITY] Fedora 13 Update: perl-File-FcntlLock-0.12-1.fc13
FcntlLock is a module to do file locking in an object oriented fashion using the fcntl2 system call. This allows locks on parts of a file as well as on the whole file and overcomes some known problems with flock2, on which Perl's flock function is based...
kernel: bug in GFS/GFS2 locking code leads to dos
The gfs2lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfslock function in the Linux kernel on Red Hat Enterprise Linux RHEL 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a...
CVE-2007-6733
The nfslock function in fs/nfs/file.c in the Linux kernel 2.6.9 does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service BUG and system crash by locking a file on an NFS filesystem and then changing this...
CVE-2009-4141
Use-after-free vulnerability in the fasynchelper function in fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local users to gain privileges via vectors that include enabling OASYNC aka FASYNC or FIOASYNC on a locked file, and then closing this file...
RedHat Security Advisory RHSA-2009:1670
The remote host is missing updates announced in advisory RHSA-2009:1670. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: NULL pointer dereference flaws in the r128 driver. Checks to test if the Concurrent Command Engine state was initialized...
RedHat Security Advisory RHSA-2009:1635
The remote host is missing updates announced in advisory RHSA-2009:1635. The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues: a NULL pointer dereference flaw was found in the NFSv4 implementation in the...
Kernel BUG() in locks_remove_flock
Race condition in the dosetlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service crash via vectors resulting in an interrupted RPC call that leads to a stray FLPOSIX lock, related to improper handling of a race between fcntl and close in th...
RHEL 2.1 : dump (RHSA-2005:583)
Updated dump packages that address two security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having low security impact by the Red Hat Security Response Team. Dump examines files in a file system, determines which ones need to be backed up, and copies...
File locking DoS in ьгдешзду гешдшешуы
It's possible to cause DoS by putting locks to required files...
File Locking Local Denial of Service; Impact on sendmail
-----BEGIN PGP SIGNED MESSAGE----- File Locking Local Denial of Service Impact on sendmail Reported by lumpy [email protected] Introduction ============ Any application which uses either flock or fcntl style locking or other APIs that use one of these locking methods such as open with OEXLOCK and...
Sendmail 8.9.x8.10.x8.11.x8.12.x - File Locking Denial of Service (1)
Sendmail 8.9.x8.10.x8.11.x8.12.x - File Locking Denial of Service 1 / source: https://www.securityfocus.com/bid/4822/info Sendmail is a MTA for Unix and Linux variants. There is a vulnerability in Sendmail that will lead to a denial of service condition. The vulnerability occurs when a malicious...
Sendmail 8.9.x8.10.x8.11.x8.12.x - File Locking Denial of Service (2)
Sendmail 8.9.x8.10.x8.11.x8.12.x - File Locking Denial of Service 2 // source: https://www.securityfocus.com/bid/4822/info Sendmail is a MTA for Unix and Linux variants. There is a vulnerability in Sendmail that will lead to a denial of service condition. The vulnerability occurs when a malicious...
Sendmail 8.9.x/8.10.x/8.11.x/8.12.x - File Locking Denial of Service (1)
/ source: https://www.securityfocus.com/bid/4822/info Sendmail is a MTA for Unix and Linux variants. There is a vulnerability in Sendmail that will lead to a denial of service condition. The vulnerability occurs when a malicious user acquires an exclusive lock on files that Sendmail requires for...
Sendmail 8.9.x/8.10.x/8.11.x/8.12.x - File Locking Denial of Service (2)
// source: https://www.securityfocus.com/bid/4822/info Sendmail is a MTA for Unix and Linux variants. There is a vulnerability in Sendmail that will lead to a denial of service condition. The vulnerability occurs when a malicious user acquires an exclusive lock on files that Sendmail requires for...
Mozilla personal security manager /tmp issues
Playing with /tmp a bit this morning I ran into the following issue in mozilla... with mozilla open root@linuxppc root fuser -n file /tmp/.nsmc-0-lock /tmp/.nsmc-0-lock: 3220 3223 3224 3226 3227 3228 3229 root@linuxppc root ps -ef | grep 3220 root 3220 1 0 12:42 ? 00:00:00 ./psm sh-2.05$ id...
SECURITY.NNOV: file locking and security
Hello bugtraq, Topic : File locking and security Author : 3APA3A [email protected] Affected software : Windows NT 4.0, Windows 2000 and may be another systems Exploitable : Yes Remotely exploitable : No Category : Design flow Background: Application can lock the file after file description ...
File locking and security
Topic : File locking and security Author : 3APA3A Affected software : Windows NT 4.0, Windows 2000 and may be another systems Exploitable : Yes Remotely exploitable : No Category : Design flaw Background: Application can lock the file after file description is open by application or in open call...
Sun Solaris 2.5.1 - rpc.statd rpc Call Relaying
Sun Solaris 2.5.1 - rpc.statd rpc Call Relaying // source: https://www.securityfocus.com/bid/450/info The rpc service rpc.statd, shipped with all major versions of Sun's solaris, is the status monitoring service for NFS file locking. The vulnerability lies in rpc.statd's ability to relay rpc call...
Sun Solaris 2.5.1 - rpc.statd rpc Call Relaying
// source: https://www.securityfocus.com/bid/450/info The rpc service rpc.statd, shipped with all major versions of Sun's solaris, is the status monitoring service for NFS file locking. The vulnerability lies in rpc.statd's ability to relay rpc calls to other rpc services without being validated ...