2262 matches found
Microsoft Windows XP20002003 - CreateRemoteThread Local Denial of Service
Microsoft Windows XP20002003 - CreateRemoteThread Local Denial of Service // source: https://www.securityfocus.com/bid/15671/info Microsoft Windows is prone to a local denial of service vulnerability. This issue can allow an attacker to trigger a system wide denial of service condition or termina...
CVE-2005-3784
The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 includes processes with ptrace attached, which leads to a dangling ptrace reference and allows local users to cause a denial of service crash and gain root privileges...
CVE-2005-3784
CVE-2005-3784 concerns the Linux kernel 2.6.x series: auto-reap of child processes can include ptrace-attached children, causing a dangling ptrace reference that leads to local denial of service (crash) and potential root privileges. The description specifies the vulnerable condition is present i...
CVE-2002-2127
Integrity Protection Driver IPD 1.2 and earlier blocks access to \Device\PhysicalMemory by its name, which could allow local privileged processes to overwrite kernel memory by accessing the device through a symlink...
CVE-2002-2127
The CVE-2002-2127 entry concerns Integrity Protection Driver (IPD) versions 1.2 and earlier. The vulnerability arises from IPD blocking access to \Device\PhysicalMemory by name, but an attacker could abuse a symlink to access the device and cause a local privileged process to overwrite kernel mem...
KLA10134 DoS vulnerability in IBM DB2
An unspecified vulnerability was found in the IBM DB2 Universal Database. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited from the network at a point related to INSO services or db2fmp processes. Original advisories - Related...
Oracle 9iAS Java Process Manager
It is possible to obtain the list of Java processes running on the remote host anonymously, as well as to start and stop them. Description : The remote host is an Oracle 9iAS server. By default, accessing the location /oprocmgr-status via HTTP lets an attacker obtain the list of processes running...
CVE-2004-2504
The GUI in Alt-N Technologies MDaemon 7.2 and earlier, including 6.8, executes child processes such as NOTEPAD.EXE with SYSTEM privileges when users create new files, which allows local users with physical access to gain privileges...
Against three stunt--talking about the Trojans of“the search, blocking, kill”-bug warning-the black bar safety net
RFC1244Request for Comments:1 2 4 4is this description of the Trojan:“the Trojan horse is a program, it can provide some useful, or just interesting features. But it is also the user did not know the other functions, such as in your ignorance of the case copy the file or steal your password.” Wit...
CVE-2005-2948
KillProcess 2.20 and earlier allows local users to bypass kill list restrictions by launching multiple processes at the same time, which are not all killed by KillProcess...
Vulnerability in IBM access
Hello, I would like to make to Bugtraq knowledge the existence of a security vulnerability in IBM access software. IBM access is vulnerable to a Shared Section vulnerability. The processes QCWLICON.exe and QCTRAY.exe have the section BaseNamedObjectsQCONDB with invalid rights which allows everyon...
devfs -- ruleset bypass
Problem description Due to insufficient parameter checking of the node type during device creation, any user can expose hidden device nodes on devfs mounted file systems within their jail. Device nodes will be created in the jail with their normal default access permissions. Impact Jailed process...
CVE-2001-1551
Linux kernel 2.2.19 enables CAPSYSRESOURCE for setuid processes, which allows local users to exceed disk quota restrictions during execution of setuid programs...
CVE-2002-2042
ptrace in the QNX realtime operating system RTOS 4.25 and 6.1.0 allows programs to attach to privileged processes, which could allow local users to execute arbitrary code by modifying running processes...
CVE-2001-1514
CVE-2001-1514 affects ColdFusion 4.5 and 5 on Windows when the advanced security sandbox type is set to operating system. The issue is that security context is not properly passed to child processes created with or to those that call CreateProcess and are run via or end with the CFX extension, ...
CVE-2005-1387
Cocktail 3.5.4 and possibly earlier in Mac OS X passes the administrative password on the command line to sudo in cleartext, which allows local users to gain sensitive information by running listing processes...
CVE-2005-0719
Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service process crash for processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup, trpt, netstat, and xntpd...
Solaris ping buffer overflow
No description provided...
CVE-2004-1658
Kerio Personal Firewall 4.0 KPF4 allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \device\physicalmemory to restore the running kernel's SDT ServiceTable...
Superflous NFS Daemon Detection
Binary data 1083.prm...