Debian Security Advisory DSA 1128-1 (heartbeat)

The remote host is missing an update to heartbeat announced via advisory DSA 1128-1. Yan Rong Ge discovered that wrong permissions on a shared memory page in heartbeat, the subsystem for High-Availability Linux could be exploited by a local attacker to cause a denial of service. OpenVAS...

Session fixation

IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions Everyone:Full Control for memory mapped files shared memory in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character...

CVE-2003-1502

modthrottle 3.0 allows local users with Apache privileges to access shared memory that points to a file that is writable by the apache user, which could allow local users to gain privileges...

CVE-2005-4868

The CVE-2005-4868 entry affects IBM DB2 8.1. Shared memory sections and events have default read/write permissions for the Everyone group, enabling local users to gain unauthorized access and potentially view sensitive data (e.g., cleartext passwords) and cause a denial of service. Exploitation i...

HP-UX Security Patch : PHSS_29230

Webproxy 2.0 proxyctl and shared memory fix %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26672; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

Apache Prefork MPM vulnerabilities - Report

----- Apache Prefork MPM vulnerabilities ---------------------------------- PSNC Security Team http://security.psnc.pl/files/apachereport.pdf 1. Introduction This small case study is a result of source code analysis of Apache httpd server MPM modules. The main goal of this document is to show, wh...

CVE-2007-3100

usr/log.c in iscsid in open-iscsi iscsi-initiator-utils before 2.0-865 uses a semaphore with insecure permissions world-writable/world-readable for managing log messages using shared memory, which allows local users to cause a denial of service hang by grabbing the semaphore...

DEBIAN-CVE-2007-3100

usr/log.c in iscsid in open-iscsi iscsi-initiator-utils before 2.0-865 uses a semaphore with insecure permissions world-writable/world-readable for managing log messages using shared memory, which allows local users to cause a denial of service hang by grabbing the semaphore...

CVE-2007-3100

usr/log.c in iscsid in open-iscsi iscsi-initiator-utils before 2.0-865 uses a semaphore with insecure permissions world-writable/world-readable for managing log messages using shared memory, which allows local users to cause a denial of service hang by grabbing the semaphore...

CVE-2007-2110

Unspecified vulnerability in the Core RDBMS component for Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.4 on Windows systems has unknown impact and attack vectors, aka DB03. NOTE: as of 20070424, Oracle has not disputed reliable claims that DB03 occurs because RDBMS uses a NULL Discretionary Acce...

[RISE-2007001] Apple Mac OS X 10.4.x kernel shared_region_map_file_np() memory corruption vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 RISE-2007001 Apple Mac OS X 10.4.x kernel sharedregionmapfilenp memory corruption vulnerability Released: January 19, 2007 Last updated: January 19, 2007 INTRODUCTION There exists a vulnerability within a function of the Apple Mac OS X 10.4.x kernel...

Intel® PROSet/Wireless Software Local Information Disclosure

Summary: A security vulnerability exists in the Intel® PROSet/Wireless Software PROSet application because of insecure usage of shared memory allowing a person having access to the user’s computer or malicious software installed on the user’s computer to obtain access to users’ wireless network...

Mandrake Linux Security Advisory : heartbeat (MDKSA-2006:142)

Two vulnerabilities in heartbeat prior to 2.0.6 was discovered by Yan Rong Ge. The first is that heartbeat would set insecure permissions in an shmget call for shared memory, allowing a local attacker to cause an unspecified denial of service via unknown vectors CVE-2006-3815. The second is a...

The Red Hat Enterprise Linux 3 SMP Kernel fails to properly handle IPC shared-memory

Overview The Red Hat Enterprise Linux 3 SMP Kernel may allow an authenticated attacker to cause a denial-of-service condition with specially crafted IPC shared-memory functions. Description Inter-Process Communication IPC shared-memory is a method of passing data between programs used by the Red...

Linux-HA Heartbeat Insecure Default Permissions on Shared Memory Vulnerability

No description provided by source. / Intruders Tiger Team Security http://www.intruders.org.br/ Heartbeat 2.0.6 Insecure Shared Memory - Local Denial of Service. Credits: Yan Rong Ge, see link below: http://secunia.com/advisories/21162/ Tested on Heartbeat 2.0.5. Thanks for Wendel Guglielmetti,...

security flaw

The kernel in Red Hat Enterprise Linux 3, when running on SMP systems, allows local users to cause a denial of service deadlock by running the shmat function on an shm at the same time that shmctl is removing that shm IPCRMID, which prevents a spinlock from being unlocked...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 3 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating syste...

security flaw

Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bug...

kernel security update

CentOS Errata and Security Advisory CESA-2006:0710 Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 3 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel...

PT-2006-5148 · Red Hat · Red Hat

Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Linux version 3 Description: The issue allows local users to cause a denial of service, resulting in a deadlock. This occurs when the shmat function is run on a shared memory segment at the same time that the shmctl functio...