Fedora Core 5 : sendmail-8.13.6-0.FC5.1 (2006-193)

Fixes CVE-2006-0058 : A flaw in the handling of asynchronous signals. A remote attacker may be able to exploit a race condition to execute arbitrary code as root. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable h...

DSA-1015-1 sendmail - programming error

Bulletin has no description...

GLSA-200603-21 : Sendmail: Race condition in the handling of asynchronous signals

The remote host is affected by the vulnerability described in GLSA-200603-21 Sendmail: Race condition in the handling of asynchronous signals ISS discovered that Sendmail is vulnerable to a race condition in the handling of asynchronous signals. Impact : An attacker could exploit this via certain...

FreeBSD Security Advisory FreeBSD-SA-06:13.sendmail

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:13.sendmail Security Advisory The FreeBSD Project Topic: Race condition in sendmail Category: contrib Module: contribsendmail Announced: 2006-03-22 Affects: Al...

Linux Kernel PPC64/IA64 (AIO) Local Denial of Service Exploit

Exploit for linux platform in category dos / poc ============================================================= Linux Kernel PPC64/IA64 AIO Local Denial of Service Exploit ============================================================= // // Proof of Concept by Daniel McNeil // compile using cc -o...

CVE-1999-1214

The CVE-1999-1214 issue affects the 4.4 BSD kernel’s asynchronous I/O facility. It does not validate credentials when setting the recipient of I/O notification, allowing a local user to trigger a signal to an arbitrary process ID via specific ioctl/fcntl calls, causing a denial of service. The do...

Проблема с асинхронным вводом/выводом в FreeBSD (privelege escalation)

Результат отложенной процедуры после exec может переписать память suid-процесса...

CVE-2001-0623

sendfiled, as included with Simple Asynchronous File Transfer SAFT, on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges...

CVE-2001-0623

sendfiled, as included with Simple Asynchronous File Transfer SAFT, on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges...

Небезопасная обработка сигналов (unsafe signal handling)

Определенная последовательность асинхронных событий может приводить к тому, что, например дважды освобождается область в памяти или происходит запись в освобожденную область...

Linux news 30.04.00

Linux 2.3.99-pre6 Вышло новое ядро Linux из "нестабильной" серии: Linux 2.3.99-pre6. Подробнее: http://linuxtoday.com/stories/20829.html Kernel traffic 64 В новой версии обзора списка рассылки ядра можно узнать интересные подробности о: - дискуссии о DevFS - ошибках ioctl - проблемах с асинхронны...