4337 matches found
gallery2 -- multiple vulnerabilities
Gallery project reports: Gallery 2.2.3 addresses the following security vulnerabilities: Unauthorized renaming of items possible with WebDAV reported by Merrick Manalastas Unauthorized modification and retrieval of item properties possible with WebDAV Unauthorized locking and replacing of items...
CentOS 4 : kernel (CESA-2007:0488)
Updated kernel packages that fix several security issues and bugs in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the...
kernel security update
CentOS Errata and Security Advisory CESA-2007:0488 Updated kernel packages that fix several security issues and bugs in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Lin...
Important: Red Hat Security Advisory: kernel security update
Updated kernel packages that fix several security issues and bugs in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the...
Re: [Full-disclosure] screen 4.0.3 local Authentication Bypass
-----Original Message----- Subject: Re: Full-disclosure screen 4.0.3 local Authentication Bypass Verified on OpenBSD I'm not seeing a 'Getpass error' message on 4.1-STABLE current, but there does seem to be a problem with locking and reattaching: $ screen space $ echo "This is the locked screen"...
kernel Race condition in mincore can cause "ps -ef" to hang
The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock...
CVE-2006-4814
The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock...
USN-395-1: Linux kernel vulnerabilities
Mark Dowd discovered that the netfilter iptables module did not correcly handle fragmented packets. By sending specially crafted packets, a remote attacker could exploit this to bypass firewall rules. This has only be fixed for Ubuntu 6.10; the corresponding fix for Ubuntu 5.10 and 6.06 will foll...
Important: Red Hat Bug Fix Advisory: bind bug fix update
Updated bind packages that fix several bugs are now available. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. The bind package provides a DNS server named, which resolves host names to IP addresses, and tools for control and verification of the DN...
CVE-2006-3675
Password Safe 2.11, 2.16 and 3.0BETA1 does not respect the configuration settings for locking the password database when certain dialogue windows are open, which might allow attackers with physical access to obtain the database contents...
CVE-2006-3675
CVE-2006-3675 affects Password Safe versions 2.11, 2.16 and 3.0BETA1. The vulnerability arises because the software does not enforce the configured lock-on-workstation-lock or idle-time events when specific dialog windows are open, potentially allowing a local attacker with access to the workstat...
CVE-2006-3675
Password Safe 2.11, 2.16 and 3.0BETA1 does not respect the configuration settings for locking the password database when certain dialogue windows are open, which might allow attackers with physical access to obtain the database contents...
CentOS 3 : kdebase (CESA-2006:0576)
Updated kdebase packages that resolve a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environment. A flaw was found in KDE where the...
SYMSA-2006-008:Password Safe - Lock Password Database Configuration Not Enforced
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research http://www.symantec.com/research Security Advisory Advisory ID: SYMSA-2006-008 Advisory Title: Password Safe - Lock Password Database Configuration Not Enforced Author: J.R. Wikes Release Date: 07-24-2006 Application:...
RHEL 2.1 : dump (RHSA-2005:583)
Updated dump packages that address two security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having low security impact by the Red Hat Security Response Team. Dump examines files in a file system, determines which ones need to be backed up, and copies...
CVE-2005-2019
ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor SMP or Uni Processor UP systems with the PREEMPTION kernel option enabled, does not sufficiently lock certain resources while performing table lookups, which can cause the cache results to be corrupted during multiple concurrent...
NetBSD Security Advisory 2005-001: Crypto leaks across HyperThreaded CPUs (i386, P4, HTT+SMP only)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NetBSD Security Advisory 2005-001 ================================= Topic: Crypto leaks across HyperThreaded CPUs i386, P4, HTT+SMP only Version: NetBSD-current: affected, i386 on P4 with HTT and SMP kernels NetBSD 2.0: affected, i386 on P4 with HTT a...
CVE-2005-2019
ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor SMP or Uni Processor UP systems with the PREEMPTION kernel option enabled, does not sufficiently lock certain resources while performing table lookups, which can cause the cache results to be corrupted during multiple concurrent...
FreeBSD ipfw packet filter race conditions
Because of insuddicient locking it's possible to corrupt cached lookup table on machines with threading PREEMPTIVE multitasking...
kernel -- ipfw packet matching errors with address tables
Problem Description The ipfw tables lookup code caches the result of the last query. The kernel may process multiple packets concurrently, performing several concurrent table lookups. Due to an insufficient locking, a cached result can become corrupted that could cause some addresses to be...