Cisco AnyConnect Secure Mobility Client Elevation of Privilege Vulnerability

The Cisco AnyConnect Secure Mobility Client is Cisco's next-generation VPN client. Cisco AnyConnect Secure Mobility Client has a security vulnerability in interprocess communication IPC that allows a local attacker to write and overwrite arbitrary files with elevated privileges...

kernel: ipc: ipc_rcu_putref refcount races

A flaw was found in the way the ipcrcuputref function in the Linux kernel's IPC implementation handled reference counter decrementing. A local, unprivileged user could use this flaw to trigger an Out of Memory OOM condition and, potentially, crash the system...

UBUNTU-CVE-2014-3188

Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in...

PT-2014-7805 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.16.3 Description: The issue allows remote CIFS servers to cause a denial of service, resulting in a NULL pointer dereference and client system crash, or possibly have unspecified other impact. This occurs when...

UBUNTU-CVE-2014-3177

Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176...

USN-2275-1: DBus vulnerabilities

Alban Crequy discovered that dbus-daemon incorrectly sent AccessDenied errors to the service instead of the client when enforcing permissions. A local user can use this issue to possibly deny access to the service. CVE-2014-3477 Alban Crequy discovered that dbus-daemon incorrectly handled certain...

[USN-1753-1] DBus-GLib vulnerability

========================================================================== Ubuntu Security Notice USN-1753-1 February 27, 2013 dbus-glib vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

USN-1753-1: DBus-GLib vulnerability

Sebastian Krahmer and Bastien Nocera discovered that DBus-GLib did not properly validate the message sender when the "NameOwnerChanged" signal was received. A local attacker could possibly use this issue to escalate their privileges...

FreeBSD Security Advisory (FreeBSD-SA-11:05.unix.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-11:05.unix.asc ADV FreeBSD-SA-11:05.unix.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-11:05.unix.asc Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft...

FreeBSD Security Advisory (FreeBSD-SA-11:05.unix.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-11:05.unix.asc SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

[USN-1176-1] DBus vulnerability

========================================================================== Ubuntu Security Notice USN-1176-1 July 26, 2011 dbus vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

system-config-firewall: privilege escalation flaw via use of python pickle

fwdbus.py in system-config-firewall 1.2.29 and earlier uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object...

kernel: ipc/compat*.c: reading uninitialized stack memory

The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the 1 compatsyssemctl, 2 compatsysmsgctl, and 3 compatsysshmctl functions in...

kernel: ipc/shm.c: reading uninitialized stack memory

The copyshmidtouser function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface."...

kernel: tipc: Fix oops on send prior to entering networked mode

The Transparent Inter-Process Communication TIPC functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service kernel OOPS by sending datagrams through AFTIPC before entering network mode, which triggers a NULL pointer...

[SECURITY] [DSA 1837-1] New dbus packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1837-1 [email protected] http://www.debian.org/security/ Steffen Joeris July 18, 2009 http://www.debian.org/security/faq -...

FreeBSD Security Advisory (FreeBSD-SA-09:09.pipe.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:09.pipe.asc ADV FreeBSD-SA-09:09.pipe.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-09:09.pipe.asc Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

FreeBSD Security Advisory FreeBSD-SA-09:09.pipe

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:09.pipe Security Advisory The FreeBSD Project Topic: Local information disclosure via direct pipe writes Category: core Module: kern Announced: 2009-06-10...

DSA-1658-1 dbus - denial of service

Bulletin has no description...

iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability

Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability iDefense Security Advisory 10.02.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 02, 2007 I. BACKGROUND Solaris is a UNIX operating system developed by Sun Microsystems. More information can be found at the...