Searching posix software vulnerabilities

Next Generation POSIX Threading (NGPT) 1.9.0 us

Generation | Threading | POSIX | Next |

Next Generation POSIX Threading (NGPT) 1.9.0 uses a filesystem-based shared memory entry, which allows local users to cause a denial of service or in threaded processes or spoof files via unknown methods.


Elm ME+ 2.4 before PL109S, when installed setgi

unspecified | privileges | installed | operating | support | vectors | certain | allows | PL109S | setgid | modify | system | before | group | files | users | POSIX | lacks | saved | local | mail | read | Elm | ME+ | via |

Elm ME+ 2.4 before PL109S, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group via unspecified vectors.


Race condition in the can_open function in Elm

privileges | operating | installed | condition | can_open | function | certain | support | allows | modify | system | setgid | files | group | users | local | lacks | POSIX | saved | Race | mail | read | Elm | ME+ |

Race condition in the can_open function in Elm ME+ 2.4, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group.


The POSIX component of Microsoft Windows NT and

Microsoft | component | Windows | POSIX |

The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.


The POSIX Capability Linux Security Module (LSM

Capability | Security | Module | POSIX | Linux |

The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.


Certain system calls in Apple Mac OS X 10.4.1 d

Certain | system | Apple | calls | Mac |

Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain directories without the POSIX read bit set, but with the execute bits set for group or other, which allows local users to list files in otherwise restricted directories.


AFP Server for Mac OS X 10.4.1, when using an A

Server | Mac | AFP |

AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does not properly remove an ACL when a file is copied to a directory that does not use ACLs, which will override the POSIX file permissions for that ACL.


Exec in Linux kernel 2.6 does not properly clea

multi-threaded | posix-timers | environments | specified | resource | multiple | properly | results | service | number | denial | kernel | single | local | using | quota | cause | users | which | clear | Linux | allow | large | could | does | Exec | than | leak | user | more | not |

Exec in Linux kernel 2.6 does not properly clear posix-timers in multi-threaded environments, which results in a resource leak and could allow a large number of multiple local users to cause a denial of service by using more posix-timers than specified by the quota for a single user.


A locking problem in POSIX timer cleanup handli

handling | cleanup | problem | locking | kernel | Linux | timer | POSIX | exit |

A locking problem in POSIX timer cleanup handling on exit in Linux kernel 2.6.10 to 2.6.14, when running on SMP systems, allows local users to cause a denial of service (deadlock) involving process CPU timers.


Multiple buffer overflows in the POSIX readdir_

arbitrary | readdir_r | overflows | possibly | packages | function | Multiple | service | execute | denial | buffer | cause | allow | POSIX | users | local | code | used | via |

Multiple buffer overflows in the POSIX readdir_r function, as used in multiple packages, allow local users to cause a denial of service and possibly execute arbitrary code via (1) a symlink attack that exploits a race condition between opendir and pathcon calls and changes the filesystem to one with a larger maximum directory-entry name length, or (2) possibly via programmer-introduced errors on operating systems with a small struct dirent, such as Solaris or BeOS, as demonstrated in packages including (a) gcj, (b) KDE, (c) libwww, (d) the Rudiments library, (e) teTeX, (f) xmail, (g) bfbtester, (h) ncftp, (i) netwib, (j) OpenOffice.org, (k) Pike, (l) reprepro, (m) Tcl, and (n) xgsmlib.


Race condition in run_posix_cpu_timers in Linux

run_posix_cpu_timers | condition | kernel | before | Linux | Race |

Race condition in run_posix_cpu_timers in Linux kernel before 2.6.16.21 allows local users to cause a denial of service (BUG_ON crash) by causing one CPU to attach a timer to a process that is exiting.


ufs_vnops.c in FreeBSD 6.1 allows local users t

unspecified | ufs_vnopsc | ftruncate | function | calling | service | defined | FreeBSD | allows | denial | users | which | POSIX | cause | local | VDIR | VLNK | type | file | VREG | not |

ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by calling the ftruncate function on a file type that is not VREG, VLNK or VDIR, which is not defined in POSIX.


Buffer overflow in the POSIX Threads library (l

overflow | Threads | library | Buffer | POSIX |

Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable.


The sys_timer_create function in posix-timers.c

sys_timer_create | posix-timersc | function | service | allows | denial | kernel | cause | users | Linux | local | 26x |

The sys_timer_create function in posix-timers.c for Linux kernel 2.6.x allows local users to cause a denial of service (memory consumption) and possibly bypass memory limits or cause other processes to be killed by creating a large number of posix timers, which are allocated in kernel memory but are not treated as part of the process' memory.


JFFS2, as used on One Laptop Per Child (OLPC) b

Laptop | Child | JFFS2 | used | Per | One |

JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly other Linux systems, when POSIX ACL support is enabled, does not properly store permissions during (1) inode creation or (2) ACL setting, which might allow local users to access restricted files or directories after a remount of a filesystem, related to "legacy modes" and an inconsistency between dentry permissions and inode permissions.


Software vulnerabilities results 1 to 16 of 16     
Page: 1