CVE-2004-0596

The Equalizer Load-balancer for serial network interfaces eql.c in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null dereference...

CVE-2004-0596

The vulnerability CVE-2004-0596 affects the Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7. The root cause is a null dereference triggered when a non-existent device name is used, leading to local denial of service. Affected component: eql.c within...

CVE-2004-0596

The Equalizer Load-balancer for serial network interfaces eql.c in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null dereference...

APSIS Pound Load Balancer Format String Overflow

The remote server is vulnerable to a remote format string bug which can allow remote attackers to gain access to confidential data. Pound versions less than 1.6 are vulnerable to this issue. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid12007; scriptversion "1.14";...

Web Server Load Balancer Detection

The remote web server seems to be running in conjunction with several others behind a load balancer. Knowing that there are multiple systems behind a service could be useful to an attacker as the underlying hosts may be running different operating systems, patchlevels, etc. C Tenable Network...

CVE-2004-0317

CVE-2004-0317 affects Load Sharing Facility (LSF) versions 4.x, 5.x, and 6.x. The vulnerability is a buffer overflow in the eauth component triggered by a long LSF_From_PC parameter, allowing local users or attackers within an LSF cluster to cause a denial of service (segmentation fault) and pote...

CVE-2004-0318

CVE-2004-0318 affects Load Sharing Facility (LSF) versions 4.x, 5.x, and 6.x. The vulnerability arises because LSF_EAUTH_UID may be used in place of the real user UID, enabling remote attackers within the local cluster to gain privileges. The underlying issue is the handling of an environment var...

CVE-2004-0317

Buffer overflow in eauth in Load Sharing Facility 4.x, 5.x, and 6.x allows local users or remote attackers within the LSF cluster to cause a denial of service segmentation fault and possibly execute arbitrary code via a long LSFFromPC parameter...

CVE-2004-0318

Load Sharing Facility LSF 4.x, 5.x, and 6.x uses the LSFEAUTHUID environment variable, if it exists, instead of the real UID of the user, which could allow remote attackers within the local cluster to gain privileges...

Load Sharing Facility multiple bugs

Code execution, DoS...

Lam3rZ Security Advisory #1/2004: LSF eauth vulnerability leads to remote code execution

Lam3rZ Security Advisory 1/2004 23 Feb 2004 Remote within a cluster root in LSF Name: Load Sharing Facility versions 4.x, 5.x, 6.x Severity: High Vendor URL: http://www.platform.com Author: Tomasz Grabowski [email protected] Vendor notified: 26 Oct 2003 Vendor confirmed: 27 Oct 2003 Vendor...

PT-2003-1903 · Ibm · Ibm Db2 Universal Database

Name of the Vulnerable Software and Affected Versions: IBM DB2 Universal Data Base versions 7.2 before Fixpak 10 and 10a IBM DB2 Universal Data Base versions 8.1 before Fixpak 2 Description: A stack-based buffer overflow issue allows attackers with Connect privileges to execute arbitrary code via...

ptl-2003-01: IBM DB2 LOAD Command Stack Overflow Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Pentest Limited Security Advisory IBM DB2 LOAD Command Stack Overflow Vulnerability Advisory Details - ---------------- Title: IBM DB2 LOAD Command Stack Overflow Vulnerability Announcement date: 1st October 2003 Advisory Reference: ptl-2003-01 CVE...

Cisco CSS 11000 Series DoS

ID: S21SEC-025-en Title: Cisco CSS 11000 Series DoS Date: 04/07/2003 Status: Solution available Scope: Interruption of service, high CPU load. Platforms: All/Chassis CS800. Author: ecruz, egarcia, jandre Location: http://www.s21sec.com/en/avisos/s21sec-025-en.txt Release: External S 2 1 S E C...

CVE-2003-0337

The CVE describes a local code execution in Load Sharing Facility (LSF) 5.1 via the ckconfig command in lsadmin. By manipulating environment variables LSF_ENVDIR to reference an alternate lsf.conf and LSF_SERVERDIR to point to a malicious lim program, a local attacker can cause lsadmin to execute...

CVE-2003-0337

The ckconfig command in lsadmin for Load Sharing Facility LSF 5.1 allows local users to execute arbitrary programs by modifying the LSFENVDIR environment variable to reference an alternate lsf.conf file, then modifying LSFSERVERDIR to point to a malicious lim program, which lsadmin then executes...

CVE-2003-0337

The ckconfig command in lsadmin for Load Sharing Facility LSF 5.1 allows local users to execute arbitrary programs by modifying the LSFENVDIR environment variable to reference an alternate lsf.conf file, then modifying LSFSERVERDIR to point to a malicious lim program, which lsadmin then executes...

Security advisory: LSF 5.1 local root exploit

Security Advisory 22 May 2003 Local root in LSF 5.1 Name: Load Sharing Facility version 5.1 Severity: High Vendor URL: http://www.platform.com Author: Tomasz Grabowski [email protected] Vendor notified: 25 Feb 2003 Vendor response: 25 Feb 2003 Vendor fix: 19 Mar 2003 Commercial: I'm looking for ...

CVE-2003-0233

Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load method, a different vulnerability than CVE-2003-0115...

Cisco Security Advisory: Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service Vulnerability =============================================================================== Revision Numeral 1.0 For Public Releas...