openSUSE Security Update : gpgme (openSUSE-SU-2014:1039-1)

This gpgme update to version 1.4.4 fixes the following security and non i security issues : - Fixed possible overflow in gpgsm and uiserver engines. CVE-2014-3564, bnc890123 - Fixed possibled segv in gpgmeopcardedit. - Fixed minor memleaks and possible zombie processes. - Fixed prototype...

Inxi - A newer, better system information script for irc, administration, and system troubleshooters

A newer, better system information script for irc, administration, and system troubleshooters. Inxi Options Inxi has a wide range of options and custom triggers, along with useful defaults like -b or -F. Plain inxi, no options, prints a single line of basic system information. Here is a screensho...

CentOS 7 : libvirt (CESA-2014:0914)

Updated libvirt packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Moderate: Red Hat Security Advisory: libvirt security and bug fix update

Updated libvirt packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

kernel: net: insufficient permision checks of netlink messages

It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. A local, unprivileged user could potentially bypass these restrictions by passing a netlink socket as stdout or stderr to a more privileged process and altering the outpu...

NoVirusThanks File Governor - Unlock locked files and folders

NoVirusThanks File Governor is an advanced program which allows for files and folders within the system to be unlocked so that normal file I/O operations can be completed when normally they would not be able to be due to operating system restrictions for files currently in use. Once a file or...

Microsoft Windows 2000/2003/XP CreateRemoteThread Local Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15671/info Microsoft Windows is prone to a local denial of service vulnerability. This issue can allow an attacker to trigger a system wide denial of service condition or terminate arbitrary processes. Reports indicate th...

Solaris/x86 - SystemV killall command - 39 bytes

No description provided by source. / Title: Solaris/x86 - SystemV killall command - 39 bytes Author: Jonathan Salwan submit AT shell-storm.org Web: http://www.shell-storm.org Twitter: http://twitter.com/jonathansalwan ! Database of shellcodes: http://www.shell-storm.org/shellcode/ Date: 2010-06-0...

PHP 4.x DLOpen Memory Disclosure Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/8405/info A vulnerability has been reported to present itself in the dlopen function contained in the PHP source. The issue occurs when PHP is used in conjunction with the Apache web server. A local attacker may exploit...

kernel 2.2.x/2.4 .0-test1,SGI ProPack 1.2/1.3 Capabilities Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/1322/info POSIX Capabilities have recently been implemented in the Linux kernel. These Capabilities are an additional form of privilege control to enable more specific control over what priviliged processes can do...

Poptop < 1.1.3-b3 and 1.1.3-20030409 - Negative Read Overflow

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...

Dell TrueMobile 1300 WLAN System 3.10.39 .0 Tray Applet Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9714/info It has been reported that a privilege escalation vulnerability exists in the Dell TrueMobile 1300 Wireless System Tray Applet. The issue is due to the software starting with SYSTEM privileges, to enable access t...

MS Windows 2000 Debug Registers Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2764/info A vulnerability exists in the handling of debug registers in Windows 2000. It is possible for unprivileged processes to create breakpoints for arbitrary processes. This can be used to 'kill' arbitrary processes...

ml2 - local users can crash processes

No description provided by source. include stdio.h include unistd.h include stdlib.h include syslog.h error int mainint argc, char argv char foo1000; char bigmsg10000; char s, holds; int i = 0; memsetbigmsg, 'X', sizeofbigmsg-1; if argc 2 printfusage: %s pid to kill\n, argv0; exit1; // fork;...

linux/x86 kill all processes 9 bytes

No description provided by source. ; linux/x86 kill all processes 9 bytes ; root@thegibson ; 2010-01-14 section .text global start start: ; kill-1, SIGKILL; mov al, 37 push byte -1 pop ebx mov cl, 9 int 0x80...

Libsafe 2.0 Multi-threaded Process Race Condition Security Bypass Weakness

No description provided by source. source: http://www.securityfocus.com/bid/13190/info Libsafe will normally kill an application when certain types of memory corruption are detected, preventing exploitation of some buffer overflow and format string vulnerabilities. A weakness has been reported th...

KLA10342 OSI vulnerability in Stunnel

Improper work with OpenSSL was found in Stunnel. By exploiting this vulnerability malicious users can obtain private keys or certificates. This vulnerability can be exploited remotely at a point related to children’s processes. Original advisories Stunnel Changelog Related products Stunnel CVE li...

Updated dbus packages fix security vulnerability

Updated dbus packages fix security vulnerability: A denial of service vulnerability in D-Bus before 1.6.20 allows a local attacker to cause a bus-activated service that is not currently running to attempt to start, and fail, denying other users access to this service Additionally, in highly unusu...

Apache Httpd < 2.2.29 : mod_cgid denial of service

A flaw was found in modcgid. If a server using modcgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service...

CVE-2013-6825

1 movescu.cc and 2 storescp.cc in dcmnet/apps/, 3 dcmnet/libsrc/scp.cc, 4 dcmwlm/libsrc/wlmactmg.cc, 5 dcmprscp.cc and 6 dcmpsrcv.cc in dcmpstat/apps/, 7 dcmpstat/tests/msgserv.cc, and 8 dcmqrdb/apps/dcmqrscp.cc in DCMTK 3.6.1 and earlier does not check the return value of the setuid system call,...