CVE-2010-0014

System Security Services Daemon SSSD before 1.0.1, when the krb5 authprovider is configured but the KDC is unreachable, allows physically proximate attackers to authenticate, via an arbitrary password, to the screen-locking program on a workstation that has any user's Kerberos ticket-granting...

CVE-2010-0014

System Security Services Daemon SSSD before 1.0.1, when the krb5 authprovider is configured but the KDC is unreachable, allows physically proximate attackers to authenticate, via an arbitrary password, to the screen-locking program on a workstation that has any user's Kerberos ticket-granting...

CVE-2010-0014

System Security Services Daemon SSSD before 1.0.1, when the krb5 authprovider is configured but the KDC is unreachable, allows physically proximate attackers to authenticate, via an arbitrary password, to the screen-locking program on a workstation that has any user's Kerberos ticket-granting...

RedHat Security Advisory RHSA-2009:1670

The remote host is missing updates announced in advisory RHSA-2009:1670. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: NULL pointer dereference flaws in the r128 driver. Checks to test if the Concurrent Command Engine state was initialized...

RedHat Security Advisory RHSA-2009:1635

The remote host is missing updates announced in advisory RHSA-2009:1635. The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues: a NULL pointer dereference flaw was found in the NFSv4 implementation in the...

CVE-2009-0151

The screen saver in Dock in Apple Mac OS X 10.5 before 10.5.8 does not prevent four-finger Multi-Touch gestures, which allows physically proximate attackers to bypass locking and "manage applications or use Expose" via unspecified vectors...

kernel: splice local denial of service

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service prevention of file creation and removal via a series of splice...

[ MDVSA-2009:148 ] kernel

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:148 http://www.mandriva.com/security/ Package : kernel Date : July 7, 2009 Affected: 2009.1 Problem Description: Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: Buffer overflow in...

CVE-2009-1961

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service prevention of file creation and removal via a series of splice...

Design/Logic Flaw

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service prevention of file creation and removal via a series of splice...

CVE-2009-1961

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service prevention of file creation and removal via a series of splice...

CVE-2009-1961

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service prevention of file creation and removal via a series of splice...

Design/Logic Flaw

The domain-locking implementation in the GARMINAXCONTROL.GarminAxControlt.1 ActiveX control in npGarmin.dll in the Garmin Communicator Plug-In 2.6.4.0 does not properly enforce the restrictions that 1 download and 2 upload requests come from a web site specified by the user, which allows remote...

CVE-2009-0194

The domain-locking implementation in the GARMINAXCONTROL.GarminAxControlt.1 ActiveX control in npGarmin.dll in the Garmin Communicator Plug-In 2.6.4.0 does not properly enforce the restrictions that 1 download and 2 upload requests come from a web site specified by the user, which allows remote...

Kernel BUG() in locks_remove_flock

Race condition in the dosetlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service crash via vectors resulting in an interrupted RPC call that leads to a stray FLPOSIX lock, related to improper handling of a race between fcntl and close in th...

“Cocktail”therapy to deal with the variety of Trojan hybrid intrusion-vulnerability warning-the black bar safety net

Here is a quote of the“cocktail”therapy is a medical term, refers to the physician while using the a variety of anti-viral drugs to deal with AIDS. For a computer virus to a single tool in particular is very well-known tool is very easy to be viral as against the target without losing effect, it'...

kernel Race condition in mincore can cause "ps -ef" to hang

The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock...

kernel Race condition in mincore can cause "ps -ef" to hang

The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock...

SuSE 10 Security Update : xscreensaver (ZYPP Patch Number 5334)

Following security problem is fixed by this patch : - When getpwuid fails due to dropped network on NIS accounts fail instead of silently disabling locking and just blanking. CVE-2008-1683 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

kernel Race condition in mincore can cause "ps -ef" to hang

The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock...