unsafe GSSAPI signal handler

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service crash, and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free...

Important: Red Hat Security Advisory: openssh security update

Updated openssh packages that fix several security issues in sshd are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH Secure SHell protocol implementation. This package...

CVE-2006-5051

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service crash, and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free...

CVE-2006-5051

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service crash, and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free...

CVE-2006-5051

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service crash, and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free...

Linux Kernel 2.6.13 2.6.17.4 - sys_prctl() Local Privilege Escalation (2)

Linux Kernel 2.6.13 2.6.17.4 - sysprctl Local Privilege Escalation 2 / Linux = 2.6.13 prctl kernel exploit C Julien TINNES If you read the Changelog from 2.6.13 you've probably seen: PATCH setuid core dump This patch mainly adds suidsafe to suiddumpable sysctl but also a new per process, user...

CVE-2006-0058

Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations...

Race condition

Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations...

CVE-2006-0058

Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations...

CVE-2006-0058

CVE-2006-0058 is a race-condition vulnerability in Sendmail 8.13.x (before 8.13.6) that can be triggered remotely to execute arbitrary code. The issue arises from improper handling of timeouts during message processing, where setjmp/longjmp usage may be interrupted, enabling memory corruption in ...

CVE-2006-0058

Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations...

security flaw

Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations...

Multiple Linux kernel vulnerabilities

DoS with signal handler, another one ptrace privilege escalation vulnerability...

CVE-2005-0893

CVE-2005-0893 affects Smail, specifically version 3.2.0.120, where modes.c implements signal handlers using certain unsafe library calls. The root cause described is that these unsafe calls in signal handlers can allow an attacker to execute arbitrary code via race conditions in the signal handli...

[SECURITY] [DSA 606-1] New nfs-utils packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 606-1 [email protected] http://www.debian.org/security/ Martin Schulze December 8th, 2004 http://www.debian.org/security/faq -...

Debian DSA-606-1 : nfs-utils - wrong signal handler

SGI has discovered that rpc.statd from the nfs-utils package, the Network Status Monitor, did not ignore the 'SIGPIPE'. Hence, a client prematurely terminating the TCP connection could also terminate the server process. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

TNFTPD Multiple Signal Handler Remote Superuser Privilege Escalation

Binary data 1854.prm...

CVE-2004-0794

CVE-2004-0794 affects lukemftpd/tnftpd (before 20040810). Race conditions in the out-of-band signal handling for ABOR can corrupt internal state, enabling a remote authenticated attacker to cause a denial of service or execute arbitrary code. Depending on the -r option, commands may run with the ...

CVE-2004-0554

Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service system crash, possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages for Red Hat Enterprise Linux 3 that fix security vulnerabilities are now available. The Linux kernel handles the basic functions of the operating system. A flaw was found in Linux kernel versions 2.4 and 2.6 for x86 and x8664 that allowed local users to cause a denial of...