CVE-2008-0299

common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool...

Linux Kernel 2.6.x sys_timer_create() Local Denial of Service Exploit

No description provided by source. ;nasm -f elf noHeaven.asm ;ld -s -o noHeaven noHeaven.o section .text global start count equ 8 ; threads count - do it quicker start: mov ebx, count call createthreads jmp done pause: mov eax,29 int 0x80 ret createthreads: mov eax,2 int 0x80 test eax,eax jz...

Design/Logic Flaw

PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service application crash via a long string in 1 the domain parameter to the dgettext function, the message parameter to the 2 dcgettext or 3 gettext function, the msgid1 parameter to the 4 dngettext or 5 ngettext...

[SECURITY] Fedora 8 Update: glib2-2.14.3-1.fc8

GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system. This package provides versi...

Simple Machines Forum (SMF) 1.1.3 - Blind SQL Injection

Simple Machines Forum SMF 1.1.3 - Blind SQL Injection !/usr/bin/perl Written By Michael Brooks contact: th3dotr00katgmaildotcom SMF 1.1.3 Extremely fast Blind SQL Injection Exploit! -Binary Search -Multi-Threaded -NO benchmark's Two SQL Injection flaws. Works with magicquotesgpc=On or Off. Total...

Windows IE7 URI Handler command execution through Firefox

Added: 10/19/2007 CVE: CVE-2007-3896 BID: 25945 OSVDB: 41090 Background The shell32.dll library provides functions which handle interaction between Internet Explorer and the Windows shell. Problem The version of the shell32.dll library installed with Internet Explorer 7 does not properly validate...

Windows IE7 URI Handler command execution through Firefox

Added: 10/19/2007 CVE: CVE-2007-3896 BID: 25945 OSVDB: 41090 Background The shell32.dll library provides functions which handle interaction between Internet Explorer and the Windows shell. Problem The version of the shell32.dll library installed with Internet Explorer 7 does not properly validate...

Savant 3.1 Web Server Overflow

This module exploits a stack buffer overflow in Savant 3.1 Web Server. The service supports a maximum of 10 threads for a default install. Each exploit attempt generally causes a thread to die whether successful or not. Therefore, in a default configuration, you only have 10 chances. Due to the...

Microsoft Visual Studio PDWizard.ocx ActiveX vulnerability

Added: 09/30/2007 CVE: CVE-2007-4891 BID: 25638 OSVDB: 37106 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem ActiveX controls contained in the PDWizard.ocx file in Microsoft Visual Studio 6.0 expose the StartProcess metho...

Microsoft Visual Studio PDWizard.ocx ActiveX vulnerability

Added: 09/30/2007 CVE: CVE-2007-4891 BID: 25638 OSVDB: 37106 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem ActiveX controls contained in the PDWizard.ocx file in Microsoft Visual Studio 6.0 expose the StartProcess metho...

VMware vielib.dll StartProcess command execution

Added: 09/25/2007 CVE: CVE-2007-4058 BID: 25118 OSVDB: 42078 Background VMware is a suite of products supporting the creation and operation of virtual machines , which are self-contained, independent guest operating systems running within a host operating system. Problem The StartProcess function...

CVE-2007-4784

The setlocale function in PHP before 5.2.4 allows context-dependent attackers to cause a denial of service application crash via a long string in the locale parameter. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless this issue can be...

Remote code execution

PHP before 5.2.3 allows context-dependent attackers to cause a denial of service application crash via 1 a long string in the pattern parameter to the glob function; or 2 a long string in the string parameter to the fnmatch function, accompanied by a pattern parameter value with undefined...

Low: gdb security and bug fix update

6.3.0.0-1.143 - Fix unhandled race cases of exec from threaded program BZ 202689. - Add testcase for exec from threaded program BZ 202689. 6.3.0.0-1.142 - Fixed zombie threads regression from the stale threads crash fix BZ 195429. 6.3.0.0-1.141 - Fix bogus 0x0 unwind of the thread's topmost...

Moderate: gcc security and bug fix update

3.4.6-8.0.1 - add gcc34-pr23591-tls-model-fix.patch - this patch fixes a bug with exception handlers and threads 3.4.6-8 - add gnu.java.util.ZoneInfo class, use tzdata files for libgcj timezone stuff instead of builtin simple and outdated rules 227884 - add missing @GCC4.0.0 and @GCC4.2.0 libgcc...

PHP 45 - Executor Deep Recursion Remote Denial of Service

PHP 45 - Executor Deep Recursion Remote Denial of Service source: https://www.securityfocus.com/bid/22766/info PHP is prone to a denial-of-service vulnerability because it fails to properly sanitize user-supplied input. An attacker with permissions to execute PHP code on an affected computer may...

VERITAS NetBackup bpcd daemon command chaining vulnerability

Added: 02/16/2007 CVE: CVE-2006-4902 BID: 21565 OSVDB: 31334 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The NetBackup bpcd daemon fails to properly validate chained commands. A remote attacker could execute arbitrary commands by appending the...

Code injection

BEA WebLogic Server 6.1 through 6.1 SP7, 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, and 9.0 allows remote attackers to cause a denial of service server hang via certain requests that cause muxer threads to block when processing error pages...

MS Windows NtRaiseHardError Csrss.exe Memory Disclosure Exploit

No description provided by source. ///////////////////////////////////////// ///////////////////////////////////////// ///// Microsoft Windows NtRaiseHardError ///// Csrss.exe memory disclosure ///////////////////////////////////////// ///// Ruben Santamarta ///// ruben at reversemode dot com ///...

CVE-2006-6418

Buffer overflow in the POSIX Threads library libpthread on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREADCONFIG environment variable...