4 matches found
CVE-2023-40184
CVE-2023-40184 affects xrdp, an open-source RDP server. In versions prior to 0.9.23, improper handling of session establishment errors can cause bypass of OS-level session restrictions because auth_start_session may return non-zero (e.g., on PAM error), potentially bypassing PAM limits for max co...
PunBB口令重置弱随机数绕过安全限制漏洞
BUGTRAQ ID: 27908 PunBB是一款基于PHP的论坛程序。 PunBB的口令重置功能实现上存在漏洞,远程攻击者可能利用此漏洞在特定条件重置用户的口令。 如果用户忘记了口令的话,可使用PunBB的口令重置功能重置。在请求口令重置后,论坛会向用户发送一封邮件,包含有一个新的随机口令以及激活链接,用户必须点击这个链接才能使口令更改生效。...
[Full-disclosure] Microsoft Windows keybd_event validation vulnerability
Vulnerability: Microsoft Windows keybdevent validation vulnerability. Type:......... Design Flaw Vendor:....... Microsoft Impact:....... Local Privilege Elevation. Credits:...... AndrTarascaT4r @ Haxorcitos.comhttp://Haxorcitos.com .......I Lopez ilo @ reversing.org http://reversing.org...
patch_for_ipc_vuln.txt
Subject: Re: KKIS19990914.004b: ShareDream - shared memory - ipc vulnerability To: [email protected] Attached is a trivial Linux-2.2.12 patch wich adds add a procfs entry for tuning the limit of shared memory allocable. /proc/sys/kernel/shmmax Max number of shared memory pages Attached is...