Race condition

Race condition in the ext4filewriteiter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service file unavailability via a combination of a write action and an FSETFL fcntl operation for the ODIRECT flag...

CVE-2014-8086

Race condition in the ext4filewriteiter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service file unavailability via a combination of a write action and an FSETFL fcntl operation for the ODIRECT flag...

CVE-2014-8086

Race condition in the ext4filewriteiter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service file unavailability via a combination of a write action and an FSETFL fcntl operation for the ODIRECT flag...

Microsoft Windows 2000/NT 4 TCP Stack DoS Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/3967/info An issue exists in Windows which could cause the TCP stack to consume all available system memory. This is achieved if a user sends numerous empty TCP packets to a host on port 139. Successful exploitation of th...

TrueCrypt 4.3 - Privilege Escalation Exploit

No description provided by source. $Id: raptortruecrypt,v 1.1.1.1 2007/04/04 11:31:56 raptor Exp $ raptortruecrypt - setuid truecrypt privilege escalation Copyright c 2007 Marco Ivaldi [email protected] TrueCrypt 4.3, when installed setuid root, allows local users to cause a denial of servic...

Splunk Enterprise 6.x < 6.0.1 Malformed Packet DoS

According to its version number, the Splunk Enterprise hosted on the remote web server may be affected by a denial of service vulnerability that is triggered by malformed network input, resulting in the Splunk server becoming unavailable. Note that this only affects Splunk Enterprise 6.0 componen...

VxWorks 5.5 through 6.9 Multiple Vulnerabilities

According to its self-reported version, the remote VxWorks device is version 5.5 through 6.9. It therefore is potentially affected by the following vulnerabilities : - An attacker can cause SSH access to be unavailable until the next reboot with a specially crafted requests. CVE-2013-0711 /...

vdsm: incomplete fix for CVE-2013-0167 issue

VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167...

Management Server DOS Vulnerability

An issue exists whereby the management server of the device can be crashed when an authenticated users sends a specially crafted command via the command line interface. Ref 35254 This issue results in the unavailability of the management server of the device. The attacker must be an authenticated...

Important: Red Hat Security Advisory: jbossws security update

Updated jbossws-client.jar, jbossws-common.jar, jbossws-core.jar, and jbossws-native-core.jar files for JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0 that fix one security issue are now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this...

PHP-Barcode 0.3pl1 - Remote Code Execution

PHP-Barcode 0.3pl1 Remote Code Execution The input passed to the code parameter is not sanitized and is used on a popen function. This allows remote command execution and also allows to see environment vars: Windows http://www.site.com/php-barcode/barcode.php?code=%TMP% Linux...

CVE-2011-0163

WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle unspecified "cached resources," which allows remote attackers to cause a denial of service resource unavailability via a crafted web site that conducts a cache-poisoning attack...

Nokia MultiMedia Player 1.1 - Remote Denial of Service

Nokia MultiMedia Player 1.1 - Remote Denial of Service source: https://www.securityfocus.com/bid/36215/info Nokia Multimedia Player is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected application to stop responding, denying service to...

KLA10064 DoS vulnerability in SlySoft

An improper buffer validation vulnerability was found in SlySoft products. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited locally at a point related to ElbyCDIO.sys via a specially designed IOCTL call. Original advisories CloneC...

Thunderbird DoS attacks via malformed MIME emails (Linux)

The host is running Mozilla Thunderbird which is prone to denial of service vulnerability. Vulnerability: Flaw is due to improper handling of multipart/mixed e-mail messages with many MIME parts and e-mail messages with many Content-type: message/rfc822 headers. OpenVAS Vulnerability Test $Id:...

Design/Logic Flaw

XRunSabre in sabre aka xsabre 0.2.4b relies on the ability to create /tmp/sabre.log, which allows local users to cause a denial of service application unavailability by creating a /tmp/sabre.log file that cannot be overwritten...

Pragma TelnetServer空指针引用拒绝服务漏洞

BUGTRAQ ID: 27143 Pragma TelnetServer是一款远程访问和控制Telnet服务器。 Pragma TelnetServer处理协议数据时存在漏洞，远程攻击者可能利用此漏洞导致服务器不可用。 TelnetServer服务器对每个入站连接启动一个telnetd.exe进程，该进程在处理TELOPT PRAGMA LOGON telnet选项（138号）期间存在空指针引用，导致进程终止。尽管终止单个进程不会影响其他进程，但终止某些进程会导致拒绝访问服务器。 Pragma Systems TelnetServer = 7.0 Build 4 Revision 58...

VMware Workstation 6.0多个安全漏洞

BUGTRAQ ID: 25728,25729,25731,25732 CVECAN ID: CVE-2007-0061,CVE-2007-0062,CVE-2007-0063,CVE-2007-4059,CVE-2007-4155,CVE-2007-4496,CVE-2007-4497 VMWare是一款虚拟PC软件，允许在一台机器上同时运行两个或多个Windows、DOS、LINUX系统。 VMWare的实现上存在多个安全漏洞，可导致多种威胁。 具体如下： 1 VMWare的DHCP服务器可被恶意网页用来获取系统权限。 2...

Design/Logic Flaw

BEA WebLogic Server 9.0 through 9.2 allows remote attackers to cause a denial of service SSL port unavailability by accessing a half-closed SSL socket...

CVE-2007-2704

BEA WebLogic Server 9.0 through 9.2 allows remote attackers to cause a denial of service SSL port unavailability by accessing a half-closed SSL socket...