2 matches found
Critical PowerDNS Recursor Security Vulnerabilities: please upgrade ASAP to 3.1.7.2
Dear PowerDNS Users, Two major vulnerabilities have recently been discovered in the PowerDNS Recursor all versions up to and including 3.1.7.1. Over the past two weeks, these vulnerabilities have been addressed, resulting in PowerDNS Recursor 3.1.7.2. Given the nature and magnitude of these...
Linux Kernel locks_remove_flock()本地竞争条件漏洞
BUGTRAQ ID: 33237 CVECAN ID: CVE-2008-4307 Linux Kernel是开放源码操作系统Linux所使用的内核。 RHEL4/5内核处理POSIX锁定时fcntl调用可能与关闭相同文件描述符出现竞争,本地攻击者可以利用这个漏洞导致拒绝服务或获得权限提升。 fcntl以如下方式获得POSIX锁定: sysfcntl fget dofcntl fcntlsetlk fput if!count fput locksremoveflock fcntlsetlk调用可能阻塞很长时间,允许同一进程中的其他线程关闭文件描述符: sysclose filpclos...