38 matches found
Vulnerability in use of socketpair
IBM SECURITY ADVISORY First Issued: Tue Jun 5 13:38:09 CDT 2012 | Updated: Wed Oct 3 10:13:19 CDT 2012 | Update: SP availability date and the lslpp assessment | Update: New ifixes for the latest SP's | Updated: Thu Dec 12 12:55:11 CST 2013 | Update: 1. Added KEYs for parsing purposes | 2. Moved t...
IBM AIX 'socketpair()'本地拒绝服务漏洞
BUGTRAQ ID: 53567 AIX是一个基于开放标准的UNIX操作系统,为用户提供企业信息技术基础架构。 IBM AIX 5.3在使用SOCKETPAIR调用后释放的套接字可导致系统崩溃,攻击者可利用此漏洞造成拒绝服务。 0 IBM AIX 5.3 厂商补丁: IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.ers.ibm.com/...
kernel: unix socket local dos
The waitforunixgc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service system hang via crafted use of the socketpair and sendmsg system...
kernel: unix socket local dos
The waitforunixgc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service system hang via crafted use of the socketpair and sendmsg system...
kernel: unix socket local dos
The waitforunixgc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service system hang via crafted use of the socketpair and sendmsg system...
Code injection
The waitforunixgc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service system hang via crafted use of the socketpair and sendmsg system...
CVE-2010-4249
CVE-2010-4249 affects the Linux kernel before 2.6.37-rc3-next-20101125: the wait_for_unix_gc routine in net/unix/garbage.c does not properly select times for garbage-collecting inflight sockets, enabling local users to cause a denial of service (system hang) by crafting socketpair and sendmsg cal...
CVE-2010-4249
The waitforunixgc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service system hang via crafted use of the socketpair and sendmsg system...
PT-2010-1056 · Centos +3 · Centos +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.9 Red Hat Enterprise Linux kernel versions 2.6.9 CentOS kernel versions 2.6.9 Description: The issue affects the Linux kernel and can lead to a disruption of confidentiality, integrity, and availability of protected...
CVE-2010-4249
The waitforunixgc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service system hang via crafted use of the socketpair and sendmsg system...
Linux Kernel Unix Sockets Local Denial of Service
Exploit for linux platform in category dos / poc ================================================= Linux Kernel Unix Sockets Local Denial of Service ================================================= Simple kernel attack using socketpair. easy, 100% reproductiblle, works under guest. no way to...
Linux Kernel 2.6.37 - Unix Sockets Local Denial of Service
Linux Kernel 2.6.37 - Unix Sockets Local Denial of Service / Simple kernel attack using socketpair. easy, 100% reproductiblle, works under guest. no way to protect : Simple kernel attack using socketpair. easy, 100% reproductiblle, works under guest. no way to protect : See source attached. Proce...
Linux Kernel Unix Sockets Denial Of Service
Simple kernel attack using socketpair. easy, 100% reproductiblle, works under guest. no way to protect : See source attached. Process become in state 'Running' but not killalble via kill -KILL. eat 100% CPU, eat all available internal file descriptors in kernel : -- Segmentation fault include...
Linux Kernel __scm_destroy()本地拒绝服务漏洞
BUGTRAQ ID: 32154 CVECAN ID: CVE-2008-5029 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的net/core/scm.c文件中的scmdestroy函数可能通过调用fput函数间接地递归调用其本身,本地攻击者可以通过UNIX域套接字发送SCMRIGHTS消息并关闭文件描述符导致拒绝服务的情况。 Linux kernel 2.6.27.4 Linux kernel 2.6.26 Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Linux Kernel 2.4.36.92.6.27.5 - Unix Sockets Local Kernel Panic (Denial of Service)
Linux Kernel 2.4.36.92.6.27.5 - Unix Sockets Local Kernel Panic Denial of Service include include include include include include static int ownchildint us int pid; int s2; struct msghdr mh; char crap1024; struct iovec iov; struct cmsghdr c; int fd; int rc; pid = fork; if pid == -1 err1, "fork"; ...
security flaw
The bluezsockcreate function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via 1 socket or 2 socketpair call with a negative protocol value...
CVE-2005-0750
The bluezsockcreate function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via 1 socket or 2 socketpair call with a negative protocol value...
CVE-2000-0489
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers...