socket getline software vulnerabilities
vulnerabilities.aspcode.net
Searching socket getline software vulnerabilities
Vulnerability in AIX 4.1.4 and HP-UX 10.01 and
Vulnerability
|
AIX
|
Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost.
Buffer overflow in LISa allows local users to g
environment
|
overflow
|
variable
|
resLISa
|
LOGNAME
|
daemon
|
socket
|
access
|
allows
|
Buffer
|
local
|
users
|
LISa
|
gain
|
long
|
raw
|
via
|
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon.
The secldapclntd daemon in AIX 4.3, 5.1 and 5.2
communicating
|
unauthorized
|
secldapclntd
|
loadmodule
|
activities
|
attackers
|
directly
|
Internet
|
connect
|
conduct
|
daemon
|
socket
|
remote
|
allows
|
which
|
uses
|
AIX
|
The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the loadmodule, which allows remote attackers to directly connect to the daemon and conduct unauthorized activities.
Integer signedness error in emalloc() function
signedness
|
Integer
|
error
|
Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions.
Apache 2 before 2.0.47, when running on an IPv6
before
|
Apache
|
Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket.
Integer signedness error in the Linux Socket Fi
implementation
|
signedness
|
Integer
|
Socket
|
Filter
|
error
|
Linux
|
Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to 2.4.22-pre10 allows attackers to cause a denial of service (crash).
GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before
before
|
244x
|
GDM
|
GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit the number or duration of commands and uses a blocking socket connection, which allows attackers to cause a denial of service (resource exhaustion) by sending commands and not reading the results.
XDM in XFree86 opens a chooserFd TCP socket eve
DisplayManagerrequestPort
|
restrictions
|
violation
|
attackers
|
chooserFd
|
intended
|
XFree86
|
connect
|
remote
|
socket
|
allow
|
opens
|
which
|
could
|
port
|
even
|
XDM
|
TCP
|
XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.
Multiple buffer overflows in (1) the getline fu
overflows
|
Multiple
|
buffer
|
Multiple buffer overflows in (1) the getline function in pcalutil.c and (2) the get_holiday function in readfile.c for pcal 4.7.1 allow remote attackers to execute arbitrary code via a crafted calendar file.
The X server in SCO UnixWare 7.1.1, 7.1.3, and
UnixWare
|
server
|
SCO
|
The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets.
D-BUS (dbus) before 0.22 does not properly rest
D-BUS
|
D-BUS (dbus) before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user's per-user session bus via that socket.
Soldner Secret Wars 30830 and earlier does not
Soldner
|
Secret
|
Wars
|
Soldner Secret Wars 30830 and earlier does not properly handle the "message too long" socket error, which allows remote attackers to cause a denial of service (socket termination) via a long UDP packet.
HylaFax 4.2.1 and earlier does not create or ve
HylaFax
|
HylaFax 4.2.1 and earlier does not create or verify ownership of the UNIX domain socket, which might allow local users to read faxes and cause a denial of service by creating the socket using the hyla.unix temporary file.
Multiple unspecified vulnerabilities in Solaris
vulnerabilities
|
unspecified
|
Processing
|
Multiple
|
service
|
Solaris
|
allows
|
denial
|
Socket
|
Option
|
cause
|
local
|
users
|
SCTP
|
Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors.
Battle Carry .005 and earlier allows remote att
Battle
|
Carry
|
Battle Carry .005 and earlier allows remote attackers to cause a denial of service (inaccessible port) via a large packet, which triggers a socket error and terminates the socket that is listening on the server's UDP port.
The ip6_savecontrol function in NetBSD 2.0 thro
ip6_savecontrol
|
configurations
|
IPv4-mapped
|
processing
|
function
|
sockets
|
options
|
service
|
through
|
certain
|
before
|
allows
|
NetBSD
|
denial
|
socket
|
users
|
cause
|
which
|
local
|
under
|
check
|
being
|
does
|
IPv6
|
used
|
see
|
not
|
The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check to see if IPv4-mapped sockets are being used before processing IPv6 socket options, which allows local users to cause a denial of service (crash) by creating an IPv4-mapped IPv6 socket with the SO_TIMESTAMP socket option set, then sending an IPv4 packet through the socket.
The accept function in NetBSD-current before 20
NetBSD-current
|
function
|
before
|
accept
|
The accept function in NetBSD-current before Monday, October 23, 2006, NetBSD 3.0 and 3.0.1 before Tuesday, October 24, 2006, and NetBSD 2.x before Sunday, October 29, 2006 allows local users to cause a denial of service (socket consumption) via an invalid (1) name or (2) namelen parameter, which may result in the socket never being closed (aka "a dangling socket").
net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to
net/ipv6/tcp_ipv6c
|
ipv6_fl_socklist
|
inadvertently
|
listening
|
2621-rc3
|
sockets
|
service
|
socket
|
allows
|
denial
|
kernel
|
copies
|
cause
|
local
|
users
|
Linux
|
child
|
which
|
26x
|
TCP
|
net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double-free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket.
Memory leak in the PPP over Ethernet (PPPoE) so
Ethernet
|
Memory
|
over
|
leak
|
PPP
|
Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.
BEA WebLogic Server 9.0 through 9.2 allows remo
attackers
|
WebLogic
|
through
|
service
|
denial
|
remote
|
Server
|
allows
|
cause
|
BEA
|
BEA WebLogic Server 9.0 through 9.2 allows remote attackers to cause a denial of service (SSL port unavailability) by accessing a half-closed SSL socket.
Software vulnerabilities results 1 to 20 of 76
Page:
1
2
3
4
►