CVE-2014-1950

Use-after-free vulnerability in the xccpupoolgetinfo function in Xen 4.1.x through 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xccpumapalloc function, which allows local users with access to management functions to cause a denial of service heap corrupti...

use-after-free in xc_cpupool_getinfo() under memory pressure

ISSUE DESCRIPTION If xccpumapalloc fails then xccpupoolgetinfo will free and incorrectly return the then-free pointer to the result structure. IMPACT An attacker may be able to cause a multi-threaded toolstack using this function to race against itself leading to heap corruption and a potential...

use-after-free in libxl_list_cpupool under memory pressure

ISSUE DESCRIPTION If realloc3 fails then libxllistcpupool will incorrectly return the now-free original pointer. IMPACT An attacker may be able to cause a multithreaded toolstack using this function to race against itself leading to heap corruption and a potential DoS. Depending on the malloc...

CVE-2011-3937

The H.263 codec libavcodec/h263dec.c in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 has unspecified impact and attack vectors related to "width/height changin...

Scientific Linux Security Update : openssl on SL6.x i386/x86_64

A race condition flaw has been found in the OpenSSL TLS server extension parsing code, which could affect some multithreaded OpenSSL applications. Under certain specific conditions, it may be possible for a remote attacker to trigger this race condition and cause such an application to crash, or...

Scientific Linux Security Update : openssl on SL4.x i386/x86_64

A flaw was found in the SSLgetsharedciphers utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer by a single byte CVE-2007-5135. Few applications make use of this vulnerable function and generally it is used only when applicatio...

Scientific Linux Security Update : kernel for SL 5.x on i386/x86_64

CVE-2007-5966 kernel: non-root can trigger cpuidle soft lockup CVE-2009-1385 kernel: e1000cleanrxirq denial of service CVE-2009-1388 kernel: docoredump vs ptracestart deadlock CVE-2009-1389 kernel: r8169: fix crash when large packets are received CVE-2009-1895 kernel: personality: fix...

SuSE 10 Security Update : openssl (ZYPP Patch Number 8143)

This update of openssl fixes the following denial of service vulnerabilities : - Denial of Service via CBC mode handling. CVE-2012-2333 - A deadlock condition introduced by the previous memory leak fix due to entering a lock twice. This would only happen in multithreaded programs. In addition,...

Rootdabitch version 0.1 - Multithreaded Linux root password Bruteforcer

Rootdabitch version 0.1 - Multithreaded Linux root password Bruteforcer r00tw0rm hacker "th3breacher!" release Rootdabitch v0.1 ,which is a Multithreaded Linux/UNIX tool to brute-force cracking local root through su using sucrack. sucrack is a multithreaded Linux/UNIX tool for brute-force crackin...

Apache - Denial of Service

/ This is a reverse engineered version of the exploit for CVE-2011-3192 made by ev1lut10n http://jayakonstruksi.com/backupintsec/rapache.tgz. Copyright 2011 Ramon de C Valle Compile with the following command: gcc -Wall -pthread -o rcvalle-rapache rcvalle-rapache.c / include include include inclu...

SSHtrix - Fastest Multithreaded SSHv1 and SSH1v2 login cracker

SSHtrix - Fastest Multithreaded SSHv1 and SSH1v2 login cracker sshtrix is a very fast multithreaded SSH login cracker. It supports SSHv1 and SSHv2.sshtrix was designed to automate rapid bruteforce attacks against SSH authentification screens. Unlike other public tools, the aim is to keep it...

SSHtrix - Fastest Multithreaded SSHv1 and SSH1v2 login cracker

SSHtrix - Fastest Multithreaded SSHv1 and SSH1v2 login cracker sshtrix is a very fast multithreaded SSH login cracker. It supports SSHv1 and SSHv2.sshtrix was designed to automate rapid bruteforce attacks against SSH authentification screens. Unlike other public tools, the aim is to keep it...

MTPuTTY 1.0 Beta - Multi-Tabbed PuTTY Released

MTPuTTY 1.0 Beta - Multi-Tabbed PuTTY Released MTPuTTY Multi-tabbed PuTTY helps you to manage different PuTTY connections in one tabbed GUI interface. Every PuTTY connection runs in a separate tab and you can switch between PuTTYs as easy as you switch between opened pages in web browsers. When y...

Ubuntu Update for linux-lts-backport-maverick USN-1187-1

Ubuntu Update for Linux kernel vulnerabilities USN-1187-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11871.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-lts-backport-maverick USN-1187-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

USN-1187-1: Linux kernel (Maverick backport) vulnerabilities

It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. CVE-2010-3698 Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could...

Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1187-1)

It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. CVE-2010-3698 Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could...

USN-1164-1 : linux-fsl-imx51 vulnerabilities

Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. CVE-2010-3865 Dan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly...

USN-1164-1: Linux kernel vulnerabilities (i.MX51)

Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. CVE-2010-3865 Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly...

openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0965-2)

Multithreaded OpenSSL servers using the TLS server extension are vulnerable to a buffer overrun attack CVE-2010-3864. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libopenssl-devel-3562. The...

kernel: posix-cpu-timers: workaround to suppress the problems with mt exec

Race condition in the exitsignal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader...