GHSA-PMRX-695R-4349 dbt allows Binding to an Unrestricted IP Address via socketsocket

Summary Binding to INADDRANY 0.0.0.0 or IN6ADDRANY :: exposes an application on all network interfaces, increasing the risk of unauthorized access. While doing some static analysis and code inspection, I found the following code binding a socket to INADDRANY by passing "" as the address. This...

dbt 安全漏洞

dbt is a data transcription tool. A security vulnerability exists in dbt that stems from the ability to bind to unrestricted IP addresses via socket ketsocket, which increases the risk of unauthorized access...

PT-2024-22368 · Corewcf · Corewcf

Name of the Vulnerable Software and Affected Versions: CoreWCF versions prior to 1.4.2 CoreWCF versions prior to 1.5.2 Description: The issue affects NetFraming based CoreWCF services, where extra system resources could be consumed by connections being left established instead of closing or...

UBUNTU-CVE-2021-47086

In the Linux kernel, the following vulnerability has been resolved: phonet/pep: refuse to enable an unbound pipe This ioctl implicitly assumed that the socket was already bound to a valid local socket name, i.e. Phonet object. If the socket was not bound, two separate problems would occur: 1 We'd...

SUSE CVE-2013-7421

The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AFALG socket with a module name in the salgname field, a different vulnerability than CVE-2014-9644...

PT-2021-8009 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a use-after-free bug in the NFC subsystem of the Linux kernel, specifically in the llcp sock bind and llcp sock connect functions. This can be triggered when th...

Linux/x86 - Bind Shell Generator Shellcode (114 bytes)

Title: Linux/x86 - Bind Shell Generator Shellcode 114 bytes Author: Bobby Cooke Tested On: Ubuntu 3.13.0-32-generic 57precise1-Ubuntu i386 !/usr/bin/python Take users TCP port as input port = rawinput"Enter TCP Port Number: " Convert input string to an integer deciPort = intport Format the intege...

Linux kernel memory leak vulnerability (CNVD-2018-24475)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A memory leak vulnerability exists in the 'irdabind' function in the net/irda/afirda.c file and the drivers/staging/irda/net/afirda.c file in versions of Linux kernel...

DEBIAN-CVE-2018-6554

Memory leak in the irdabind function in net/irda/afirda.c and later in drivers/staging/irda/net/afirda.c in the Linux kernel before 4.17 allows local users to cause a denial of service memory consumption by repeatedly binding an AFIRDA socket...

kernel: NULL dereference in RFCOMM bind callback

The rfcommsockbind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service NULL pointer dereference via vectors involving a bind system call on a Bluetooth RFCOMM socket...

Unspecified Vulnerability in libimobiledevice and libusbmuxd

libimobiledevice is a software protocol library and tool that enables Linux support for connecting to iOS devices such as the iPhone, iPodTouch, etc. libusbmuxd is a client library for connecting to iOS devices. An unspecified vulnerability exists in libimobiledevice and libusbmuxd, which arises...

Subsystem: Information disclosure via incorrect sensitivity classification of attribute

It was discovered that the JBoss Application Server WildFly JacORB subsystem incorrectly assigned socket-binding-ref sensitivity classification for the security-domain attribute. An authenticated user with a role that has access to attributes with socket-binding-ref and not security-domain-ref...

CVE-2014-7853

The JBoss Application Server WildFly JacORB subsystem in Red Hat JBoss Enterprise Application Platform EAP before 6.3.3 does not properly assign socket-binding-ref sensitivity classification to the security-domain attribute, which allows remote authenticated users to obtain sensitive information ...

Subsystem: Information disclosure via incorrect sensitivity classification of attribute

It was discovered that the JBoss Application Server WildFly JacORB subsystem incorrectly assigned socket-binding-ref sensitivity classification for the security-domain attribute. An authenticated user with a role that has access to attributes with socket-binding-ref and not security-domain-ref...

Subsystem: Information disclosure via incorrect sensitivity classification of attribute

It was discovered that the JBoss Application Server WildFly JacORB subsystem incorrectly assigned socket-binding-ref sensitivity classification for the security-domain attribute. An authenticated user with a role that has access to attributes with socket-binding-ref and not security-domain-ref...

Subsystem: Information disclosure via incorrect sensitivity classification of attribute

It was discovered that the JBoss Application Server WildFly JacORB subsystem incorrectly assigned socket-binding-ref sensitivity classification for the security-domain attribute. An authenticated user with a role that has access to attributes with socket-binding-ref and not security-domain-ref...

Subsystem: Information disclosure via incorrect sensitivity classification of attribute

It was discovered that the JBoss Application Server WildFly JacORB subsystem incorrectly assigned socket-binding-ref sensitivity classification for the security-domain attribute. An authenticated user with a role that has access to attributes with socket-binding-ref and not security-domain-ref...

Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - 'rpc.lockd' Remote Denial of Service

source: https://www.securityfocus.com/bid/1372/info A denial of service attack exists in the NFS lock daemon supplied with Linux. By connecting to the port rpc.lockd is running on, and supplying random input, it will cause lockd to exit with an error. The socket associated with rpc.lockd is also...