3797 matches found
USN-637-1: Linux kernel vulnerabilities
It was discovered that there were multiple NULL-pointer function dereferences in the Linux kernel terminal handling code. A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service. CVE-2008-2812 The dochangetype routine did not...
SuSe mount/umount溢出漏洞
由于mount/umount命令没有对用户的输入进行正确的边界检查,如果攻击者以超长的相对路径名为参数运行mount/umount程序,将会覆盖为realpath函数动态分配的内存空间的内容。攻击者通过修改堆heap数据有可能会获得root特权。 SuSe Linux 所有版本 Package: util 2.10f 升级util软件包,或去掉mount/umount的suid位。 ftp://ftp.suse.com/pub/suse/axp/update/6.1/a1/util-2.10f-4.alpha.rpm...
CVE-2008-2308
Unspecified vulnerability in Alias Manager in Apple Mac OS X 10.5.1 and earlier on Intel platforms allows local users to gain privileges or cause a denial of service memory corruption and application crash by resolving an alias that contains crafted AFP volume mount information...
Memory corruption
Unspecified vulnerability in Alias Manager in Apple Mac OS X 10.5.1 and earlier on Intel platforms allows local users to gain privileges or cause a denial of service memory corruption and application crash by resolving an alias that contains crafted AFP volume mount information...
CVE-2008-2308
Unspecified vulnerability in Alias Manager in Apple Mac OS X 10.5.1 and earlier on Intel platforms allows local users to gain privileges or cause a denial of service memory corruption and application crash by resolving an alias that contains crafted AFP volume mount information...
SOL8924 - Linux kernel vulnerability CVE-2007-3843
A flaw in the CIFS handling of the mount option sec= that did not enable integrity checking and did not produce any error message. Information about this advisory is available at the following location:...
openSUSE 10 Security Update : cifs-mount (cifs-mount-5294)
Samba has been updated to fix a security problem : CVE-2008-1105: Secunia research discovered vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the 'receivesmbraw' function in...
RHEL 5 : kernel (RHSA-2008:0089)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2008:0089 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. These new kernel packages fix the following security...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix several security issues and several bugs in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any...
Debian Security Advisory DSA 823-1 (util-linux)
The remote host is missing an update to util-linux announced via advisory DSA 823-1. David Watson discoverd a bug in mount as provided by util-linux and other packages such as loop-aes-utils that allows local users to bypass filesystem access restrictions by re-mounting it read-only. For the old...
Debian: Security Advisory (DSA-823-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1237-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1450-1 : util-linux - programming error
It was discovered that util-linux, miscellaneous system utilities, didn't drop privileged user and group permissions in the correct order in the mount and umount commands. This could potentially allow a local user to gain additional privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Debian DSA-1449-1 : loop-aes-utils - programming error
It was discovered that loop-aes-utils, tools for mounting and manipulating filesystems, didn't drop privileged user and group permissions in the correct order in the mount and umount commands. This could potentially allow a local user to gain additional privileges. %NASLMINLEVEL 70300 C Tenable...
[SECURITY] [DSA 1450-1] New util-linux packages fix programming error
------------------------------------------------------------------------ Debian Security Advisory DSA-1450-1 [email protected] http://www.debian.org/security/ Steve Kemp January 05, 2008 http://www.debian.org/security/faq -...
CentOS 4 : autofs5 (CESA-2007:1177)
Updated autofs5 technology preview packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The autofs utility controls the operation of the automount daemon, which...
Fedora 7 : autofs-5.0.1-31 (2007-4709)
Fri Dec 21 2007 Ian Kent - 5.0.1-31 - Bug 426399: CVE-2007-6285 autofs default doesn't set nodev in /net f7 - use mount option 'nodev' for '-hosts' map unless 'dev' is explicily specified. - Tue Dec 18 2007 Ian Kent - 5.0.1-30 - Bug 397591 SELinux is preventing /sbin/rpc.statd rpcdt 'search' to...
Fedora 8 : autofs-5.0.2-24 (2007-4707)
Fri Dec 21 2007 Ian Kent - 5.0.2-24 - Bug 426400: CVE-2007-6285 autofs default doesn't set nodev in /net f8 - use mount option 'nodev' for '-hosts' map unless 'dev' is explicily specified. - Tue Dec 18 2007 Ian Kent - 5.0.2-22 - Bug 397591 SELinux is preventing /sbin/rpc.statd rpcdt 'search' to...
CVE-2007-6285
The default configuration for autofs 5 autofs5 in some Linux distributions, such as Red Hat Enterprise Linux RHEL 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special devic...
Important: Red Hat Security Advisory: autofs security update
Updated autofs packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The autofs utility controls the operation of the automount daemon, which automatically mounts...