DEBIAN-CVE-2010-4706

The pamsmclosesession function in pamxauth.c in the pamxauth module in Linux-PAM aka pam 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by executing a program that relies on the pamxauth PAM check...

VLC Media Player Real Demuxer File Handling Array Indexing Vulnerabilities (Windows)

This host is installed with VLC media player and is prone to array indexing vulnerabilities. OpenVAS Vulnerability Test $Id: gbvlcmediaplayermultbofvulnwin.nasl 8174 2017-12-19 12:23:25Z cfischer $ VLC Media Player Real Demuxer File Handling Array Indexing Vulnerabilities Windows Authors: Antu...

Linux/ARM - add root user with password - 151 bytes

Linux/ARM - add root user with password - 151 bytes. Shellcode exploit for arm platform / Title: Linux/ARM - add root user with password - 151 bytes Date: 2010-11-25 Tested on: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan - twitter: @shellstorm http://shell-storm.org Informations: ------------- -...

DEBIAN-CVE-2010-3494

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected value of None for the address, or ...

DEBIAN-CVE-2009-5013

Memory leak in the ondtpclose function in ftpserver.py in pyftpdlib before 0.5.2 allows remote authenticated users to cause a denial of service memory consumption by sending a QUIT command during a data transfer...

CVE-2009-5013

Memory leak in the ondtpclose function in ftpserver.py in pyftpdlib before 0.5.2 allows remote authenticated users to cause a denial of service memory consumption by sending a QUIT command during a data transfer...

PYSEC-2010-7

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.1 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, a different...

httpd: possible temporary DoS (CPU consumption) in mod_deflate

The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...

Haihaisoft PDF Reader OCX Control v1.1.2.0 Remote Buffer Overflow

Exploit for windows platform in category dos / poc ================================================================= Haihaisoft PDF Reader OCX Control v1.1.2.0 Remote Buffer Overflow ================================================================= -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1...

Wincalc 2 Local Buffer Overflow

Exploit Title : Wincalc 2 .num local Buffer Overflow Poc tested on windows xp SP 3 FR Author: MadjiX - Dz8atHotmaiLdotCoM download: http://math.exeter.edu/rparris/peanut/wcru32z.exe Special Greets:Bibi-info , His0k4 where are you : EAX 00000001 ECX 41414141 EDX 00000000 EBX 0046EE18 ESP 0012F868...

CVE-2010-1939

Removed by vendor...

DSEmu 0.4.10 - '.nds' Local Crash

!/usr/bin/env python DSEmu 0.4.10 .nds local crash Author: l3D Sites: http://xraysecurity.blogspot.com, http://nullbyte.org.il IRC: irc://irc.nix.co.il Email: [email protected] blah=open'crash.nds', 'w' blah.write'w00t'12 blah.close...

FreeBSD 6.x特权提升漏洞

FreeBSD是一款开放源代码的操作系统。 FreeBSD存在多个安全问题： -Kqueues相关的pipe "close"实现存在一个释放后使用错误，可导致可利用的Null指针漏洞，内核内存破坏和其他不可预测结果。成功利用漏洞可导致特权提升，内核数据破坏或崩溃。 -在多数结构中，FreeBSD把进程虚拟内存地址空间划分为用户和内核两块。当进程进入内核时通过避免全局地址控件切换来提升系统调用性能，并且提升内核访问用户内存的性能。...

FreeBSd race conditions (pipe)

Race conditions in pipes close call allow code execution in kernel context...

Race condition

Race condition in the Pipe IPC close function in FreeBSD 6.3 and 6.4 allows local users to cause a denial of service crash or gain privileges via vectors related to kqueues, which triggers a use after free, leading to a NULL pointer dereference or memory corruption...

CVE-2009-3527

CVE-2009-3527: Concrete details exist in connected docs. A race condition in FreeBSD 6.3/6.4’s Pipe (IPC) close function can lead to a use-after-free via kqueues, causing local denial of service (crash) or privilege gain through NULL pointer dereference/memory corruption. Affected software: FreeB...

FreeBSD Security Advisory (FreeBSD-SA-09:13.pipe.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:13.pipe.asc SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

FreeBSD <= 6.1 kqueue() NULL pointer Dereference Local Root Exploit

No description provided by source. FreeBSD = 6.1 suffers from classical check/use race condition on SMP systems in kevent syscall, leading to kernel mode NULL pointer dereference. It can be triggered by spawning two threads: 1st thread looping on open and close syscalls, and the 2nd thread loopin...

FreeBSD <= 6.1 kqueue() NULL pointer dereference

FreeBSD = 6.1 suffers from classical check/use race condition on SMP systems in kevent syscall, leading to kernel mode NULL pointer dereference. It can be triggered by spawning two threads: 1st thread looping on open and close syscalls, and the 2nd thread looping on kevent, trying to add possibly...

httpd: possible temporary DoS (CPU consumption) in mod_deflate

The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...