Lucene search
K

32 matches found

RedHat Linux
RedHat Linux
added 2018/10/30 12:31 p.m.5 views

kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service

By mmaping a FUSE-backed file onto a process's memory containing command line arguments or environment strings, an attacker can cause utilities from psutils or procps such as ps, w or any other program which makes a read call to the /proc//cmdline or /proc//environ files to block indefinitely...

5.3CVSS7.2AI score0.07291EPSS
Exploits5References5
FireEye
FireEye
added 2017/09/01 11:0 a.m.16 views

Monitoring Windows Console Activity (Part 2)

This is the second of two blogs that discuss the implementation of the Windows console architecture from years past, with a primary focus on the current implementation present on modern versions of Windows. Read our first blog, "Monitoring Windows Console Activity Part 1," for more. Capturing the...

7.3AI score
Exploits0
FireEye
FireEye
added 2017/09/01 11:0 a.m.104 views

Monitoring Windows Console Activity (Part 2)

This is the second of two blogs that discuss the implementation of the Windows console architecture from years past, with a primary focus on the current implementation present on modern versions of Windows. Read our first blog, "Monitoring Windows Console Activity Part 1," for more. Capturing the...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/12/16 12:0 a.m.36 views

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1638-1)

This openjdk update fixes the following security and non security issues : - Upgrade to 2.4.8 bnc887530 - Changed back from gzipped tarball to xz - Changed the keyring file to add Andrew John Hughes that signed the icedtea package - Change ZERO to AARCH64 tarball - Removed patches : -...

10CVSS7.8AI score0.10117EPSS
Exploits2References43
Cvelist
Cvelist
added 2013/10/24 1:0 a.m.29 views

CVE-2013-5179

App Sandbox in Apple Mac OS X before 10.9 allows attackers to bypass intended sandbox restrictions via a crafted app that uses the LaunchServices interface to specify process arguments...

5.7AI score0.01329EPSS
Exploits0References2
Prion
Prion
added 2010/02/25 12:30 a.m.11 views

Command injection

Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, places a ccrypt key on the command line, which allows local users to obtain sensitive information by listing the process and its arguments, related to "echoing."...

2.1CVSS6.2AI score0.00348EPSS
Exploits0References8Affected Software1
Prion
Prion
added 2009/05/22 11:52 a.m.11 views

Command injection

SLiM Simple Login Manager 1.3.0 places the X authority magic cookie mcookie on the command line when invoking xauth from 1 app.cpp and 2 switchuser.cpp, which allows local users to access the X session by listing the process and its arguments...

2.1CVSS6.7AI score0.00464EPSS
Exploits1References9Affected Software1
Debian CVE
Debian CVE
added 2009/05/22 1:0 a.m.19 views

CVE-2009-1756

SLiM Simple Login Manager 1.3.0 places the X authority magic cookie mcookie on the command line when invoking xauth from 1 app.cpp and 2 switchuser.cpp, which allows local users to access the X session by listing the process and its arguments...

2.1CVSS4.3AI score0.00464EPSS
Exploits1
NVD
NVD
added 2009/05/06 5:30 p.m.28 views

CVE-2009-1573

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...

4.6CVSS6.5AI score0.00456EPSS
Exploits1References8
Prion
Prion
added 2009/05/06 5:30 p.m.17 views

Command injection

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...

4.6CVSS7.1AI score0.00456EPSS
Exploits1References8Affected Software2
Cvelist
Cvelist
added 2009/05/06 5:0 p.m.31 views

CVE-2009-1573

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...

6.4AI score0.00456EPSS
Exploits1References8
Prion
Prion
added 2007/10/23 4:46 p.m.12 views

Default credentials

makecatalogbackup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line argument, and sometimes transmits cleartext e-mail containing this command line, which allows context-dependent attackers to obtain the password by listing the process and its arguments, or by sniffi...

2.1CVSS7AI score0.00292EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder