1893 matches found
DSA-922-1 kernel-source-2.6.8 - several
Bulletin has no description...
Linux Kernel 2.4/2.6 bluez Local Root Privilege Escalation Exploit (update)
Exploit for linux platform in category local exploits =========================================================================== Linux Kernel 2.4/2.6 bluez Local Root Privilege Escalation Exploit update =========================================================================== / Due to many...
USN-187-1: Linux kernel vulnerabilities
A Denial of Service vulnerability was detected in the stack segment fault handler. A local attacker could exploit this by causing stack fault exceptions under special circumstances scheduling, which lead to a kernel crash. CAN-2005-1767 Vasiliy Averin discovered a Denial of Service vulnerability ...
BID 14355, VERITAS NetBackup 5.1 Time Stamp Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: BID 14355, http://www.securityfocus.com/bid/14355, Risk: Very Low to minimal Affected product: Veritas NetBackup minimal impact only This issue does NOT affect Veritas Backup Exec Symantec engineers have thoroughly reviewed the issue as...
CVE-2001-1578
Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors...
CVE-2005-1767
CVE-2005-1767 affects Linux kernels 2.4.x and 2.6.x; the vulnerability exists in traps.c stack fault handler, allowing a local user to cause a kernel crash (Denial of Service) via stack exceptions. Public advisories (Debian, Red Hat/CentOS, Ubuntu) indicate updated kernel packages mitigate the is...
IBM Access information leak
Critical data is stored in shared memory segment, open for reading and writing...
TCP implementations do not adequately validate segments before updating timers (TCP PAWS vulnerability)
...
QuickTime malformed JPEG buffer overflow
When fuzzing some application with malformed input files, if we want to discover some vulnerability we have to create input file which is very close to valid file but yet malformed in some way. In that way chances for discovery are greater. Now let's play with JPEG format. We concentrate on Huffm...
CVE-2004-0002
The TCP MSS maximum segment size functionality in netinet allows remote attackers to cause a denial of service resource exhaustion via 1 a low MTU, which causes a large number of small packets to be produced, or 2 via a large number of packets with a small TCP payload, which cause a large number ...
FreeBSD-SA-04:02.shmat
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:02.shmat Security Advisory The FreeBSD Project Topic: shmat reference counting bug Category: core Module: kernel Announced: 2004-02-05 Credits: Joost Pol...
shmat reference counting bug
A programming error in the shmat2 system call can result in a shared memory segment's reference count being erroneously incremented. It may be possible to cause a shared memory segment to reference unallocated kernel memory, but remain valid. This could allow a local attacker to gain read or writ...
Avaya Argent Office vulnerable to denial of service via malformed DNS packets
Overview The Avaya Argent Office reboots in response to certain malformed DNS packets, resulting in a denial of service condition. Description The Avaya Argent Office reboots when a packet with an empty payload is sent to UDP port 53 DNS on its internal interface. By sending repeated packets to...
Avaya Argent Office requests 'HoldMusic' file from broadcast address via TFTP
Overview This vulnerability allows unauthenticated users to upload call holding music to affected devices. Description The Avaya Argent Office sends broadcast TFTP requests to obtain a file named "HoldMusic" that is used to supply hold music for customers who dial into the device. Therefore, an...
Mozilla/Netscape crossite scripting
If dot is present in the end of hostname Mozilla teat part of the path as a domain...
vulnerabilities in logsurfer
-----BEGIN PGP SIGNED MESSAGE----- The program "logsurfer" was designed to monitor any text-based logfiles on systems in realtime. For more informations about logsurfer we refer to http://www.cert.dfn.de/eng/logsurf/home.html 1. Affected software: All logsurfer versions including 1.5a and earlier...
CVE-2001-1244
Multiple TCP implementations could allow remote attackers to cause a denial of service bandwidth and CPU exhaustion by setting the maximum segment size MSS to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traff...
EUVD-2001-1225
Multiple TCP implementations could allow remote attackers to cause a denial of service bandwidth and CPU exhaustion by setting the maximum segment size MSS to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traff...
Security Update: [CSSA-2002-SCO.14] Open UNIX 8.0.0 UnixWare 7.1.1 : X server allows access to any shared memory on the system
To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: Open UNIX 8.0.0 UnixWare 7.1.1 : X server allows access to any shared memory on the system Advisory number: CSSA-2002-SCO.14 Issue date: 2002 April 08 Cross...
Cisco IOS and CatOS fail to properly validate ARP packets thereby overwriting device's MAC address in ARP table
Overview There is a denial-of-service vulnerability in specific versions of Cisco IOS or CatOS. Description A denial-of-service vulnerability exists in specific versions of Cisco IOS or CatOS. This vulnerability can cause the device to crash or become unavailable if specially crafted arp packets...