Lucene search
K

118 matches found

OSV
OSV
added 2014/07/24 12:0 a.m.54 views

DSA-2989-1 apache2 - security update

Bulletin has no description...

6.8CVSS6AI score0.85744EPSS
Exploits5
RedHat Linux
RedHat Linux
added 2014/07/23 10:0 a.m.4 views

httpd: mod_cgid denial of service

A denial of service flaw was found in the way httpd's modcgid module executed CGI scripts that did not read data from the standard input. A remote attacker could submit a specially crafted request that would cause the httpd child process to hang indefinitely...

5CVSS6.7AI score0.43809EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2014/07/23 10:0 a.m.4 views

httpd: mod_cgid denial of service

A denial of service flaw was found in the way httpd's modcgid module executed CGI scripts that did not read data from the standard input. A remote attacker could submit a specially crafted request that would cause the httpd child process to hang indefinitely...

5CVSS6.7AI score0.43809EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2014/07/23 9:19 a.m.5 views

httpd: mod_cgid denial of service

A denial of service flaw was found in the way httpd's modcgid module executed CGI scripts that did not read data from the standard input. A remote attacker could submit a specially crafted request that would cause the httpd child process to hang indefinitely...

5CVSS6.7AI score0.43809EPSS
Exploits1References5
OSV
OSV
added 2014/07/20 11:12 a.m.1 views

DEBIAN-CVE-2014-0231

The modcgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service process hang via a request to a CGI script that does not read from its stdin file descriptor...

5CVSS8.8AI score0.43809EPSS
Exploits1References1
OSV
OSV
added 2014/02/05 7:55 p.m.2 views

DEBIAN-CVE-2011-4613

The X.Org X wrapper xserver-wrapper.c in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY...

4.6CVSS6.5AI score0.00862EPSS
Exploits3References1
UbuntuCve
UbuntuCve
added 2013/04/08 5:55 p.m.32 views

CVE-2013-2777

sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the ttytickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling...

4.4CVSS7AI score0.00364EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2013/04/08 5:0 p.m.48 views

CVE-2013-1776

sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the ttytickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard...

4.4CVSS2.8AI score0.00374EPSS
Exploits0
Debian CVE
Debian CVE
added 2013/04/08 5:0 p.m.39 views

CVE-2013-2777

sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the ttytickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling...

4.4CVSS2.1AI score0.00364EPSS
Exploits0
OpenVAS
OpenVAS
added 2010/12/02 12:0 a.m.17 views

Fedora Update for bogofilter FEDORA-2010-12959

Check for the Version of bogofilter OpenVAS Vulnerability Test Fedora Update for bogofilter FEDORA-2010-12959 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

5CVSS6.4AI score0.03441EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.25 views

FreeBSD Ports: ruby, ruby_static

The remote host is missing an update to the system as announced in the referenced advisory. VID 1daea60a-4719-11da-b5c6-0004614cc33d OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

7.5CVSS6.3AI score0.03256EPSS
Exploits0
OSV
OSV
added 2008/07/07 11:41 p.m.6 views

DEBIAN-CVE-2008-3067

sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits...

2.1CVSS6.8AI score0.00301EPSS
Exploits0References1
securityvulns
securityvulns
added 2007/01/18 12:0 a.m.43 views

Multiple OS kernel insecure handling of stdio file descriptor

XFOCUS team http://www.xfocus.org/ had discovered Multiple OS kernel insecure handling of stdio file descriptor. =================== Affected OS Version AIX 5.3 Solaris 9 HPUX B11.11 maybe other version,we did not tested =========== Description The affected OSes allows local users to write to or...

6.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2005/10/11 4:3 p.m.7 views

security flaw

Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input stdin...

7.5CVSS5.9AI score0.03256EPSS
Exploits0References4
Snyk
Snyk
added 2005/10/07 11:2 p.m.5 views

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution. Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program throu...

7.5CVSS7.5AI score0.03256EPSS
Exploits0References2
Cvelist
Cvelist
added 2005/10/07 4:0 a.m.28 views

CVE-2005-2337

Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input stdin...

6.5AI score0.03256EPSS
Exploits0References28
exploitpack
exploitpack
added 2002/04/23 12:0 a.m.24 views

Apple Mac OSX 10.x FreeBSD 4.x OpenBSD 2.x Solaris 2.52.67.08 - exec C Library Standard IO File Descriptor Closure

Apple Mac OSX 10.x FreeBSD 4.x OpenBSD 2.x Solaris 2.52.67.08 - exec C Library Standard IO File Descriptor Closure / source: https://www.securityfocus.com/bid/4568/info It has been reported that BSD-based kernels do not check to ensure that the C library standard I/O file descriptors 0-2 are vali...

7.4AI score
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2002/04/22 12:0 a.m.8 views

FreeBSD-SA-02:23.stdio

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:23.stdio Security Advisory The FreeBSD Project Topic: insecure handling of stdio file descriptors Category: core Module: kernel Announced: 2002-04-22 Credits: Joost Pol ,...

5.8AI score
Exploits0
Rows per page
Query Builder