611 matches found
Scientific Linux Security Update : systemtap on SL4.x, SL5.x i386/x86_64
A race condition was discovered in SystemTap that could allow users in the stapusr group to elevate privileges to that of members of the stapdev group and hence root, bypassing directory confinement restrictions and allowing them to insert arbitrary SystemTap kernel modules. CVE-2009-0784...
Immunity Canvas: SYSRET
Name| SYSRET ---|--- CVE| CVE-2012-0217 Exploit Pack| CANVAS Description| SYSRET: exploit for invalid GP @ CPL0 handling FreeBSD AMD64 version Notes| CVE Name: CVE-2012-0217 VENDOR: Intel,FreeBSD Notes: Tested on FreeBSD 9.0-RC3 and FreeBSD 9.0-RELEASE AMD64 To test this exploit from CANVAS use t...
java security update
CentOS Errata and Security Advisory CESA-2011:0857 Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring Syst...
VMSA-2011-0008 : VMware vCenter Server and vSphere Client security vulnerabilities
a. vCenter Server Directory Traversal vulnerability A directory traversal vulnerability allows an attacker to remotely retrieve files from vCenter Server without authentication. In order to exploit this vulnerability, the attacker will need to have access to the network on which the vCenter Serve...
Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2506223)
This host is missing a critical security update according to Microsoft Bulletin MS11-034. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Windows KTM Invalid Free With Reused Transaction GUID
Microsoft Windows KTM Invalid Free with reused transaction GUID ---------------------------------------------------------------------------- CVE-2010-1889 The Kernel Transaction Manager ktm was introduced in Windows Vista and has been included in subsequent versions of Windows. Microsoft describe...
Fedora 12 : pcsc-lite-1.5.2-4.fc12 (2010-10014)
An update to address a buffer overflow which could allow a local attacker to elevate privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Debian DSA-2037-1 : kdm (kdebase) - race condition
Sebastian Krahmer discovered that a race condition in the KDE Desktop Environment's KDM display manager, allow a local user to elevate privileges to root. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Securit...
DSA-2037-1 kdebase - privilege escalation
Bulletin has no description...
Gentoo Security Advisory GLSA 200903-39 (pam_krb5)
The remote host is missing updates announced in advisory GLSA 200903-39. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200603-14 (heimdal)
The remote host is missing updates announced in advisory GLSA 200603-14. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
SAP MaxDB Multiple Vulnerabilities
Binary data 4494.prm...
scponly: Multiple vulnerabilities
Background scponly is a shell for restricting user access to file transfer only using sftp and scp. Description Joachim Breitner reported that Subversion and rsync support invokes subcommands in an insecure manner CVE-2007-6350. It has also been discovered that scponly does not filter the -o and ...
Plan 9 Kernel (devenv.c OTRUNC/pwrite) Local Exploit
Exploit for plan9 platform in category local exploits ==================================================== Plan 9 Kernel devenv.c OTRUNC/pwrite Local Exploit ==================================================== / !!! DO NOT DISTRIBUTE !!! / / identity theft this exploit uses my devenv.c...
[Full-disclosure] [SECURITY] [DSA 1040-1] New gdm packages fix local root exploit
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1040-1 [email protected] http://www.debian.org/security/ Martin Schulze April 24th, 2006 http://www.debian.org/security/faq -...
Microsoft Windows - keybd_event Local Privilege Escalation
Microsoft Windows - keybdevent Local Privilege Escalation / Microsoft Windows keybdevent validation vulnerability. Local privilege elevation Credits: Andres Tarasco aT4r @ haxorcitos.com Iñaki Lopez ilo @ reversing.org Platforms afected/tested: - Windows 2000 - Windows XP - Windows 2003 Original...
CVE-2005-1816
Invision Power Board IPB 1.0 through 2.0.4 allows non-root admins to add themselves or other users to the root admin group via the "Move users in this group to" screen...
Linux Kernel 2.4 - SUID 'execve()' System Call Race Condition Executable File Read
/ source: https://www.securityfocus.com/bid/8042/info A race condition vulnerability has been discovered in the Linux execve system call, affecting the 2.4 kernel tree. The problem lies in the atomicity of placing a target executables file descriptor within the current process descriptor and...
MS02-014: Unchecked buffer in Windows Shell (313829)
The Windows shell of the remote host has an unchecked buffer that can be exploited by a local attacker to run arbitrary code on this host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11307; scriptversion"1.36"; scriptcvsdate"Date: 2018/11/15 20:50:29";...
HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow (2)
HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow 2 source: https://www.securityfocus.com/bid/5647/info Tru64 is a commercially available UNIX operating system. Tru64 was originally developed by Digital and is now distributed and maintained by HP. A buffer overflow has been discovered...