CVE-2009-3527

CVE-2009-3527: Concrete details exist in connected docs. A race condition in FreeBSD 6.3/6.4’s Pipe (IPC) close function can lead to a use-after-free via kqueues, causing local denial of service (crash) or privilege gain through NULL pointer dereference/memory corruption. Affected software: FreeB...

FreeBSD Security Advisory (FreeBSD-SA-09:13.pipe.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:13.pipe.asc SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

FreeBSD <= 6.1 kqueue() NULL pointer Dereference Local Root Exploit

No description provided by source. FreeBSD = 6.1 suffers from classical check/use race condition on SMP systems in kevent syscall, leading to kernel mode NULL pointer dereference. It can be triggered by spawning two threads: 1st thread looping on open and close syscalls, and the 2nd thread loopin...

FreeBSD <= 6.1 kqueue() NULL pointer dereference

FreeBSD = 6.1 suffers from classical check/use race condition on SMP systems in kevent syscall, leading to kernel mode NULL pointer dereference. It can be triggered by spawning two threads: 1st thread looping on open and close syscalls, and the 2nd thread looping on kevent, trying to add possibly...

httpd: possible temporary DoS (CPU consumption) in mod_deflate

The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...

httpd: possible temporary DoS (CPU consumption) in mod_deflate

The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...

Race condition

Multiple race conditions in the Solaris Event Port API in Sun Solaris 10 and OpenSolaris before snv107 allow local users to cause a denial of service panic via unspecified vectors related to a race between the portdissociate and close functions...

CVE-2009-2135

Multiple race conditions in the Solaris Event Port API in Sun Solaris 10 and OpenSolaris before snv107 allow local users to cause a denial of service panic via unspecified vectors related to a race between the portdissociate and close functions...

CVE-2009-2126

Cross-site scripting XSS vulnerability in closebug.php in Elvin before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the title aka subject field...

linux/x86 bindport 8000 & add user with root access 225+ bytes

No description provided by source. ; ; Title : Bindport TCP/8000 & execve add user with access root ; os : Linux x86 ; size : 225+ bytes ; IP : localhost ; Port : 8000 ; Use : nc localhost 8000 ; ; Author : Jonathan Salwan ; Mail : submit AT shell-storm.org ; Web : http://www.shell-storm.org ; ; ...

Kernel BUG() in locks_remove_flock

Race condition in the dosetlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service crash via vectors resulting in an interrupted RPC call that leads to a stray FLPOSIX lock, related to improper handling of a race between fcntl and close in th...

Ubuntu Update for linux vulnerabilities USN-614-1

Ubuntu Update for Linux kernel vulnerabilities USN-614-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6141.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for linux vulnerabilities USN-614-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Google Chrome, Mozilla Firefox, Opera, Internet Explorer browsers DoS

Calling window.print function in loop causes browser to hang. Uncontrollable memory allocation. Script can close window without user approval...

CVE-2008-4307

Race condition in the dosetlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service crash via vectors resulting in an interrupted RPC call that leads to a stray FLPOSIX lock, related to improper handling of a race between fcntl and close in th...

Linux/x86-64 - Add User (pwned/$pass$) Using open,write,close To /etc/{passwd,shadow} Shellcode (358 bytes)

Linux/x86-64 - Add User pwned/$pass$ Using open,write,close To /etc/passwd,shadow Shellcode 358 bytes. Shellcode exploit for Linuxx86-64 platform ; shellcode name adduserpasswordJCPopen,write,close ; Author : Christophe G SLAE64-1337 ; Len : 358 bytes ; Language : Nasm ; "name = pwned ; pass =...

ClamAV < 0.94 Multiple Vulnerabilities

According to its version, the clamd antivirus daemon on the remote host is earlier than 0.94. Such versions are affected by one or more of the following issues : - A segmentation fault can occur when processing corrupted LZH files. Bug 1052 - Invalid memory access errors in 'libclamav/chmunpack.c...

linux/x86 - append rsa key to /root/.ssh/authorized_keys2 295 bytes

linux/x86 append rsa key to /root/.ssh/authorizedkeys2 295 bytes. Shellcode exploit for linx86 platform / linux/x86 shellcode to append rsa key to /root/.ssh/authorizedkeys2 keys found at http://xenomuta.tuxfamily.org/exploits/authkey/ ssh -i idrsapwn root@pwned-host 295 bytes by XenoMuta | |/ / ...

AIX Command Shell, Find Port Inline

Spawn a shell on an established connection This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 220 include Msf::Payload::Single include Msf::Payload::Aix include...

DEBIAN-CVE-2008-4868

Unspecified vulnerability in the avcodecclose function in libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer, has unknown impact and attack vectors, related to a free "on random pointers."...

CVE-2008-2419

Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of service heap corruption and application crash or possibly execute arbitrary code by triggering an error condition during certain Iframe operations between a JSframe write and a JSframe close, as demonstrated by an error in...