FreeBSD-SA-02:30.ktrace

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:30 Security Advisory The FreeBSD Project Topic: Users may trace previously privileged processes Category: core Module: ktrace Announced: 2002-07-12 Credits: Theo DeRaadt...

d_path() truncating excessive long path name vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Name: Linux kernel Version: up to 2.2.20 and 2.4.18 Homepage: http://www.kernel.org/ Author: Wojciech Purczynski [email protected] Date: March 26, 2002 Issue: ====== In case of excessively long path names dpath kernel internal function returns truncated...

CVE-2001-1514

ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly pass security context to 1 child processes created with and 2 child processes that call the CreateProcess function and are executed with or end with the CFX extension...

CVE-2001-1551

Linux kernel 2.2.19 enables CAPSYSRESOURCE for setuid processes, which allows local users to exceed disk quota restrictions during execution of setuid programs...

CVE-1999-1564

FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service panic with a large number accesses of an NFS v3 mounted directory from a large number of processes...

PT-2001-2370 · Microsoft · Windows 2000

Name of the Vulnerable Software and Affected Versions: Windows 2000 Description: The issue concerns the Task Manager in Windows 2000, which does not allow local users to end certain processes via the Process tab. Specifically, processes with uppercase letters in their names, such as winlogon.exe,...

Microsoft Windows Server 2000 - Debug Registers

Microsoft Windows Server 2000 - Debug Registers // source: https://www.securityfocus.com/bid/2764/info A vulnerability exists in the handling of debug registers in Windows 2000. It is possible for unprivileged processes to create breakpoints for arbitrary processes. This can be used to 'kill'...

CVE-2000-1143

Recourse ManTrap 1.6 hides the first 4 processes that run on a Solaris system, which allows attackers to determine that they are in a honeypot system...

ml2 - Local users can Crash processes

ml2 - Local users can Crash processes include include include include error int mainint argc, char argv char foo1000; char bigmsg10000; char s, holds; int i = 0; memsetbigmsg, 'X', sizeofbigmsg-1; if argc \n", argv0; exit1; // fork; memsetfoo, 0, sizeoffoo; snprintffoo, sizeoffoo, "/proc/%s/stat"...

ml2 - Local users can Crash processes

include include include include error int mainint argc, char argv char foo1000; char bigmsg10000; char s, holds; int i = 0; memsetbigmsg, 'X', sizeofbigmsg-1; if argc \n", argv0; exit1; // fork; memsetfoo, 0, sizeoffoo; snprintffoo, sizeoffoo, "/proc/%s/stat", argv1; while accessfoo, FOK == 0 s =...

ManTrap 1.6.1 - Hidden Process Disclosure

ManTrap 1.6.1 - Hidden Process Disclosure // source: https://www.securityfocus.com/bid/1908/info ManTrap is a "honeypot" intrusion detection system designed to lure attackers into it for analysis. The honeypot is implemented as a chroot'ed Solaris environment, designed to look and feel real to an...

CVE-2000-0880

LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kill arbitrary processes by specifying an alternate process ID and using the setuid dcclpdshut program to kill the process that was specified in the lpdprocess file...

CVE-2000-0251

HP-UX 11.04 VirtualVault (VVOS) is affected by CVE-2000-0251. The issue involves VVOS sending data to unprivileged processes via an interface that has multiple aliased IP addresses. This exposes sensitive data to unprivileged processes, with the documented impact indicating partial integrity comp...

CVE-2000-0251

HP-UX 11.04 VirtualVault VVOS sends data to unprivileged processes via an interface that has multiple aliased IP addresses...

CVE-1999-0187

...

CVE-1999-0226

Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service...

CVE-1999-0992

HP VirtualVault with the PHSS17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy TGP...

SCO Unixware 7.07.0.17.17.1.1 - coredump Symlink

SCO Unixware 7.07.0.17.17.1.1 - coredump Symlink source: https://www.securityfocus.com/bid/851/info Under certain versions of SCO UnixWare if a user can force a program with SGID Set Group ID to dump core they may launch a symlink attack by guessing the PID Process ID of the SGID process which th...

ipop3d.4.xx.lockfile.DoS.txt

Date: Sun, 7 Mar 1999 01:41:25 +0100 From: Michal Zalewski Lockfile vunerability in ipop3d 4.xx The problem is probably well known, but silently ignored by pine vendors. Unfortunately, it's possible to turn 'mostly harmless feature' in something nasty - following code allows various DoSes by...

CVE-1999-0226

Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service...