File locking DoS in ьгдешзду гешдшешуы

It's possible to cause DoS by putting locks to required files...

File Locking Local Denial of Service; Impact on sendmail

-----BEGIN PGP SIGNED MESSAGE----- File Locking Local Denial of Service Impact on sendmail Reported by lumpy [email protected] Introduction ============ Any application which uses either flock or fcntl style locking or other APIs that use one of these locking methods such as open with OEXLOCK and...

Sendmail 8.9.x8.10.x8.11.x8.12.x - File Locking Denial of Service (1)

Sendmail 8.9.x8.10.x8.11.x8.12.x - File Locking Denial of Service 1 / source: https://www.securityfocus.com/bid/4822/info Sendmail is a MTA for Unix and Linux variants. There is a vulnerability in Sendmail that will lead to a denial of service condition. The vulnerability occurs when a malicious...

Sendmail 8.9.x8.10.x8.11.x8.12.x - File Locking Denial of Service (2)

Sendmail 8.9.x8.10.x8.11.x8.12.x - File Locking Denial of Service 2 // source: https://www.securityfocus.com/bid/4822/info Sendmail is a MTA for Unix and Linux variants. There is a vulnerability in Sendmail that will lead to a denial of service condition. The vulnerability occurs when a malicious...

Sendmail 8.9.x/8.10.x/8.11.x/8.12.x - File Locking Denial of Service (1)

/ source: https://www.securityfocus.com/bid/4822/info Sendmail is a MTA for Unix and Linux variants. There is a vulnerability in Sendmail that will lead to a denial of service condition. The vulnerability occurs when a malicious user acquires an exclusive lock on files that Sendmail requires for...

Sendmail 8.9.x/8.10.x/8.11.x/8.12.x - File Locking Denial of Service (2)

// source: https://www.securityfocus.com/bid/4822/info Sendmail is a MTA for Unix and Linux variants. There is a vulnerability in Sendmail that will lead to a denial of service condition. The vulnerability occurs when a malicious user acquires an exclusive lock on files that Sendmail requires for...

Mozilla personal security manager /tmp issues

Playing with /tmp a bit this morning I ran into the following issue in mozilla... with mozilla open root@linuxppc root fuser -n file /tmp/.nsmc-0-lock /tmp/.nsmc-0-lock: 3220 3223 3224 3226 3227 3228 3229 root@linuxppc root ps -ef | grep 3220 root 3220 1 0 12:42 ? 00:00:00 ./psm sh-2.05$ id...

SECURITY.NNOV: file locking and security

Hello bugtraq, Topic : File locking and security Author : 3APA3A [email protected] Affected software : Windows NT 4.0, Windows 2000 and may be another systems Exploitable : Yes Remotely exploitable : No Category : Design flow Background: Application can lock the file after file description ...

CVE-1999-1077

The CVE-1999-1077 entry describes a local bypass in MacOS 9: the idle lock can be circumvented by triggering the programmers switch or CMD-PWR sequence, which brings up a debugger that disables the lock. Affected product: MacOS 9 idle sessions. Root cause: the idle locking mechanism can be bypas...

CVE-1999-1076

The CVE-1999-1076 issue concerns idle locking in MacOS 9. A local attacker can bypass password protection of an idled session by choosing Log Out and then Cancel in the logout-confirm dialog, which returns them to the locked session. Documents consistently reference MacOS 9 as affected and descri...

Identix BioLogon Client security bug

Aug 3rd, 2001 10:56am Vendor: http://www.identix.com Software: BioLogon 2.0 Client see http://www.identix.com/itsecurity/softwareprod.html Security flaw in Indentix BioLogon 2.0 Client for Windows Identix's BioLogon software is used as the software "glue" to tie together various biometric devices...

File locking and security

Topic : File locking and security Author : 3APA3A Affected software : Windows NT 4.0, Windows 2000 and may be another systems Exploitable : Yes Remotely exploitable : No Category : Design flaw Background: Application can lock the file after file description is open by application or in open call...

vlock vulnerability in RedHat 7.0

I've tried to lock all virtual consoles in RedHat 7.0 using vlock, which is delivered with this release of RedHat. If user root locks all consoles - it's no problem, but if normal user locks consoles then anybody can unlock without typing a password. Try to use it in the following way: 1. logon a...

CVE-2000-0467

The CVE-2000-0467 entry documents a buffer overflow in Linux splitvt 1.6.3 and earlier, enabling local users to gain root privileges via a long password in the screen locking function. Affected component: splitvt (Linux). Root cause: buffer overflow in password handling within screen lock. Impact...

CVE-2000-0467

Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users to gain root privileges via a long password in the screen locking function...

CVE-2000-0467

Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users to gain root privileges via a long password in the screen locking function...

CVS 1.10.7 - Local Denial of Service

source: https://www.securityfocus.com/bid/1136/info CVS stands for Concurrent Versions Software and is an open-source package designed to allow multiple developers to work concurrently on a single source tree, recording changes and controlling versions. It is possible to cause a denial of service...

Re: IMAIL (Ipswitch) DoS with Eudora (Qualcomm)

Ipswitch blames BOTH NetScape AND Eudora for not following RFC's, but does nothing to control the situation. It is very simple to deny service to any IMAIL 5.xx or 6.xx server as follows. IMAIL allows SMTP AUTH using various methods, including CRAM-MD5 and LOGIN If a Eudora 4.3 client attaches to...

CVE-1999-1077

Idle locking function in MacOS 9 allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock...

CVE-1999-1076

Idle locking function in MacOS 9 allows local users to bypass the password protection of idled sessions by selecting the "Log Out" option and selecting a "Cancel" option in the dialog box for an application that attempts to verify that the user wants to log out, which returns the attacker into th...