1349 matches found
kernel -- information disclosure when using HTT
Problem description and impact When running on processors supporting Hyper-Threading Technology, it is possible for a malicious thread to monitor the execution of another thread. Information may be disclosed to local users, allowing in many cases for privilege escalation. For example, on a...
HP-UX PHSS_28705 : HP-UX Running Apache, Increased Privileges or Denial of Service (DoS) or Execution of Arbitrary Code (HPSBUX00224 SSRT2393 rev.3)
s700800 11.X OV NNM6.2 Intermediate Patch, Feb 2003 : Potential vulnerability regarding ownership permissions of System V shared memory based scoreboards. CERT VU825353, CVE CAN-2002-0839 Potential cross-site scripting vulnerability in the default error page when using wildcard DNS. CERT VU240329...
USN-82-1: Linux kernel vulnerabilities
CAN-2004-0176: Michael Kerrisk noticed an insufficient permission checking in the shmctl function. Any process was permitted to lock/unlock any System V shared memory segment that fell within the the RLIMITMEMLOCK limit that is the maximum size of shared memory that unprivileged users can acquire...
IBM DB2 Windows Permission Problems (#NISR05012005F)
NGSSoftware Insight Security Research Advisory Name: IBM DB2 Windows Permission Problems Systems Affected: DB2 8.1 Severity: High risk from local Vendor URL: http://www.ibm.com/ Author: Chris Anley chris at ngssoftware.com Relates to: http://www.ngssoftware.com/advisories/db2-02.txt Date of Publi...
PHP 4.x5.0 Shared Memory Module - Offset Memory Corruption
PHP 4.x5.0 Shared Memory Module - Offset Memory Corruption source: https://www.securityfocus.com/bid/12045/info PHP shared memory module shmop is reported prone to an integer handling vulnerability. The issue exists in the PHPFUNCTIONshmopwrite function and is as a result of a lack of sufficient...
PHP 4.x/5.0 Shared Memory Module - Offset Memory Corruption
source: https://www.securityfocus.com/bid/12045/info PHP shared memory module shmop is reported prone to an integer handling vulnerability. The issue exists in the PHPFUNCTIONshmopwrite function and is as a result of a lack of sufficient sanitization performed on 'offset' data. This vulnerability...
linux/x86 shared memory exec 50 bytes
Exploit for linux/x86 platform in category shellcode ===================================== linux/x86 shared memory exec 50 bytes ===================================== / email protected - http://www.nopninjas.com Platform: Linux x86 Length: 50 bytes - This shellcode connects to the shared memory...
linux/x86 shared memory exec 50 bytes
No description provided by source. / [email protected] - http://www.nopninjas.com Platform: Linux x86 Length: 50 bytes - This shellcode connects to the shared memory segment matching the key and executes the code at that address. xorl %edi,%edi xorl %esi,%esi xorl %edx,%edx movl $0xdeadbeef,%ec...
linux/x86 shared memory exec 50 bytes
linux/x86 shared memory exec 50 bytes. Shellcode exploit for linx86 platform / [email protected] - http://www.nopninjas.com Platform: Linux x86 Length: 50 bytes - This shellcode connects to the shared memory segment matching the key and executes the code at that address. xorl %edi,%edi xorl...
IBM DB2 - Universal Database Information Disclosure
IBM DB2 - Universal Database Information Disclosure source: https://www.securityfocus.com/bid/11402/info An information disclosure vulnerability has been reported in IBM DB2. This vulnerability only exists when DB2 is installed on Microsoft Windows operating systems. This is due to a Windows...
IBM DB2 - Universal Database Information Disclosure
source: https://www.securityfocus.com/bid/11402/info An information disclosure vulnerability has been reported in IBM DB2. This vulnerability only exists when DB2 is installed on Microsoft Windows operating systems. This is due to a Windows permissions issue related to shared memory sections,...
IBM DB2 Semaphore Signaling - Denial of Service
source: https://www.securityfocus.com/bid/11403/info A denial of service vulnerability has been reported in IBM DB2. This vulnerability is reported to only exist when DB2 is installed on Microsoft Windows operating systems. This issue is due to a failure of the application to properly ensure that...
Mandrake Linux Security Advisory : apache (MDKSA-2002:068)
A number of vulnerabilities were discovered in Apache versions prior to 1.3.27. The first is regarding the use of shared memory SHM in Apache. An attacker that is able to execute code as the UID of the webserver typically 'apache' is able to send arbitrary processes a USR1 signal as root. Using...
RHEL 2.1 : mm (RHSA-2002:154)
Updated mm packages are now available for Red Hat Linux Advanced Server. This update addresses possible vulnerabilities in how the MM library opens temporary files. The MM library provides an abstraction layer which allows related processes to easily share data. On systems where shared memory or...
CVE-2004-0114
The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vmmapfind function fails, which could allow local users to gain read or...
FreeBSD Security Advisory FreeBSD-SA-04:02.shmat
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:02.shmat Security Advisory The FreeBSD Project Topic: shmat reference counting bug Category: core Module: kernel Announced: 2004-02-05 Credits: Joost Pol...
shmat reference counting bug
A programming error in the shmat2 system call can result in a shared memory segment's reference count being erroneously incremented. It may be possible to cause a shared memory segment to reference unallocated kernel memory, but remain valid. This could allow a local attacker to gain read or writ...
mhftpd DoS
names for logged in users are stored in shared memory segment...
MHFTPD vulnerability
Product : MidHosting FTPd Date : 06/18/2003 Author : Frank Denis [email protected] ------------------------ Product description ------------------------ MidHosting FTPd is an FTP server designed for hosting servers, based upon virtual ftpd with support for chroot, virtual users and other standard...
MidHosting FTP Daemon 1.0.1 - Shared Memory Local Denial of Service
MidHosting FTP Daemon 1.0.1 - Shared Memory Local Denial of Service source: https://www.securityfocus.com/bid/7956/info It has been reported that MidHosting FTP Daemon does not properly implement shared memory when the m flag -m is enabled. Because of this, an attacker could corrupt process memor...