91 matches found
Race condition
Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to 1 execute code in parallel or 2 exploit a race condition to obtain "re-ordered access to the descriptor table."...
CVE-2008-1669
Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to 1 execute code in parallel or 2 exploit a race condition to obtain "re-ordered access to the descriptor table."...
CVE-2008-1669
Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to 1 execute code in parallel or 2 exploit a race condition to obtain "re-ordered access to the descriptor table."...
CVE-2008-1669
Summary: CVE-2008-1669 affects the Linux kernel and arises from inadequate protection for fcntl in 2.6.x kernels prior to 2.6.25.2. The issue enables local users to (1) execute code in parallel and (2) trigger a race that can give re-ordered access to the descriptor table. Evidence in connected a...
kernel: add rcu_read_lock() to fcheck() in both dnotify, locks.c and fix fcntl store/load race in locks.c
Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to 1 execute code in parallel or 2 exploit a race condition to obtain "re-ordered access to the descriptor table."...
Linux Kernel dnotify.c文件本地竞争条件漏洞
BUGTRAQ ID: 29003 CVECAN ID: CVE-2008-1375 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的dnotify子系统在fcntl和close调用之间存在竞争条件,在最后一个描述符已经离开current-files之后可以将dnotifystruct注入到inode的列表中,这可能导致系统崩溃或获得root用户权限。 Linux kernel 2.6.25.1 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1565-1)以及相应补丁: DSA-1565-1:New...
Solaris fifofs I_PEEK Kernel Memory Disclosure Exploit (x86/sparc)
No description provided by source. / 10/2007: public release SPARC Solaris 8 without 109454-06 Solaris 9 without 117471-04 Solaris 10 without 127737-01 x86 Solaris 8 without 109455-06 Solaris 9 without 117472-04 Solaris 10 without 127738-01 ...
Linux Omnikey Cardman 4040 driver Local Buffer Overflow Exploit PoC
No description provided by source. / Linux Omnikey Cardman 4040 driver buffer overflow CVE-2007-0005 Copyright C Daniel Roethlisberger [email protected] Compass Security Network Computing AG, Rapperswil, Switzerland. All rights reserved. http://www.csnc.ch/ / includesys/stat.h...
CVE-2005-4733
CVE-2005-4733 concerns NetBSD: affected are NetBSD 2.0 before 20050316 and NetBSD-current before 20050112. The issue is a local DoS caused by calling the F_CLOSEM fcntl with a parameter value of 0, which can trigger an infinite loop and system hang. The connected documents confirm the affected ve...
solaris/sparc portbind (port 6666) 240 bytes
No description provided by source. / [email protected] portbind shellcode full description of how it was done and defines at http://www.telegenetic.net/sparc-shellcode.htm / char shellcode= "\x9A\x1A\x40\x09" / xor %o1, %o1, %o5 / "\x90\x10\x20\x02" / mov PFINET, %o0 / "\x92\x10\x20\x02" / mo...
VERITAS-OSX.pl.txt
!/usr/bin/perl VERITAS-OSX.pl - VERITAS NetBackup Format Strings OSX/ppc Remote Exploit Original code by johnhatdigitalmunitiondotcom modified by KF to work on OSX / ppc bug found by kflistsatdigitalmunitiondotcom http://www.digitalmunition.com/ This exploit May NOT be posted to a public Archive...