153 matches found
CVE-2011-3339
The CVE-2011-3339 entry describes an XSS vulnerability in the Admin Control Center of SafeNet Sentinel HASP/SRM, affecting HASP Run-time Environment 5.95 and earlier, with installers before 6.x and SDKs before 5.11. The issue arises from inadequate input validation in the web application, which c...
Privilege escalation
Csrsrv.dll in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process...
Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2620712)
This host is missing an important security update according to Microsoft Bulletin MS11-097. OpenVAS Vulnerability Test $Id: secpodms11-097.nasl 5362 2017-02-20 12:46:39Z cfi $ Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability 2620712 Authors: Rachana Shetty Copyright:...
Seeker Advisory Sep11: Insecure Redirect in Microsoft SharePoint Portal
Seeker Research Center Security Advisory This vulnerability was discovered by Seekerr Automatic Run-Time Application Security Testing Solution Disclosed By Irene Abezgauz, September 13th, 2011 ========= I. Overview ========= An Insecure Redirect vulnerability has been identified in Microsoft...
Fedora 14 : nip2-7.24.2-1.fc14 / vips-7.24.7-2.fc14 (2011-10781)
7.24 series. Run-time code generation Open via disc mode Workspace as Graph mode for nip2 FITS image format VIPS rewrite Better nibs in paintbox Better TIFF and JPEG load Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...
Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2567680)
This host is missing a critical security update according to Microsoft Bulletin MS11-063. OpenVAS Vulnerability Test $Id: secpodms11-063.nasl 8724 2018-02-08 15:02:56Z cfischer $ Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability 2567680 Authors: Antu Sanadi...
Integer overflow
Integer overflow in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges or cau...
Null pointer dereference
The Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly initialize memory and consequently uses a NULL...
CVE-2011-1283
The CVE-2011-1283 entry concerns the Windows CSRSS component in the Win32 subsystem. The vulnerability arises from an array index check flaw in SrvSetConsoleNumberOfCommand, allowing a local attacker to cause memory corruption and elevate privileges by triggering an incorrect memory assignment fo...
CVE-2011-1281
The Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly restrict the number of console objects for a...
Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2476687)
This host is missing a critical security update according to Microsoft Bulletin MS11-010. OpenVAS Vulnerability Test $Id: secpodms11-010.nasl 5362 2017-02-20 12:46:39Z cfi $ Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability 2476687 Authors: Sooraj KS Copyright: Copyright ...
Microsoft Ships 12 Bulletins in February's Patch Tuesday
Microsoft addressed 22 flaws with 12 separate bulletins in February’s edition of Patch Tuesday, including three bulletins that were rated critical with the remaining nine rated as important. Among the programs affected are Microsoft Windows, Internet Explorer, Office, Visual Studio, and IIS. The...
CVE-2010-3192
CVE-2010-3192 affects the GNU C Library (glibc) and concerns runtime memory protection that prints argv[0] and backtrace data, potentially allowing a context-dependent attacker to read sensitive process memory. The description references a setuid program with a stack-based overflow (fortify_fail/...
FreeBSD Security Advisory (FreeBSD-SA-09:16.rtld.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:16.rtld.asc SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Code injection
The rtld function in the Run-Time Link-Editor rtld in libexec/rtld-elf/rtld.c in FreeBSD 7.1 and 8.0 does not clear the 1 LDLIBMAP, 2 LDLIBRARYPATH, 3 LDLIBMAPDISABLE, 4 LDDEBUG, and 5 LDELFHINTSPATH environment variables, which allows local users to gain privileges by executing a setuid or setgu...
CVE-2009-4146
The rtld function in the Run-Time Link-Editor rtld in libexec/rtld-elf/rtld.c in FreeBSD 7.1, 7.2, and 8.0 does not clear the LDPRELOAD environment variable, which allows local users to gain privileges by executing a setuid or setguid program with a modified LDPRELOAD variable containing an...
CVE-2009-4146
The CVE-2009-4146 entry concerns FreeBSD's run-time linker (rtld) in libexec/rtld-elf/rtld.c. The underlying issue is that rtld's unsetenv logic does not clear LD_PRELOAD when __findenv() fails, enabling a local user to influence library loading via a modified LD_PRELOAD path and gain privileges ...
Serious Zero-Day Flaw Found in FreeBSD, Exploit Published
A researcher has published an explanation of a new flaw in FreeBSD that allows an attacker to take control of a vulnerable machine. The vulnerability could give an attacker root access to the FreeBSD machine, and the FreeBSD developers have published a patch for the flaw early Tuesday. The...
** FreeBSD local r00t zeroday
FreeBSD local r00t 0day Discovered & Exploited by Nikolaos Rangos also known as Kingcope. Nov 2009 "BiG TiME" "Go fetch your FreeBSD r00tkitz" // http://www.youtube.com/watch?v=dDnhthI27Fg There is an unbelievable simple local r00t bug in recent FreeBSD versions. I audited FreeBSD for local r00t...
FreeBSD rtld Local Root Exploit
FreeBSD local r00t 0day Discovered & Exploited by Nikolaos Rangos also known as Kingcope. Nov 2009 "BiG TiME" "Go fetch your FreeBSD r00tkitz" // http://www.youtube.com/watch?v=dDnhthI27Fg There is an unbelievable simple local r00t bug in recent FreeBSD versions. I audited FreeBSD for local r00t...