signal software vulnerabilities
vulnerabilities.aspcode.net
Searching signal software vulnerabilities
IMAP 4.1 BETA, and possibly other versions, doe
versions
|
properly
|
possibly
|
SIGABRT
|
handle
|
other
|
IMAP
|
BETA
|
does
|
not
|
IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
The shared memory scoreboard in the HTTP daemon
scoreboard
|
daemon
|
Apache
|
before
|
memory
|
shared
|
HTTP
|
13x
|
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
stunnel 4.0.3 and earlier allows attackers to c
stunnel
|
stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter.
/bin/su in QNX realtime operating system (RTOS)
operating
|
realtime
|
/bin/su
|
system
|
QNX
|
/bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows local users to obtain sensitive information from core dump files by sending the SIGSERV (invalid memory reference) signal.
The Clear Channel Assessment (CCA) algorithm in
Assessment
|
Channel
|
Clear
|
The Clear Channel Assessment (CCA) algorithm in the IEEE 802.11 wireless protocol, when using DSSS transmission encoding, allows remote attackers to cause a denial of service via a certain RF signal that causes a channel to appear busy (aka "jabber"), which prevents devices from transmitting data.
Linux kernel 2.4.x and 2.6.x for x86 allows loc
service
|
allows
|
denial
|
kernel
|
users
|
cause
|
Linux
|
local
|
26x
|
x86
|
24x
|
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
Multiple signal handler race conditions in luke
conditions
|
lukemftpd
|
Multiple
|
handler
|
signal
|
race
|
Multiple signal handler race conditions in lukemftpd (aka tnftpd before Tuesday, August 10, 2004) allow remote authenticated attackers to cause a denial of service or execute arbitrary code.
statd in nfs-utils 1.257 and earlier does not i
nfs-utils
|
statd
|
statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.
Multiple syscalls in the compat subsystem for N
subsystem
|
syscalls
|
Multiple
|
service
|
denial
|
before
|
NetBSD
|
compat
|
cause
|
allow
|
local
|
users
|
Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions.
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possi
LoginGraceTime
|
non-privileged
|
separation
|
terminated
|
connection
|
exceeding
|
privilege
|
attackers
|
versions
|
properly
|
possibly
|
process
|
service
|
setting
|
session
|
OpenSSH
|
remote
|
allows
|
leaves
|
signal
|
denial
|
sshdc
|
361p2
|
cause
|
which
|
using
|
after
|
371p2
|
other
|
been
|
does
|
open
|
not
|
has
|
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to cause a denial of service (connection consumption).
vsftpd before 1.2.2, when under heavy load, all
before
|
vsftpd
|
vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service (crash) via a SIGCHLD signal during a malloc or free call, which is not re-entrant.
The internal_dump function in Mathopd before 1.
internal_dump
|
overwrite
|
triggered
|
arbitrary
|
function
|
SIGWINCH
|
running
|
symlink
|
Mathopd
|
allows
|
before
|
signal
|
option
|
attack
|
files
|
local
|
users
|
16b6
|
15p5
|
dump
|
BETA
|
via
|
16x
|
The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is running with the -n option, allows local users to overwrite arbitrary files via a symlink attack on dump files that are triggered by a SIGWINCH signal.
The Linux kernel 2.6 before 2.6.12.1 allows loc
before
|
kernel
|
Linux
|
The Linux kernel 2.6 before 2.6.12.1 allows local users to cause a denial of service (kernel panic) via a non group-leader thread executing a different program than was pending in itimer, which causes the signal to be delivered to the old group-leader task, which does not exist.
The handle_stop_signal function in signal.c in
handle_stop_signal
|
function
|
signalc
|
kernel
|
Linux
|
The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up to other versions before 2.6.13 and 2.6.12.6 allows local users to cause a denial of service (deadlock) by sending a SIGKILL to a real-time threaded process while it is performing a core dump.
Signal handler race condition in Sendmail 8.13.
condition
|
Sendmail
|
handler
|
before
|
Signal
|
race
|
813x
|
Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.
The __group_complete_signal function in the RCU
__group_complete_signal
|
handling
|
function
|
signal
|
RCU
|
The __group_complete_signal function in the RCU signal handling (signal.c) in Linux kernel 2.6.16, and possibly other versions, has unknown impact and attack vectors related to improper use of BUG_ON.
Signal handler race condition in OpenSSH before
condition
|
attackers
|
OpenSSH
|
service
|
handler
|
remote
|
denial
|
Signal
|
before
|
allows
|
cause
|
race
|
Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
The signal handling in the Linux kernel 2.6.2 a
handling
|
kernel
|
signal
|
Linux
|
The signal handling in the Linux kernel 2.6.2 and later, when run on PowerPC systems using HTX, allows local users to cause a denial of service via unspecified vectors involving floating point corruption and concurrency.
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the
Apache
|
httpd
|
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."
Linux kernel 2.4.35 and other versions allows l
kernel
|
Linux
|
Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death signal (PR_SET_PDEATHSIG).
Software vulnerabilities results 1 to 20 of 24
Page:
1
2
►