Lucene search
K

234 matches found

UbuntuCve
UbuntuCve
added 2016/04/27 12:0 a.m.32 views

CVE-2016-3672

The archpickmmaplayout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDRNORANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid...

7.8CVSS7.1AI score0.0117EPSS
Exploits12References16
RedhatCVE
RedhatCVE
added 2015/10/30 10:5 a.m.33 views

CVE-2006-3378

passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits...

7.2CVSS7.6AI score0.00341EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.34 views

openSUSE Security Update : ecryptfs-utils (openSUSE-SU-2011:0902-1)

This update of ecryptfs-utils fixes several security problems : - CVE-2011-1831 - Race condition when checking mountpoint during mount. - CVE-2011-1832 - Race condition when checking mountpoint during unmount. - CVE-2011-1833 - Race condition when checking source during mount. - CVE-2011-1834 -...

4.6CVSS8.2AI score0.00382EPSS
Exploits2References8
NVD
NVD
added 2014/02/26 3:55 p.m.25 views

CVE-2011-1749

The nfsaddmntent function in support/nfs/nfsmntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a small RLIMITFSIZE value,...

3.3CVSS8.7AI score0.00359EPSS
Exploits0References5
OSV
OSV
added 2014/02/26 3:55 p.m.2 views

DEBIAN-CVE-2011-1749

The nfsaddmntent function in support/nfs/nfsmntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a small RLIMITFSIZE value,...

3.3CVSS6.6AI score0.00359EPSS
Exploits0References1
OSV
OSV
added 2014/02/26 3:55 p.m.4 views

UBUNTU-CVE-2011-1749

The nfsaddmntent function in support/nfs/nfsmntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a small RLIMITFSIZE value,...

3.3CVSS5.8AI score0.00359EPSS
Exploits0References2
CVE
CVE
added 2014/02/26 3:0 p.m.81 views

CVE-2011-1749

The CVE-2011-1749 entry concerns nfs-utils before 1.2.4, where the nfs_addmntent function in support/nfs/nfs_mntent.c can append to /etc/mtab without considering resource limits, enabling local users to corrupt the file with a small RLIMIT_FSIZE value (tied to CVE-2011-1089). Several connected ad...

3.3CVSS7.4AI score0.00359EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2013/05/02 2:55 p.m.3 views

DEBIAN-CVE-2013-0306

The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of service memory consumption or trigger server errors via a modified maxnum parameter...

5CVSS6.9AI score0.02574EPSS
Exploits1References1
OSV
OSV
added 2013/05/02 2:55 p.m.39 views

PYSEC-2013-17

The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of service memory consumption or trigger server errors via a modified maxnum parameter...

5CVSS5.7AI score0.02574EPSS
Exploits1References5
CVE
CVE
added 2013/05/02 2:0 p.m.100 views

CVE-2013-0306

The CVE-2013-0306 issue affects Django forms: the formset handling in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 does not enforce resource limits correctly due to a modified max_num parameter. This can allow remote attackers to bypass intended formset limits...

5CVSS6.5AI score0.02574EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2013/05/02 2:0 p.m.66 views

CVE-2013-0306

The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of service memory consumption or trigger server errors via a modified maxnum parameter...

5CVSS6.2AI score0.02574EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2013/04/20 12:0 a.m.27 views

Mandriva Linux Security Advisory : ncpfs (MDVSA-2013:048)

Multiple vulnerabilities has been discovered and corrected in ncpfs : ncpfs 2.2.6 and earlier attempts to use 1 ncpmount to append to the /etc/mtab file and 2 ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to...

4.4CVSS8.1AI score0.00474EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2013/02/20 12:0 a.m.26 views

CVE-2013-0306

The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of service memory consumption or trigger server errors via a modified maxnum parameter...

5CVSS5.9AI score0.02574EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2012/08/03 12:0 a.m.37 views

Mandriva Update for util-linux MDVSA-2012:083 (util-linux)

Check for the Version of util-linux OpenVAS Vulnerability Test Mandriva Update for util-linux MDVSA-2012:083 util-linux Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

4.6CVSS8.7AI score0.00449EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.20 views

Scientific Linux Security Update : krb5 on SL3.x, SL4.x, SL5.x i386/x86_64

A flaw was found in the way the MIT Kerberos Authentication Service and Key Distribution Center server krb5kdc handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to crash the krb5kdc daemon, disclose portions of its memory, or possibly execute arbitrary...

10CVSS8.5AI score0.10141EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2012/05/30 12:0 a.m.31 views

Mandriva Linux Security Advisory : ncpfs (MDVSA-2012:084)

Multiple vulnerabilities has been discovered and corrected in ncpfs : ncpfs 2.2.6 and earlier attempts to use 1 ncpmount to append to the /etc/mtab file and 2 ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to...

4.4CVSS8AI score0.00474EPSS
Exploits1References2
securityvulns
securityvulns
added 2012/03/20 12:0 a.m.103 views

[SECURITY] [DSA 2436-1] libapache2-mod-fcgid security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2436-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 19, 2012 http://www.debian.org/security/faq -...

5CVSS1.4AI score0.04864EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/03/20 12:0 a.m.23 views

Debian DSA-2436-1 : libapache2-mod-fcgid - inactive resource limits

It was discovered that the Apache FCGID module, a FastCGI implementation, did not properly enforce the FcgidMaxProcessesPerClass resource limit, rendering this control ineffective and potentially allowing a virtual host to consume excessive resources. %NASLMINLEVEL 70300 C Tenable Network Securit...

5CVSS5.4AI score0.04864EPSS
Exploits0References4
OSV
OSV
added 2012/03/19 12:0 a.m.14 views

DSA-2436-1 libapache2-mod-fcgid - inactive resource limits

Bulletin has no description...

5CVSS6.3AI score0.04864EPSS
Exploits0
seebug.org
seebug.org
added 2012/03/10 12:0 a.m.43 views

Samba 3.x 'etc/mtab'文件附加本地拒绝服务漏洞

BUGTRAQ ID: 49939 CVE ID: CVE-2011-1678 Samba是一套实现SMB(Server Messages Block)协议、跨平台进行文件共享和打印共享服务的程序。 Samba 3.5.8及更早版本中的smbfs尝试使用mount.cifs附加到/etc/mtab文件,umount.cifs附加到/etc/mtab.tmp文件,而没有检查资源限制,可使本地用户通过small RLIMITFSIZE值相关进程破坏/etc/mtab文件。 0 Samba 3.x 厂商补丁: Samba -----...

3.3CVSS0.00531EPSS
Exploits2
Rows per page
Query Builder