CVE-2005-0227

CVE-2005-0227 affects PostgreSQL versions 7.4.x, 7.2.x and related builds. It allows a local user to load arbitrary shared libraries and execute code via the LOAD extension, enabling partial confidentiality and integrity impact and potential service impact. The vulnerability is tied to the abilit...

PT-2005-1308 · Postgresql +1 · Postgresql +1

Name of the Vulnerable Software and Affected Versions: PostgreSQL versions 7.2.x through 7.4.x PostgreSQL affected versions not specified Description: The issue allows local users to load arbitrary shared libraries and execute code via the LOAD extension. Any database user is permitted to load...

DSA-668-1 postgresql - privilege escalation

Bulletin has no description...

USN-71-1: PostgreSQL vulnerability

John Heasman discovered a local privilege escalation in the PostgreSQL server. Any user could use the LOAD extension to load any shared library into the PostgreSQL server; the library's initialisation function was then executed with the permissions of the server. Now the use of LOAD is restricted...

CVE-2005-0141

CVE-2005-0141 affects Firefox < 1.0 and Mozilla

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix several security issues in Red Hat Enterprise Linux 2.1 are now available. The Linux kernel handles the basic functions of the operating system. This advisory includes fixes for the following security issues: iSEC Security Research discovered a VMA handling flaw i...

CVE-2004-1368

ISQLPlus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script...

security flaw

Race condition in the 1 loadelflibrary and 2 binfmtaout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor...

DSA-643-1 queue - buffer overflows

Bulletin has no description...

Debian DSA-643-1 : queue - buffer overflows

'jaguar' of the Debian Security Audit Project has discovered several buffer overflows in queue, a transparent load balancing system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-643. Th...

CVE-2004-2259

vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service crash via a SIGCHLD signal during a malloc or free call, which is not re-entrant...

CVE-2004-2259

vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service crash via a SIGCHLD signal during a malloc or free call, which is not re-entrant...

CVE-2004-1234

loadelfbinary in Linux before 2.4.26 allows local users to cause a denial of service system crash via an ELF binary in which the interpreter is NULL...

DEBIAN-CVE-2004-2259

vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service crash via a SIGCHLD signal during a malloc or free call, which is not re-entrant...

security flaw

The loadelfbinary function in the binfmtelf loader binfmtelf.c in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernelread function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary...

CVE-2004-0317

Buffer overflow in eauth in Load Sharing Facility 4.x, 5.x, and 6.x allows local users or remote attackers within the LSF cluster to cause a denial of service segmentation fault and possibly execute arbitrary code via a long LSFFromPC parameter...

CVE-2004-0596

The Equalizer Load-balancer for serial network interfaces eql.c in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null dereference...

CVE-2004-0596

The vulnerability CVE-2004-0596 affects the Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7. The root cause is a null dereference triggered when a non-existent device name is used, leading to local denial of service. Affected component: eql.c within...

CVE-2004-0596

The Equalizer Load-balancer for serial network interfaces eql.c in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null dereference...

APSIS Pound Load Balancer Format String Overflow

The remote server is vulnerable to a remote format string bug which can allow remote attackers to gain access to confidential data. Pound versions less than 1.6 are vulnerable to this issue. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid12007; scriptversion "1.14";...