Code injection

Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bug...

CVE-2006-2071

CVE-2006-2071 affects Linux kernels 2.4.x and 2.6.x up to 2.6.16. It arises from a flaw in the mprotect handling that allowed a local user to grant write permission to a read-only attachment of a shared memory segment, bypassing IPC permissions and enabling modification of the attachment. Reporte...

CVE-2006-2071

Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bug...

Multiple Linux kernel vulnerabilities

Floating-point unit registers information leak, shared memory section elevated access. iprouteinput multiplcast DoS...

security flaw

Race condition in Linux 2.6, when threads are sharing memory mapping via CLONEVM such as linuxthreads and vfork, might allow local users to cause a denial of service deadlock by triggering a core dump while waiting for a thread that has just performed an exec...

Ubuntu 4.10 / 5.04 : linux-source-2.6.10, linux-source-2.6.8.1 vulnerabilities (USN-199-1)

A Denial of Service vulnerability was discovered in the syssetmempolicy function. By calling the function with a negative first argument, a local attacker could cause a kernel crash. CAN-2005-3053 A race condition was discovered in the handling of shared memory mappings with CLONEVM. A local...

CVE-2005-4868

Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service...

PT-2005-5529 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM DB2 version 8.1 Description: The issue allows local users to gain unauthorized access and sensitive information, such as cleartext passwords, due to default permissions of read and write for the Everyone group in shared memory sections an...

USN-199-1: Linux kernel vulnerabilities

A Denial of Service vulnerability was discovered in the syssetmempolicy function. By calling the function with a negative first argument, a local attacker could cause a kernel crash. CAN-2005-3053 A race condition was discovered in the handling of shared memory mappings with CLONEVM. A local...

IBM Access information leak

Critical data is stored in shared memory segment, open for reading and writing...

CVE-2002-2038

NGPT 1.9.0 uses a filesystem-based shared memory entry, enabling local users to cause a denial of service or spoof files in threaded processes. The root cause is the shared memory entry management via the filesystem; the impact is partial confidentiality and integrity with potential availability ...

CVE-2002-2038

Next Generation POSIX Threading NGPT 1.9.0 uses a filesystem-based shared memory entry, which allows local users to cause a denial of service or in threaded processes or spoof files via unknown methods...

kernel security update

CentOS Errata and Security Advisory CESA-2005:472 Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 3 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 3 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating syste...

kernel -- information disclosure when using HTT

Problem description and impact When running on processors supporting Hyper-Threading Technology, it is possible for a malicious thread to monitor the execution of another thread. Information may be disclosed to local users, allowing in many cases for privilege escalation. For example, on a...

HP-UX PHSS_28705 : HP-UX Running Apache, Increased Privileges or Denial of Service (DoS) or Execution of Arbitrary Code (HPSBUX00224 SSRT2393 rev.3)

s700800 11.X OV NNM6.2 Intermediate Patch, Feb 2003 : Potential vulnerability regarding ownership permissions of System V shared memory based scoreboards. CERT VU825353, CVE CAN-2002-0839 Potential cross-site scripting vulnerability in the default error page when using wildcard DNS. CERT VU240329...

USN-82-1: Linux kernel vulnerabilities

CAN-2004-0176: Michael Kerrisk noticed an insufficient permission checking in the shmctl function. Any process was permitted to lock/unlock any System V shared memory segment that fell within the the RLIMITMEMLOCK limit that is the maximum size of shared memory that unprivileged users can acquire...

IBM DB2 Windows Permission Problems (#NISR05012005F)

NGSSoftware Insight Security Research Advisory Name: IBM DB2 Windows Permission Problems Systems Affected: DB2 8.1 Severity: High risk from local Vendor URL: http://www.ibm.com/ Author: Chris Anley chris at ngssoftware.com Relates to: http://www.ngssoftware.com/advisories/db2-02.txt Date of Publi...

PHP 4.x5.0 Shared Memory Module - Offset Memory Corruption

PHP 4.x5.0 Shared Memory Module - Offset Memory Corruption source: https://www.securityfocus.com/bid/12045/info PHP shared memory module shmop is reported prone to an integer handling vulnerability. The issue exists in the PHPFUNCTIONshmopwrite function and is as a result of a lack of sufficient...

PHP 4.x/5.0 Shared Memory Module - Offset Memory Corruption

source: https://www.securityfocus.com/bid/12045/info PHP shared memory module shmop is reported prone to an integer handling vulnerability. The issue exists in the PHPFUNCTIONshmopwrite function and is as a result of a lack of sufficient sanitization performed on 'offset' data. This vulnerability...