dbus: Local DoS via messages with non-native byte order

The dbusheaderbyteswap function in dbus-marshal-header.c in D-Bus aka DBus 1.2.x before 1.2.28, 1.4.x before 1.4.12, and 1.5.x before 1.5.4 does not properly handle a non-native byte order, which allows local users to cause a denial of service connection loss, obtain potentially sensitive...

Java RMI Server Insecure Default Configuration Java Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Java RMI Server Insecure Default...

PT-2011-1152 · Freedesktop.Org +1 · D-Bus +1

Name of the Vulnerable Software and Affected Versions: D-Bus versions 1.2.x through 1.2.27 D-Bus versions 1.4.x through 1.4.11 D-Bus versions 1.5.x through 1.5.3 Description: The issue concerns a problem with handling non-native byte order in the dbus header byteswap function, which can be...

Ubuntu 8.04 LTS : linux vulnerabilities (USN-1146-1)

Kees Cook discovered that some ethtool functions did not correctly clear heap memory. A local attacker with CAPNETADMIN privileges could exploit this to read portions of kernel heap memory, leading to a loss of privacy. CVE-2010-4655 Kees Cook discovered that the IOWarrior USB device driver did n...

Ubuntu 10.04 LTS : linux, linux-ec2 vulnerabilities (USN-1141-1)

Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. CVE-2010-4243 Alexander Duyck discovered that the Intel Gigabit Ethernet driver...

USN-1146-1: Linux kernel vulnerabilities

Kees Cook discovered that some ethtool functions did not correctly clear heap memory. A local attacker with CAPNETADMIN privileges could exploit this to read portions of kernel heap memory, leading to a loss of privacy. CVE-2010-4655 Kees Cook discovered that the IOWarrior USB device driver did n...

[USN-1141-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1141-1 May 31, 2011 linux, linux-ec2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...

libvirt: several API calls do not honour read-only connection

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service host OS crash or possibly execute arbitrary code via a 1 virNodeDeviceDettach, 2 virNodeDeviceReset, 3 virDomainRevertToSnapsho...

CVE-2009-5061

Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 services for Lotus Domino, when Domino Native Authentication is enabled, might allow remote authenticated users to cause a denial of service daemon crash by going offline, aka SPR MLZG7UPB9N...

CVE-2009-5061

Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 services for Lotus Domino, when Domino Native Authentication is enabled, might allow remote authenticated users to cause a denial of service daemon crash by going offline, aka SPR MLZG7UPB9N...

Authentication flaw

Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 services for Lotus Domino, when Domino Native Authentication is enabled, might allow remote authenticated users to cause a denial of service daemon crash by going offline, aka SPR MLZG7UPB9N...

CVE-2011-0712

Technical details about CVE-2011-0712 are not publicly provided in the supplied documents. Monitor for updates in connected advisories; no confirmed affected products, versions, or fixes are stated here.

CVE-2011-0712

Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might allow attackers to cause a denial of service or possibly have unspecified other impact via a long USB device name, related to 1 the sndusbcaiaqaudioinit...

Native Instruments Massive 1.1.4 KSD File Handling Use-After-Free

Exploit for windows platform in category dos / poc ================================================================= Native Instruments Massive 1.1.4 KSD File Handling Use-After-Free ================================================================= !/usr/bin/perl Title: Native Instruments Massive...

Native Instruments Service Center 2.2.5 Local Privilege Escalation

Exploit for windows platform in category local exploits ================================================================== Native Instruments Service Center 2.2.5 Local Privilege Escalation ================================================================== Vendor: Native Instruments GmbH Product...

Native Instruments Traktor Pro 1.2.6 Stack-based Buffer Overflow

Exploit for windows platform in category dos / poc ================================================================ Native Instruments Traktor Pro 1.2.6 Stack-based Buffer Overflow ================================================================ !/usr/local/bin/perl Native Instruments Traktor Pro...

Native Instruments Reaktor 5 Player 5.5.1 Insecure Library Loading

/ Native Instruments Reaktor 5 Player v5.5.1 Insecure Library Loading Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 5.5.1 R10584 or 5.5.1.10584 Standalone Summary: REAKTOR 5 PLAYER is your free entry point to the award-winning...

Native Instruments Guitar Rig 4 Player 4.1.1 Insecure Library Loading

/ Native Instruments Guitar Rig 4 Player v4.1.1 Insecure Library Loading Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 4.1.1.1845 Standalone Summary: GUITAR RIG 4 PLAYER is the free, modular and expandable effects processor fro...

Native Instruments Reaktor 5 Player v5.5.1 Insecure Library Loading Vulnerability

Summary REAKTOR 5 PLAYER is your free entry point to the award-winning and avant-garde audio world of REAKTOR 5 - the super-powerful modular sound studio that made Native Instruments famous. Description Reaktor 5 Player suffers from a DLL hijacking vulnerability, which could be exploited by remot...

Native Instruments Traktor Pro 1.2.6 Stack-based Buffer Overflow Vulnerability

Summary TRAKTOR PRO is the new benchmark in DJ software. Mix digital files on four decks, using the high-quality internal mixer or external hardware, and the best effects suite around. Fully primed for professional use, TRAKTOR PRO redefines the art of DJing. Description Desc: Traktor Pro suffers...