Mandrake Linux Security Advisory : kernel (MDKSA-2007:195)

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel : A stack-based buffer overflow in the random number generator could allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool si...

kernel security update

CentOS Errata and Security Advisory CESA-2007:0940 Updated kernel packages that fix various security issues in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles th...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix various security issues in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These ne...

Fedora Core 6 : rpm-4.4.2.1-1.fc6 (2007-668)

Summary of changes : - update to 4.4.2.1 fixing 247749 and countless others - avoid unnecessary .rpmsave / .rpmnew files 29470, 128622 - stricter docdir checking 246819 - allow checking for pending signals from python 181434 - add hook to python for cleaning up on unclean exit 245389 - resurrect...

CVE-2007-3848

Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death signal PRSETPDEATHSIG...

D-Bus denial of service

Unspecified vulnerability in the matchruleequal function in bus/signals.c in D-Bus before 1.0.2 allows local applications to remove match rules for other applications and cause a denial of service lost process messages...

CVE-2006-6107

Unspecified vulnerability in the matchruleequal function in bus/signals.c in D-Bus before 1.0.2 allows local applications to remove match rules for other applications and cause a denial of service lost process messages...

CVE-2006-6275

Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service panic via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals...

CVE-2003-1307

Summary: CVE-2003-1307 affects the mod_php module of the Apache HTTP Server. Vulnerability: Local users with write access to PHP scripts can signal the server’s process group and manipulate server file descriptors, demonstrated by sending a STOP signal and intercepting connections on the server’s...

CVE-2003-1307

The modphp module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: th...

Debian DSA-1015-1 : sendmail - programming error

Mark Dowd discovered a flaw in the handling of asynchronous signals in sendmail, a powerful, efficient, and scalable mail transport agent. This allows a remote attacker to exploit a race condition to execute arbitrary code as root. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Current Versions Release History

Current Versions Release History 5.1c2 30-Jun-06 Valid Core License Keys: issued between 01-Jun-2004 and 31-Oct-2004, or on or after 01-Jun-2005. Admin: Lawful Intercept for Signals is implemented. WSSP: now all string prefixes HTML, JAVASCRIPT, etc. support numeric data. XIMSS: the Signal...

Apache Httpd < 2.0.61 : Signals to arbitrary processes

The Apache HTTP server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the HTTP server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service...

Linux Kernel Local DoS vulnerability.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello. I'd like to present one of Linux Kernel vulnerabilities. As far as I know, this one affects 2.6.x kernels. Problem - -- The problem lies in systimercreate in Linux/kernel/posix-timers.c. Each time user creates a posix timer, some kernel memory ...

Fedora Core 5 : sendmail-8.13.6-0.FC5.1 (2006-193)

Fixes CVE-2006-0058 : A flaw in the handling of asynchronous signals. A remote attacker may be able to exploit a race condition to execute arbitrary code as root. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable h...

Sendmail mail server race conditions

Race conditions on signals processing with setjmp/longjmp allow remote code execution...

DSA-1015-1 sendmail - programming error

Bulletin has no description...

GLSA-200603-21 : Sendmail: Race condition in the handling of asynchronous signals

The remote host is affected by the vulnerability described in GLSA-200603-21 Sendmail: Race condition in the handling of asynchronous signals ISS discovered that Sendmail is vulnerable to a race condition in the handling of asynchronous signals. Impact : An attacker could exploit this via certain...

SUSE-SA:2006:017: sendmail

The remote host is missing the patch for the advisory SUSE-SA:2006:017 sendmail. The popular MTA sendmail is vulnerable to a race condition when handling signals. Under certain circumstances this bug can be exploited by an attacker to execute commands remotely. Sendmail was the default MTA in SuS...

FreeBSD Security Advisory FreeBSD-SA-06:13.sendmail

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:13.sendmail Security Advisory The FreeBSD Project Topic: Race condition in sendmail Category: contrib Module: contribsendmail Announced: 2006-03-22 Affects: Al...