CVE-1999-0062

The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage...

EUVD-1999-0062

Malware in sbrugna...

PT-2024-3054

Name of the Vulnerable Software and Affected Versions Jetty versions prior to 9.4.54 Jetty versions prior to 10.0.20 Jetty versions prior to 11.0.20 Jetty versions prior to 12.0.6 Description The issue is related to an HTTP/2 SSL connection that is established and TCP congested, which will be...

runc: file descriptor leak

A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...

Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2020:4676)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4676 advisory. - libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ipreass in ipinput.c. CVE-2019-15890 - qemu/qemudriver.c in libvirt before 6.0.0...

Security Bulletin: A security vulnerability in Node.js affects IBM Cloud Pak for Multicloud Management Managed Service

Summary A security vulnerability in Node.js affects IBM Cloud Pak for Multicloud Management Managed Service. Vulnerability Details CVEID: CVE-2021-23840 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an...

EulerOS Virtualization 2.9.1 : libvirt (EulerOS-SA-2021-1631)

According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting informati...

Information Disclosure

libvirt is vulnerable to information disclosure. A file descriptor for /dev/mapper/control is leaked into the QEMU process. This file descriptor allows for privileged operations to be made against device mapper on the host...

openSUSE Security Update : openssh (openSUSE-2018-1477)

This update for openssh fixes the following issues : Following security issues have been fixed : - CVE-2018-15473: OpenSSH was prone to a user existance oracle vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully...

CVE-2018-9275

In checkusertoken in util.c in the Yubico PAM module aka pamyubico 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure serial number of a device and/or DoS reaching the maximum number of file descriptors...

Apache 2.0.4x mod_perl Module File Descriptor Leakage Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9471/info A vulnerability has been reported to exist in the Apache modperl module that may allow local attackers to gain access to privileged file descriptors. This issue could be exploited by an attacker to hijack a...

Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/9302/info Reportedly, the Apache modphp module may be prone to a vulnerability that may allow a local attacker to gain access to privileged file descriptors. As a result, the attacker may pose as a legitimate server and...

BubbleMon 1.x Kernel Memory File Descriptor Leakage Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5714/info It has been reported that BubbleMon is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attackers to inherit the open fil...

socat security vulnerabilities

Buffer overflow, file descriptor leakage...

CentOS Update for libvirt CESA-2013:0831 centos6

Check for the Version of libvirt OpenVAS Vulnerability Test CentOS Update for libvirt CESA-2013:0831 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

RedHat Update for libvirt RHSA-2013:0831-01

Check for the Version of libvirt OpenVAS Vulnerability Test RedHat Update for libvirt RHSA-2013:0831-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CentOS 6 : libvirt (CESA-2013:0831)

Updated libvirt packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CentOS Update for nss CESA-2011:1444 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2004-1033

Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable...

Apache 2.0.4x mod_perl - File Descriptor Leakage (3)

Apache 2.0.4x modperl - File Descriptor Leakage 3 source: https://www.securityfocus.com/bid/9471/info A vulnerability has been reported to exist in the Apache modperl module that may allow local attackers to gain access to privileged file descriptors. This issue could be exploited by an attacker ...