212 matches found
memcached-info NSE Script
Retrieves information including system architecture, process ID, and server time from distributed memory object caching system memcached. Example Usage nmap -p 11211 --script memcached-info Script Output 11211/udp open unknown | memcached-info: | Process ID: 18568 | Uptime: 6950 seconds | Server...
ruby: Properly initialize the random number generator when forking new process
The SecureRandom.randombytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an...
Nmap NSE net: smb-enum-processes
Pulls a list of processes from the remote server over SMB. This will determine all running processes, their process IDs, and their parent processes. It is done by querying the remote registry service, which is disabled by default on Vista; on all other Windows versions, it requires Administrator...
Moderate: Red Hat Security Advisory: Red Hat Directory Server security update
Updated Red Hat Directory Server and related packages that fix three security issues are now available for Red Hat Directory Server 8.2. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
[ MDVSA-2009:244 ] xfig
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:244 http://www.mandriva.com/security/ Package : xfig Date : September 23, 2009 Affected: Corporate 4.0 Problem Description: A vulnerability was discovered and corrected in xfig: Xfig in Debian GNU/Linux,...
Out-of-bounds
Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service system crash via an & ampersand character in a Proces...
CVE-2009-3103
Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service system crash via an & ampersand character in a Proces...
PT-2009-1117
Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to a fixed version Description The issue is related to an array index error in the SMBv2 protocol implementation, allowing remote attackers to execute arbitrary code or cause a denial of service via a specially...
CVE-2009-1962
Xfig, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on the 1 xfig-epsPID, 2 xfig-picPID.pix, 3 xfig-picPID.err, 4 xfig-pcxPID.pix, 5 xfig-xfigrcPID, 6 xfigPID, 7 xfig-printPID, 8 xfig-exportPID.err, 9 xfig-batchPID, 10 xfig-expPID, or 11 xfig-spell.PID...
DEBIAN-CVE-2009-1962
Xfig, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on the 1 xfig-epsPID, 2 xfig-picPID.pix, 3 xfig-picPID.err, 4 xfig-pcxPID.pix, 5 xfig-xfigrcPID, 6 xfigPID, 7 xfig-printPID, 8 xfig-exportPID.err, 9 xfig-batchPID, 10 xfig-expPID, or 11 xfig-spell.PID...
UBUNTU-CVE-2009-1962
Xfig, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on the 1 xfig-epsPID, 2 xfig-picPID.pix, 3 xfig-picPID.err, 4 xfig-pcxPID.pix, 5 xfig-xfigrcPID, 6 xfigPID, 7 xfig-printPID, 8 xfig-exportPID.err, 9 xfig-batchPID, 10 xfig-expPID, or 11 xfig-spell.PID...
kernel: 'kill sig -1' must only apply to caller's pid namespace
The killsomethinginfo function in kernel/signal.c in the Linux kernel before 2.6.28 does not consider PID namespaces when processing signals directed to PID -1, which allows local users to bypass the intended namespace isolation, and send arbitrary signals to all processes in all namespaces, via ...
apcupsd < 3.8.6 / 3.10.x < 3.10.5 Multiple Vulnerabilities
apcupsd is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2003 Renaud Deraison Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apc:apcupsd"; ifdescription...
CVE-2007-3304
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the workerscore and processscore arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."...
GLSA-200511-19 : eix: Insecure temporary file creation
The remote host is affected by the vulnerability described in GLSA-200511-19 eix: Insecure temporary file creation Eric Romang discovered that eix creates a temporary file with a predictable name. eix creates a temporary file in /tmp/eix..sync where is the process ID of the shell running eix...
eix: Insecure temporary file creation
Background eix is a small utility for searching ebuilds with indexing for fast results. Description Eric Romang discovered that eix creates a temporary file with a predictable name. eix creates a temporary file in /tmp/eix..sync where is the process ID of the shell running eix. Impact A local...
security flaw
The DBI library libdbi-perl for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file...
Peer2Mail 1.4 - Encrypted Password Dumper
/ Peer2Mail Encrypt PassDumper Exploit v1.0 Discoveried & Coded By ATmaCA Copyright ©2002-2005 AtmacaSoft Inc. All Rights Reserved. Web: http://www.atmacasoft.com E-Mail: [email protected] / / Peer2Mail 1.4 and prior versions are affected. Tested for gmail account on Win XP SP2 / include include...
Cscope <= 15.5 Symlink Vulnerability Exploit
Exploit for linux platform in category local exploits ============================================ Cscope include include include define BSIZE 64 int mainint ac, char av pidt cur; uint i=0, lst; char bufferBSIZE + 1; fprintfstdout, "\n -- Cscope Exploit --\n"\ " version 15.5 and minor \n" \ "...
CVE-2004-0517
Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package installation," a different vulnerability than CVE-2004-0516...