DEBIAN-CVE-2007-3303

Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that 1 stop request processing by killing all worker processes and preventing creation of replacements or 2 hang the system by forcin...

CVE-2007-3303

Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that 1 stop request processing by killing all worker processes and preventing creation of replacements or 2 hang the system by forcin...

Design/Logic Flaw

SSH Tectia Server for IBM z/OS before 5.4.0 uses insecure world-writable permissions for 1 the server pid file, which allows local users to cause arbitrary processes to be stopped, or 2 when BPXBATCHUMASK is missing from the environment, creates HFS files with insecure permissions, which allows...

CVE-2007-1400

Plash permits sandboxed processes to open /dev/tty, which allows local users to escape sandbox restrictions and execute arbitrary commands by sending characters to a shell process on the same termimal via the TIOCSTI ioctl...

linux/x86 kill all processes 11 bytes

No description provided by source. / By Kris Katterjohn 11/13/2006 11 byte shellcode to kill all processes for Linux/x86 section .text global start start: ; kill-1, SIGKILL push byte 37 pop eax push byte -1 pop ebx push byte 9 pop ecx int 0x80 / main char shellcode =...

CVE-2007-0805

The ps /usr/ucb/ps command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587...

OSF/1 ps information leak

ps show environment variables for all processes...

CVE-2007-0474

Smb4K before 0.8.0 allow local users, when present on the Smb4K sudoers list, to kill arbitrary processes, related to a "design issue with smb4kkill."...

Open redirect

Smb4K before 0.8.0 allow local users, when present on the Smb4K sudoers list, to kill arbitrary processes, related to a "design issue with smb4kkill."...

DEBIAN-CVE-2007-0474

Smb4K before 0.8.0 allow local users, when present on the Smb4K sudoers list, to kill arbitrary processes, related to a "design issue with smb4kkill."...

CVE-2007-0474

Smb4K before 0.8.0 allow local users, when present on the Smb4K sudoers list, to kill arbitrary processes, related to a "design issue with smb4kkill."...

Poptop Negative Read Overflow

This is an exploit for the Poptop negative read overflow. This will work against versions prior to 1.1.3-b3 and 1.1.3-20030409, but I currently do not have a good way to detect Poptop versions. The server will by default only allow 4 concurrent manager processes what we run our code in, so you...

Integrity Clientless Security (ICS) Update 3.7.131.0

Check Point Integrity ™ Clientless Security ICS protects your Web site by detecting and disabling spyware processes and allowing you to enforce security policies before a user logs onto your network. Using ICS you can prevent users with potentially harmful software from accessing your Web site, a...

MS Windows NtRaiseHardError Csrss.exe Memory Disclosure Exploit

No description provided by source. ///////////////////////////////////////// ///////////////////////////////////////// ///// Microsoft Windows NtRaiseHardError ///// Csrss.exe memory disclosure ///////////////////////////////////////// ///// Ruben Santamarta ///// ruben at reversemode dot com ///...

CVE-2006-5648

Ubuntu Linux 6.10 for the PowerPC PPC allows local users to cause a denial of service resource consumption by using the 1 sysgetrobustlist and 2 syssetrobustlist functions to create processes that cannot be killed...

CVE-2006-5648

Ubuntu Linux 6.10 for the PowerPC PPC allows local users to cause a denial of service resource consumption by using the 1 sysgetrobustlist and 2 syssetrobustlist functions to create processes that cannot be killed...

mono -- "System.CodeDom.Compiler" Insecure Temporary Creation

Sebastian Krahmer reports: Sebastian Krahmer of the SuSE security team discovered that the System.CodeDom.Compiler classes used temporary files in an insecure way. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the program...

Apache Httpd < 2.0.61 : Signals to arbitrary processes

The Apache HTTP server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the HTTP server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service...

Apache Httpd < 1.3.39 : Signals to arbitrary processes

The Apache HTTP server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the HTTP server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service...

Sendmail 8.13.6 release notes

8.13.6/8.13.6 2006/03/22 SECURITY: Replace unsafe use of setjmp3/longjmp3 in the server and client side of sendmail with timeouts in the libsm I/O layer and fix problems in that code. Also fix handling of a buffer in smsyslog which could have been used as an attack vector to exploit the unsafe...