2083 matches found
Code injection
tgsrv.exe in the Repair Service in Consona Dynamic Agent, Repair Manager, Subscriber Activation, and Subscriber Agent relies on a predictable timestamp field to validate input to the \.\pipe\RepairServicepipecompany named pipe, which allows remote authenticated users to execute arbitrary code by...
CVE-2010-1906
tgsrv.exe in the Repair Service in Consona Dynamic Agent, Repair Manager, Subscriber Activation, and Subscriber Agent relies on a predictable timestamp field to validate input to the \.\pipe\RepairServicepipecompany named pipe, which allows remote authenticated users to execute arbitrary code by...
Mandriva Update for rpm MDVA-2010:130 (rpm)
Check for the Version of rpm OpenVAS Vulnerability Test Mandriva Update for rpm MDVA-2010:130 rpm Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Stack overflow
Stack-based buffer overflow in dsInstallerService.dll in the Juniper Installer Service, as used in Juniper Odyssey Access Client 4.72.11421.0 and other products, allows remote attackers to execute arbitrary code via a long string in a malformed DSSETUPSERVICECMDUNINSTALL command to the...
kernel: fs: pipe.c null pointer dereference
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service NULL pointer dereference and system crash or gain privileges by attempting to open an anonymous pipe via a /proc//fd/ pathname...
Timbuktu PlughNTCommand Named Pipe Buffer Overflow
This module exploits a stack based buffer overflow in Timbuktu Pro version 'Timbuktu PlughNTCommand Named Pipe Buffer Overflow', 'Description' = %q This module exploits a stack based buffer overflow in Timbuktu Pro version = 8.6.6 in a pretty novel way. This exploit requires two connections. The...
SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 1581 / 1588 / 1591)
The SUSE Linux Enterprise 11 Kernel was updated to 2.6.27.39 fixing various bugs and security issues. The following security issues have been fixed : - A race condition during pipe open could be used by local attackers to cause a denial of service. Due to mmapminaddr protection enabled by default...
Microsoft NetDDE Service Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Microsoft...
kernel: fs: pipe.c null pointer dereference
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service NULL pointer dereference and system crash or gain privileges by attempting to open an anonymous pipe via a /proc//fd/ pathname...
kernel: fs: pipe.c null pointer dereference
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service NULL pointer dereference and system crash or gain privileges by attempting to open an anonymous pipe via a /proc//fd/ pathname...
SuSE9 Security Update : Linux kernel (YOU Patch Number 12541)
This update fixes various security issues and some bugs in the SUSE Linux Enterprise 9 kernel. The following security bugs were fixed : - A race condition in the pipe2 systemcall could be used by local attackers to execute code. CVE-2009-3547 - On x8664 systems a information leak of high register...
CVE-2009-3547
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service NULL pointer dereference and system crash or gain privileges by attempting to open an anonymous pipe via a /proc//fd/ pathname...
Race condition
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service NULL pointer dereference and system crash or gain privileges by attempting to open an anonymous pipe via a /proc//fd/ pathname...
kernel security and bug fix update
2.4.21-63.0.0.0.1.EL - add directio support for qla drivers herb ora 6346849 - support PT Quad card ora 5751043 - io to nfs partition hangs ora 5088963 - add entropy for bnx2 nic ora 5931647 - avoid large allocation-fragmentation in MTU zab - fix clear highpage wli 2.4.21-63.EL - fs: fix pipe nul...
CVE-2009-3547
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service NULL pointer dereference and system crash or gain privileges by attempting to open an anonymous pipe via a /proc//fd/ pathname...
kernel: fs: pipe.c null pointer dereference
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service NULL pointer dereference and system crash or gain privileges by attempting to open an anonymous pipe via a /proc//fd/ pathname...
kernel: fs: pipe.c null pointer dereference
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service NULL pointer dereference and system crash or gain privileges by attempting to open an anonymous pipe via a /proc//fd/ pathname...
PT-2009-5837
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.32-rc6 Description The issue is related to multiple race conditions in the fs/pipe.c file of the Linux kernel. This can be exploited by local users to cause a denial of service, resulting in a NULL pointer...
Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation (2)
/ source: https://www.securityfocus.com/bid/36901/info Linux kernel is prone to a local privilege-escalation vulnerability that is caused by a NULL-pointer dereference. Local attackers can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result i...
SMB Create Pipe Request Corruption
This module sends a series of SMB create pipe requests with corrupted bytes. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB Create Pipe Request Corruption', 'Description' = %q This module...