51 matches found
CVE-2011-1784
CVE-2011-1784 concerns keepalived 1.2.2 and earlier, where pidfile_write creates /var/run/*.pid files (keepalived.pid, checkers.pid, vrrp.pid) with 0666 permissions. This allows local users to write to these PID files and potentially kill arbitrary processes. Connected advisories show that update...
CVE-2011-1784
The pidfilewrite function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the 1 keepalived.pid, 2 checkers.pid, and 3 vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files...
[DSECRG-00143] SAP Crystal Reports 2008 - ActiveX insecure methods
DSECRG-11-002 Internal DSECRG-00143 SAP Crystal Report Server 2008 scriptinghelpers.dll ActiveX component - Insecure methods The component contains insecure methods by which you can overwrite any file in the OS, run the executable file, kill process, delete the file. Application: SAP Crystal Repo...
irc-unrealircd-backdoor NSE Script
Checks if an IRC server is backdoored by running a time-based command ping and checking how long it takes to respond. The irc-unrealircd-backdoor.command script argument can be used to run an arbitrary command on the remote system. Because of the nature of this vulnerability the output is never...
NetBSD x86 Kill All Processes Shellcode
/ netbsd/x86 kill all processes shellcode author REMOVED AT REQUEST OF AUTHOR contact REMOVED AT REQUEST OF AUTHOR this shellcode is using syscall number 37 or 0x25 37 STD int syskillint pid, int signum; here is assembler code using intel syntaxe and NASM --------------begin----------- section...
linux/x86 kill all processes 11 bytes
Exploit for linux/x86 platform in category shellcode ===================================== linux/x86 kill all processes 11 bytes ===================================== / By Kris Katterjohn 11/13/2006 11 byte shellcode to kill all processes for Linux/x86 section .text global start start: ; kill-1,...
CVE-2002-0839
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service process kill or possibly other behaviors that would not normally be allowed, by modifying the...
CVE-2002-0839
CVE-2002-0839 affects Apache 1.3.x prior to 1.3.27. The vulnerability stems from the shared memory scoreboard in the HTTP daemon, where a user running as the Apache UID can modify parent[].pid and parent[].last_rtime, enabling the process to receive a SIGUSR1 signal with potential root-level effe...
CVE-2001-0040
The CVE concerns apcupsd, where during startup the daemon creates /var/run/apcupsd.pid with world-writable permissions (mode 666). This allows a local attacker to overwrite the PID file with arbitrary process IDs, causing legitimate processes to be killed when apcupsd restarts or stops. The Mandr...
CVE-1999-0780
CVE-1999-0780 affects KDE klock. The vulnerability allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file. The available connected documents confirm this specific behavior and do not provide additional technical details (e.g., root cause, affected versi...
CVE-1999-0425
CVE-1999-0425 affects Netscape 4.5 where the TalkBack feature can be exploited by a local user to kill an arbitrary process of another user when Netscape crashes. The issue is documented across multiple sources (NVD entry, Red Hat advisory, CVE records, and PT-SECURITY report) with the core descr...