Arbitrary File Creation Via A Race Condition

didjvu allows malicious local users to create arbitrary files due to insecure use of /tmp. didjvu creates a unique temporary file directly in /tmp or in $TMPDIR, and passes the name of this file to c44, which will then be used as the output filename. Unfortunately, c44 deletes the output file, an...

Debian Security Advisory DSA 3099-1 (dbus - security update)

Simon McVittie discovered that the fix for CVE-2014-3636 was incorrect, as it did not fully address the underlying denial-of-service vector. This update starts the D-Bus daemon as root initially, so that it can properly raise its file descriptor count. In addition, this update reverts the...

Apple Mac OSX 10.4.7 - Mach Exception Handling Local (10.3.x)

Apple Mac OSX 10.4.7 - Mach Exception Handling Local 10.3.x / excploit.c - 28 Nov 2005 - [email protected] Exploitable Mach Exception Handling Affected: Mac OS X 10.4.6 darwin 8.6.0 and older When a process executes a setuid executable, all existing rights to the task port are invalidated,...