11 matches found
Debian DSA-1838-1 : pulseaudio - privilege escalation
Tavis Ormandy and Julien Tinnes discovered that the pulseaudio daemon does not drop privileges before re-executing itself, enabling local attackers to increase their privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
Mandrake Security Advisory MDVSA-2009:171 (pulseaudio)
The remote host is missing an update to pulseaudio announced via advisory MDVSA-2009:171. OpenVAS Vulnerability Test $Id: mdksa2009171.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:171 pulseaudio Authors: Thomas Reinke Copyright: Copyright c 2009...
Mandrake Security Advisory MDVSA-2009:171 (pulseaudio)
The remote host is missing an update to pulseaudio announced via advisory MDVSA-2009:171. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Gentoo Security Advisory GLSA 200907-13 (pulseaudio)
The remote host is missing updates announced in advisory GLSA 200907-13. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Mandrake Security Advisory MDVSA-2009:152 (pulseaudio)
The remote host is missing an update to pulseaudio announced via advisory MDVSA-2009:152. OpenVAS Vulnerability Test $Id: mdksa2009152.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:152 pulseaudio Authors: Thomas Reinke Copyright: Copyright c 2009...
Linux Kernel tun_chr_pool()函数空指针引用漏洞
BUGTRAQ ID: 35724 CVECAN ID: CVE-2009-1894 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的drivers/net/tun.c文件中的tunchrpoll函数存在空指针引用错误: int fd; struct pollfd pfd; fd = open"/dev/net/tun", ORDWR; pfd.fd = fd; pfd.events = POLLIN | POLLOUT; poll&pfd, 1, 0;...
Mandriva Linux Security Advisory : pulseaudio (MDVSA-2009:152)
A vulnerability has been found and corrected in pulseaudio : Tavis Ormandy and Julien Tinnes of the Google Security Team discovered that pulseaudio, when installed setuid root, does not drop privileges before re-executing itself to achieve immediate bindings. This can be exploited by a user who h...
[SECURITY] [DSA 1838-1] New pulseaudio packages fix privilege escalation
------------------------------------------------------------------------ Debian Security Advisory DSA-1838-1 [email protected] http://www.debian.org/security/ Florian Weimer July 18, 2009 http://www.debian.org/security/faq -...
CVE-2009-1894
Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LDBINDNOW to 1, and then calling execv on the target of the /proc/self/exe symlink...
CVE-2009-1894
Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LDBINDNOW to 1, and then calling execv on the target of the /proc/self/exe symlink...
Ubuntu 8.04 LTS / 8.10 / 9.04 : pulseaudio vulnerability (USN-804-1)
Tavis Ormandy, Julien Tinnes, and Yorick Koster discovered that PulseAudio did not safely re-execute itself. A local attacker could exploit this to gain root privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory...