Improper Input Validation in Apache Karaf

Apache Karaf before 4.0.10 enables a shutdown port on the loopback interface, which allows local users to cause a denial of service shutdown by sending a shutdown command to all listening high ports...

kernel: use-after-free in RDMA listen()

A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this...

Denial Of Service (DoS)

karaf is susceptible to denial of service DoS attacks. It does not prevent a local attacker from invoking the shutdown command to all listening high ports, leading to the karaf server shutting down...

CVE-2014-0219

Apache Karaf before 4.0.10 enables a shutdown port on the loopback interface, which allows local users to cause a denial of service shutdown by sending a shutdown command to all listening high ports...

Egg Hunting Staged Shellcode High Ports Remote Code Execution

Egg Hunting is a staged shellcode technique. A remote attacker can use Egg Hunting to cause a stack-based overflow on the target. Successful implementation will allow attackers to execute shellcode on a remote machine...