1275 matches found
HP OpenView Client Configuration Manager Radia Notify Code Execution (CVE-2006-5782)
An authentication weakness vulnerability exists in the Radia Notify Daemon component of HP OpenView Client Configuration Manager. The flaw is created by improper handling of user supplied data passed to the affected Radia Notify Daemon on TCP port 3465. By sending a crafted message, the attacker...
kernel: exit_notify: kill the wrong capable(CAP_KILL) check
The exitnotify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAPKILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exitsignal field and then uses an exec system...
kernel: exit_notify: kill the wrong capable(CAP_KILL) check
The exitnotify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAPKILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exitsignal field and then uses an exec system...
kernel: exit_notify: kill the wrong capable(CAP_KILL) check
The exitnotify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAPKILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exitsignal field and then uses an exec system...
Ubuntu 6.06 LTS / 7.10 : gnome-screensaver vulnerabilities (USN-669-1)
It was discovered that the notify feature in gnome-screensaver could let a local attacker read the clipboard contents of a locked session by using Ctrl-V. CVE-2007-6389 Alan Matsuoka discovered that gnome-screensaver did not properly handle network outages when using a remote authentication...
Mandriva Update for ipsec-tools MDKSA-2007:084 (ipsec-tools)
Check for the Version of ipsec-tools OpenVAS Vulnerability Test Mandriva Update for ipsec-tools MDKSA-2007:084 ipsec-tools Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
CVE-2009-1236
Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service system crash via a ZIP NOTIFY aka ZIPOPNOTIFY packet that overwrites a certain ifPort structure member...
Mac OS X xnu <= 1228.3.13 (zip-notify) Remote Kernel Overflow PoC
No description provided by source. / xnu-appletalk-zip.c Copyright c 2008 by [email protected] Apple MACOS X xnu = 1228.3.13 appletalk zip-notify remote kernel overflow PoC by mu-b - Sun 13 Apr 2008 - Tested on: Apple MACOS X 10.5.1 xnu-1228.0.21/RELEASEI386 Apple MACOS X 10.5.2...
Apple Mac OSX xnu 1228.3.13 - zip-notify Remote Kernel Overflow (PoC)
Apple Mac OSX xnu 1228.3.13 - zip-notify Remote Kernel Overflow PoC / xnu-appletalk-zip.c Copyright c 2008 by Apple MACOS X xnu include include include include include include include include include include include int main int argc, char argv struct sockaddrat daddr, saddr; char p, buf1024; int...
Apple Mac OSX xnu 1228.3.13 - 'zip-notify' Remote Kernel Overflow (PoC)
/ xnu-appletalk-zip.c Copyright c 2008 by Apple MACOS X xnu include include include include include include include include include include include int main int argc, char argv struct sockaddrat daddr, saddr; char p, buf1024; int fd, zlen; printf "Apple MACOS X xnu \n" "http://www.digit-labs.org/...
Ubuntu Update for gnome-screensaver vulnerabilities USN-669-1
Ubuntu Update for Linux kernel vulnerabilities USN-669-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6691.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for gnome-screensaver vulnerabilities USN-669-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
SA-CONTRIB-2009-004 - Notify - Privilege escalation
A user triggering the cron processing of the Notify module may end up getting logged in as another user when the Notify operations do not complete succesfully. Versions Affected Versions of Notify for Drupal 5.x prior to 5.x-1.2 Drupal core is not affected. If you do not use the Notify module,...
nsXMLHttpRequest:: NotifyEventListeners() same-origin violation
The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass t...
nsXMLHttpRequest:: NotifyEventListeners() same-origin violation
The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass t...
CVE-2007-6389
The notify feature in GNOME screensaver gnome-screensaver 2.20.0 might allow local users to read the clipboard contents and X selection data for a locked session by using ctrl-V...
HP OVCM/Radia Notify Daemon Detection
The remote service is an HP OVCM/Radia Notify Daemon, a component of an endpoint management solution. The presence of this service typically indicates the host is a managed device. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid27627; scriptversion"1.12";...
netflow-xss.txt
NetFlow Analizer 5 & OpManager 7 multiple XSS vendor url:http://www.adventnet.com/ advisore:http://lostmon.blogspot.com/2007/07/ netflow-analizer-5-opmanager-7-multiple.html vendor notify:yes exploits include:yes NetFlow Analizer and OpManager contains a flaw that allows a remote cross site...
ipsec-tools racoon DoS
The isakmpinforecv function in src/racoon/isakmpinf.c in racoon in Ipsec-tools before 0.6.7 allows remote attackers to cause a denial of service tunnel crash via crafted 1 DELETE ISAKMPNPTYPED and 2 NOTIFY ISAKMPNPTYPEN messages...
samba heap overflows
Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving 1 DFSEnum netdfsiodfsEnumInfod, 2 RFNPCNEX smbionotifyoptiontypedata, 3 LsarAddPrivilegesToAccount...
GLSA-200705-09 : IPsec-Tools: Denial of Service
The remote host is affected by the vulnerability described in GLSA-200705-09 IPsec-Tools: Denial of Service The isakmpinforecv function in src/racoon/isakmpinf.c does not always check that DELETE ISAKMPNPTYPED and NOTIFY ISAKMPNPTYPEN packets are encrypted. Impact : A remote attacker could send a...