1366 matches found
Intel wireless service s24evmon.exe information leak
S24EventManagerSharedMemory shared memory sections is used to store critical information, such as WEP keys and passwords without access control...
Intel wireless service s24evmon.exe confidential information disclosure.
S24EvMon.exe is a service which is part at least of the Intel PROset/Wireless software. This application is provided by Intel in order to support intel Wireless Devices based on Spectrum 24 chipsets. This service uses a shared memory section which is created without the proper security descriptor...
CVE-2006-2071
Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bug...
Code injection
Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bug...
CVE-2006-2071
Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bug...
CVE-2006-2071
CVE-2006-2071 affects Linux kernels 2.4.x and 2.6.x up to 2.6.16. It arises from a flaw in the mprotect handling that allowed a local user to grant write permission to a read-only attachment of a shared memory segment, bypassing IPC permissions and enabling modification of the attachment. Reporte...
Multiple Linux kernel vulnerabilities
Floating-point unit registers information leak, shared memory section elevated access. iprouteinput multiplcast DoS...
security flaw
Race condition in Linux 2.6, when threads are sharing memory mapping via CLONEVM such as linuxthreads and vfork, might allow local users to cause a denial of service deadlock by triggering a core dump while waiting for a thread that has just performed an exec...
Ubuntu 4.10 / 5.04 : linux-source-2.6.10, linux-source-2.6.8.1 vulnerabilities (USN-199-1)
A Denial of Service vulnerability was discovered in the syssetmempolicy function. By calling the function with a negative first argument, a local attacker could cause a kernel crash. CAN-2005-3053 A race condition was discovered in the handling of shared memory mappings with CLONEVM. A local...
CVE-2005-4868
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service...
PT-2005-5529 · Ibm · Ibm Db2
Name of the Vulnerable Software and Affected Versions: IBM DB2 version 8.1 Description: The issue allows local users to gain unauthorized access and sensitive information, such as cleartext passwords, due to default permissions of read and write for the Everyone group in shared memory sections an...
USN-199-1: Linux kernel vulnerabilities
A Denial of Service vulnerability was discovered in the syssetmempolicy function. By calling the function with a negative first argument, a local attacker could cause a kernel crash. CAN-2005-3053 A race condition was discovered in the handling of shared memory mappings with CLONEVM. A local...
IBM Access information leak
Critical data is stored in shared memory segment, open for reading and writing...
CVE-2002-2038
NGPT 1.9.0 uses a filesystem-based shared memory entry, enabling local users to cause a denial of service or spoof files in threaded processes. The root cause is the shared memory entry management via the filesystem; the impact is partial confidentiality and integrity with potential availability ...
CVE-2002-2038
Next Generation POSIX Threading NGPT 1.9.0 uses a filesystem-based shared memory entry, which allows local users to cause a denial of service or in threaded processes or spoof files via unknown methods...
kernel security update
CentOS Errata and Security Advisory CESA-2005:472 Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 3 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel...
Important: Red Hat Security Advisory: kernel security update
Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 3 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating syste...
kernel -- information disclosure when using HTT
Problem description and impact When running on processors supporting Hyper-Threading Technology, it is possible for a malicious thread to monitor the execution of another thread. Information may be disclosed to local users, allowing in many cases for privilege escalation. For example, on a...
HP-UX PHSS_28705 : HP-UX Running Apache, Increased Privileges or Denial of Service (DoS) or Execution of Arbitrary Code (HPSBUX00224 SSRT2393 rev.3)
s700800 11.X OV NNM6.2 Intermediate Patch, Feb 2003 : Potential vulnerability regarding ownership permissions of System V shared memory based scoreboards. CERT VU825353, CVE CAN-2002-0839 Potential cross-site scripting vulnerability in the default error page when using wildcard DNS. CERT VU240329...
USN-82-1: Linux kernel vulnerabilities
CAN-2004-0176: Michael Kerrisk noticed an insufficient permission checking in the shmctl function. Any process was permitted to lock/unlock any System V shared memory segment that fell within the the RLIMITMEMLOCK limit that is the maximum size of shared memory that unprivileged users can acquire...