process software vulnerabilities
vulnerabilities.aspcode.net
Searching process software vulnerabilities
LPPlus creates the lpdprocess file with world-w
world-writeable
|
permissions
|
dcclpdshut
|
specifying
|
lpdprocess
|
processes
|
arbitrary
|
alternate
|
specified
|
creates
|
program
|
process
|
allows
|
LPPlus
|
setuid
|
using
|
which
|
local
|
users
|
file
|
kill
|
LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kill arbitrary processes by specifying an alternate process ID and using the setuid dcclpdshut program to kill the process that was specified in the lpdprocess file.
simpleinit on Linux systems does not close a re
read/write
|
descriptor
|
simpleinit
|
privileges
|
arbitrary
|
creating
|
programs
|
process
|
systems
|
execute
|
allows
|
before
|
cause
|
close
|
Linux
|
child
|
which
|
root
|
does
|
FIFO
|
file
|
not
|
simpleinit on Linux systems does not close a read/write FIFO file descriptor before creating a child process, which allows the child process to cause simpleinit to execute arbitrary programs with root privileges.
Unknown vulnerability in the hosting process (d
vulnerability
|
process
|
hosting
|
Unknown
|
Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out of Process Privilege Elevation."
SSH Secure Shell for Servers and SSH Secure She
Workstations
|
Servers
|
Secure
|
Shell
|
SSH
|
SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 through 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows attackers to gain certain privileges.
Race condition in exec in OpenBSD 4.0 and earli
condition
|
OpenBSD
|
earlier
|
NetBSD
|
Race
|
exec
|
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.
The execve system call in Linux 2.4.x records t
descriptors
|
executable
|
descriptor
|
restricted
|
process
|
calling
|
records
|
system
|
execve
|
allows
|
access
|
users
|
local
|
Linux
|
table
|
which
|
call
|
read
|
file
|
gain
|
24x
|
The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.
DiamondCS Process Guard Free 2.000 allows local
DiamondCS
|
Process
|
Guard
|
Free
|
DiamondCS Process Guard Free 2.000 allows local users to disable the process guard protection system by overwriting the current Service Descriptor Table (SDT) in \device\physicalmemory with the original SDT found in ntoskrnl.exe.
SafeNet SoftRemote VPN Client stores the VPN pa
SoftRemote
|
password
|
SafeNet
|
stores
|
Client
|
VPN
|
SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process.
Unknown vulnerability in Kerio Personal Firewal
vulnerability
|
Personal
|
Firewall
|
Unknown
|
Kerio
|
Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions.
The DNTUS26 process in Dameware NT Utilities an
information
|
MiniRemote
|
cleartext
|
Utilities
|
sensitive
|
attackers
|
username
|
password
|
Dameware
|
DNTUS26
|
process
|
earlier
|
Control
|
stores
|
obtain
|
memory
|
which
|
DWRCS
|
allow
|
could
|
The DNTUS26 process in Dameware NT Utilities and the DWRCS process in MiniRemote Control 4.9 and earlier stores the username and password in cleartext in memory, which could allow attackers to obtain sensitive information.
Buffer overflow in Sysinternals Process Explore
Sysinternals
|
Explorer
|
overflow
|
Process
|
Buffer
|
Buffer overflow in Sysinternals Process Explorer 9.23, and other versions before 9.25, allows local users to execute arbitrary code via a long CompanyName field in the VersionInfo information in a running process.
** DISPUTED ** NOTE: this issue has been dispu
DISPUTED
|
** DISPUTED ** NOTE: this issue has been disputed by third parties. Microsoft Windows XP, 2000, and 2003 allows local users to kill a writable process by using the CreateRemoteThread function with certain arguments on a process that has been opened using the OpenProcess function, possibly involving an invalid address for the start routine. NOTE: followup posts have disputed this issue, saying that if a user already has privileges to write to a process, then other functions could be called or the process could be terminated using PROCESS_TERMINATE.
AVG Anti-Virus plus Firewall 7.5.431 relies on
Anti-Virus
|
Firewall
|
plus
|
AVG
|
AVG Anti-Virus plus Firewall 7.5.431 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.
Comodo Personal Firewall 2.3.6.81 relies on the
Firewall
|
Personal
|
Comodo
|
Comodo Personal Firewall 2.3.6.81 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.
Filseclab Personal Firewall 3.0.0.8686 relies o
Filseclab
|
Firewall
|
Personal
|
Filseclab Personal Firewall 3.0.0.8686 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.
Soft4Ever Look 'n' Stop (LnS) 2.05p2 before 200
Soft4Ever
|
Stop
|
Look
|
'n'
|
Soft4Ever Look 'n' Stop (LnS) 2.05p2 before Friday, December 15, 2006 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.
Sygate Personal Firewall 5.6.2808 relies on the
Firewall
|
Personal
|
Sygate
|
Sygate Personal Firewall 5.6.2808 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the
Apache
|
httpd
|
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."
The process scheduler in the Sun Solaris kernel
statistics
|
scheduling
|
scheduler
|
gathered
|
sampling
|
performs
|
periodic
|
process
|
service
|
Solaris
|
billing
|
denial
|
kernel
|
allows
|
cause
|
users
|
local
|
which
|
ticks
|
based
|
does
|
make
|
kept
|
upon
|
Sun
|
not
|
CPU
|
use
|
The process scheduler in the Sun Solaris kernel does not make use of the process statistics kept by the kernel and performs scheduling based upon CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges."
Linux kernel 2.4.35 and other versions allows l
kernel
|
Linux
|
Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death signal (PR_SET_PDEATHSIG).
Software vulnerabilities results 1 to 20 of 292
Page:
1
2
3
4
5
...
15
►