Race condition

Race condition in the Pipe IPC close function in FreeBSD 6.3 and 6.4 allows local users to cause a denial of service crash or gain privileges via vectors related to kqueues, which triggers a use after free, leading to a NULL pointer dereference or memory corruption...

CVE-2009-3527

CVE-2009-3527: Concrete details exist in connected docs. A race condition in FreeBSD 6.3/6.4’s Pipe (IPC) close function can lead to a use-after-free via kqueues, causing local denial of service (crash) or privilege gain through NULL pointer dereference/memory corruption. Affected software: FreeB...

FreeBSD Security Advisory (FreeBSD-SA-09:13.pipe.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:13.pipe.asc SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

FreeBSD Security Advisory FreeBSD-SA-09:13.pipe

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:13.pipe Security Advisory The FreeBSD Project Topic: kqueue pipe race conditions Category: core Module: kern Announced: 2009-10-02 Credits: Przemyslaw Frasunek...

FreeBSD-SA-09:13.pipe

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:13.pipe Security Advisory The FreeBSD Project Topic: kqueue pipe race conditions Category: core Module: kern Announced: 2009-10-02 Credits: Przemyslaw Frasunek...

FreeBSD -- kqueue pipe race conditions

Problem Description A race condition exists in the pipe close code relating to kqueues, causing use-after-free for kernel memory, which may lead to an exploitable NULL pointer vulnerability in the kernel, kernel memory corruption, and other unpredictable results. Impact: Successful exploitation o...

Novell Client NetIdentity Agent XTIERRPCPIPE pointer dereference vulnerability

Added: 07/24/2009 CVE: CVE-2009-1350 BID: 34400 OSVDB: 53351 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem A vulnerability in the xtagent.exe program allows remote, authenticated attackers to execute arbitrary commands by sending a specially crafted...

Novell NetIdentity Agent XTIERRPCPIPE Named Pipe Buffer Overflow

This module exploits a stack buffer overflow in Novell's NetIdentity Agent. When sending a specially crafted string to the 'XTIERRPCPIPE' named pipe, an attacker may be able to execute arbitrary code. The success of this module is much greater once the service has been restarted. This module...

Motorola Timbuktu PlughNTCommand named pipe string buffer overflow

Added: 07/13/2009 CVE: CVE-2009-1394 BID: 35496 OSVDB: 55436 Background Motorola Timbuktu is remote control software for Windows and Mac. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted character string to the...

CVE-2009-1394

Stack-based buffer overflow in Motorola Timbuktu Pro 8.6.5 on Windows allows remote attackers to execute arbitrary code by sending a long malformed string over the PlughNTCommand named pipe...

Motorola Timbuktu Pro remote control software buffer overflow

Buffer overflow via PlughNTCommand named pipe...

CVE-2009-1935

Integer overflow in the pipebuildwritebuffer function sys/kern/syspipe.c in the direct write optimization feature in the pipe implementation in FreeBSD 7.1 through 7.2 and 6.3 through 6.4 allows local users to bypass virtual-to-physical address lookups and read sensitive information in memory pag...

CVE-2009-1935

Integer overflow in the pipebuildwritebuffer function sys/kern/syspipe.c in the direct write optimization feature in the pipe implementation in FreeBSD 7.1 through 7.2 and 6.3 through 6.4 allows local users to bypass virtual-to-physical address lookups and read sensitive information in memory pag...

FreeBSD直接管道写操作本地信息泄露漏洞

BUGTRAQ ID: 35279 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 FreeBSD和其他UNIX类系统上最常见的进程间通讯方式之一是匿名管道。这种机制会创建一对文件描述符，可以从一个描述符读取写入到另一个描述符的数据。 FreeBSD的管道实现中包含名为“直接写入”的优化。在这种优化中，FreeBSD内核利用虚拟内存映射允许直接在进程之间拷贝数据，而不是在调用...

FreeBSD Security Advisory (FreeBSD-SA-09:09.pipe.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:09.pipe.asc ADV FreeBSD-SA-09:09.pipe.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-09:09.pipe.asc Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

FreeBSD information leak

Integer overflow on pipe implementation allows reading data from another process' memory...

FreeBSD Direct Pipe Write本地信息泄漏漏洞

Bugraq ID: 35279 CNCAN ID：CNCAN-2009061101 FreeBSD是一款开放源代码的BSD操作系统。 FreeBSD "direct pipe writes"实现存在一个整数溢出错误，本地攻击者可以利用漏洞获得部分进程的内存信息，导致敏感信息泄漏。 "direct pipe writes"实现存在的缺陷可导致虚拟到物理地址查询被遗漏，可导致未授权读取其他进程的内存分页信息，使得敏感信息泄漏。 FreeBSD FreeBSD 7.2-STABLE FreeBSD FreeBSD 7.2-RELEASE-p1 FreeBSD FreeBSD...

FreeBSD-SA-09:09.pipe

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:09.pipe Security Advisory The FreeBSD Project Topic: Local information disclosure via direct pipe writes Category: core Module: kern Announced: 2009-06-10...

CVE-2009-1350

Unspecified vulnerability in xtagent.exe in Novell NetIdentity Client before 1.2.4 allows remote attackers to execute arbitrary code by establishing an IPC$ connection to the XTIERRPCPIPE named pipe, and sending RPC messages that trigger a dereference of an arbitrary pointer...

Novell Netware Client code execution

Invalid pointer dereference on named pipe message parsing...