Summary
=======
Cisco 10000, uBR10012 and uBR7200 series devices use a User Datagram
Protocol (UDP) based Inter-Process Communication (IPC) channel that
is externally reachable. An attacker could exploit this vulnerability
to cause a denial of service (DoS) condition on affected devices. No
other platforms are affected.
Cisco has released free software updates that address this
Local exploitation of an integer signedness error in Sun Microsystem's
Solaris could allow attackers to disclose sensitive information from
memory.
The FIFO FS (First In First Out File System) is a service provided by
the kernel that is commonly used for IPC (InterProcess Communication).
A FIFO is represented as a node in the file system, and is similar to
the concept of named pipes in Windows.
The vulnerability exists in the kernel ioctl() handler for FIFOs. The
I_PEEK ioctl is used to peek at a number of bytes contained in the FIFO
Details:
The vulnerability arises due to the mechanism used for
Inter-Process Communication (IPC) between NLNOTES and NTASKLDR.
IPC is performed via memory mapped files. When the files are
created a NULL is passed to the ACL parameter resulting in EVERYONE
being granted 'full-control'.
The result of this is that an attacker can read the contents of
v1.1 2011-10-04 Updated patch to add linux emulation bug fix.
I. Background
UNIX-domain sockets, also known as "local" sockets, are a mechanism for
interprocess communication. They are similar to Internet sockets (and
utilize the same system calls) but instead of relying on IP addresses
and port numbers, UNIX-domain sockets have addresses in the local file
system address space.
FreeBSD contains "linux emulation" support via system call translation
in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled,
allows remote attackers to cause a denial of service (system crash)
via an SCTPChunkInit packet containing multiple invalid parameters
that require a large amount of error data. (CVE-2010-1173)
The Transparent Inter-Process Communication (TIPC) functionality in
Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions,
allows local users to cause a denial of service (kernel OOPS) by
sending datagrams through AF_TIPC before entering network mode,
which triggers a NULL pointer dereference. (CVE-2010-1187)
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.
I. Background
Pipes are a form of inter-process communication (IPC) provided by the
FreeBSD kernel. kqueue is an event management API that applications can
use to monitor pipes and other kernel services.
II. Problem Description
http://labs.idefense.com/intelligence/vulnerabilities/
Nov 14, 2007
I. BACKGROUND
Mach ports are used to provide inter-process communication (IPC)
facilities on Mac OS X. More information can be found on the vendor's
site at the following URL.
http://developer.apple.com/documentation/Darwin/Conceptual/KernelProgramming/boundaries/chapter_14_section_4.html
following sections, please visit <URL:http://security.FreeBSD.org/>.
I. Background
UNIX-domain sockets, also known as "local" sockets, are a mechanism for
interprocess communication. They are similar to Internet sockets (and
utilize the same system calls) but instead of relying on IP addresses
and port numbers, UNIX-domain sockets have addresses in the local file
system address space.
II. Problem Description
in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled,
allows remote attackers to cause a denial of service (system crash)
via an SCTPChunkInit packet containing multiple invalid parameters
that require a large amount of error data. (CVE-2010-1173)
The Transparent Inter-Process Communication (TIPC) functionality in
Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions,
allows local users to cause a denial of service (kernel OOPS) by
sending datagrams through AF_TIPC before entering network mode,
which triggers a NULL pointer dereference. (CVE-2010-1187)
