HP-UX Security Patch : PHKL_28267

thread perf, user limit, cumulative VM %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26387; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

HP-UX Security Patch : PHKL_27278

mmap io,VM-JFS ddlock,thread perf,user limit %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26371; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

Race condition

Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service panic via unspecified vectors related to "the handling of thread contexts."...

CVE-2007-5132

Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service panic via unspecified vectors related to "the handling of thread contexts."...

Solaris 8 (sparc) : 126125-01

SunOS 5.8: thread patch. Date this patch was last updated by Sun : Aug/29/07 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if ! definedfunc"bnrandom"...

asp,PHP and. net forge HTTP-REFERER method and forgery preventing REFERER-bug warning-the black bar safety net

HTTP-REFERER this variable has been increasingly unreliable, and completely is what can be forged out of the stuff. The following is the forged method: ASP/Visual Basic code dim http set http=server. createobject"MSXML2. XMLHTTP" '//MSXML2. serverXMLHTTP also can Http. open "GET",url,false Http...

[SECURITY] Fedora 7 Update: quagga-0.99.9-1.fc7

Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Rout...

cyrus security update

CentOS Errata and Security Advisory CESA-2007:0795 An updated cyrus-sasl package that addresses a security issue and fixes various other bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The...

Moderate: cyrus-sasl security and bug fix update

2.1.19-14 - Related: bz250732 Fixed a conflict with an earlier test patch 2.1.19-13 - Related: bz250732 Fixed uninitialized stack variable causing segfault 2.1.19-12 - Resolves: bz250732 sasl-sample-server crashes with null realm 2.1.19-11 - Resolves: bz243910 krb5-libs are not thread-safe -...

Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities

source: https://www.securityfocus.com/bid/25258/info Systrace is prone to multiple concurrency vulnerabilities due to its implementation of system call wrappers. This problem can result in a race condition between a user thread and the kernel. Attackers can exploit these issues by replacing certa...

ViRC 2.0 (JOIN Response) Remote SEH Overwrite Exploit 0day

No description provided by source. !/usr/bin/python ViRC 2.0 'JOIN Response' 0day Remote SEH Overwrite PoC Exploit Bug discovered by Krystian Kloskowski h07 [email protected] Tested on Visual IRC 2.0 / 2k SP4 Polish Shellcode type: Windows Execute Command calc.exe How stuff works ? .. ViRC -----...

Memory corruption

Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server WAS 6.1.0.7 and earlier allows remote attackers to cause a denial of service related to a thread hang, and possibly related to a "TCP issue," or to MPAlarmThread and a resultant memory leak...

Web Thunder(xunlei)0day vulnerability-exposure-vulnerability warning-the black bar safety net

First, the event analysis: DSW Lab AVERT panel monitor to a high risk of hearing ray vulnerability is the exposure, the vulnerability occurs in the Web thunder of one of the controls, when you install Web thunder of the user in browsing hacker carefully constructed to contain malicious code of a...

Design/Logic Flaw

Java Embedding Plugin 0.9.6.1 allows remote attackers to cause a denial of service browser crash via a Thread subclass that calls super.run from its run method...

CVE-2007-2844

PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access...

Race condition

PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access...

CVE-2007-2844

PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access...

CVE-2007-2844

CVE-2007-2844 details (supported by multiple sources): PHP 4.x and 5.x before 5.2.1 running on multi-threaded systems are affected due to a race condition in libc crypt function calls, arising from inadequate mutex protection. This vulnerability can allow remote attackers to overwrite internal pr...

Low: Red Hat Security Advisory: gdb security and bug fix update

An updated gdb package that fixes a security issue and various bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. GDB, the GNU debugger, allows debugging of programs written in C, C++, and other languages by executing them in a...

Tracing execution of a threaded executable causes kernel BUG report

The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service system hang related to "MT exec + utraceattach spin failure mode," as demonstrated by ptrace-thrash.c...