23 matches found
WordPress plugin Video Share VOD 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...
WordPress Video Share VOD plugin <= 2.6.30 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Video Share VOD versions = 2.6.30...
SUSE CVE-2009-1897
The tunchrpoll function in drivers/net/tun.c in the tun subsystem in the Linux kernel 2.6.30 and 2.6.30.1, when the -fno-delete-null-pointer-checks gcc option is omitted, allows local users to gain privileges via vectors involving a NULL pointer dereference and an mmap of /dev/net/tun, a differen...
Collectric CMU 1.0 - lang SQL injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Collectric CMU 1.0 - 'lang' SQL injection Google Dork: "Inloggning Collectric CMU" Discoverer: Simon Brannstrom Vendor Homepage: http://ourenergy.se/ Software Link: n/a Version: All known versions Tested on: Linux CVE: N/A About...
Linux Kernel <= 2.6.30 atalk_getname() 8-bytes Stack Disclosure Exploit
No description provided by source. / appleak.c Linux keunouille = 2.6.30 AppleTalk getsockname 8-bytes kernel stack disclosure http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3d392475c873c10c10d6d96b94d092a34ebd4791 atalkgetname can leak 8 bytes of kernel memory to use...
Linux Kernel 2.6.x 'splice(2)' Double Lock Local Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/35143/info The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to cause an affected process to hang, denying service to legitimate users. Other denial-of-service attacks...
Linux Kernel 2.6.30 'tun_chr_pool()' NULL Pointer Dereference Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/35724/info The Linux kernel is prone to a local NULL-pointer dereference vulnerability. A local attacker can exploit this issue to execute arbitrary code with superuser privileges or crash an affected kernel, denying...
Immunity Canvas: FS_PIPE_RACE_TO_NULL
Name| fspiperacetonull ---|--- CVE| CVE-2009-3547 Exploit Pack| CANVAS Description| fspiperacetonull local root Notes| Repeatability: Infinite NOTES: Tested on Ubuntu 9.04 32-bit, Ubuntu 9.10 32-bit, kernels 2.6.28|29|30|31 Vulnerable kernels = 2.6.31 32bit. VENDOR: Linux CVE Url:...
CVE-2012-2736
In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network...
Linux Kernel 'fasync_helper()' Local Privilege Escalation Vulnerability
Exploit for linux platform in category local exploits ======================================================================= Linux Kernel 'fasynchelper' Local Privilege Escalation Vulnerability ======================================================================= Credit: Tavis Ormandy...
CVE-2009-4410
The fuseioctlcopyuser function in the ioctl handler in fs/fuse/file.c in the Linux kernel 2.6.29-rc1 through 2.6.30.y uses the wrong variable in an argument to the kunmap function, which allows local users to cause a denial of service panic via unknown vectors...
Linux Kernel <= 2.6.30 atalk_getname() 8-bytes Stack Disclosure Exploit
No description provided by source. / appleak.c Linux keunouille = 2.6.30 AppleTalk getsockname 8-bytes kernel stack disclosure http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3d392475c873c10c10d6d96b94d092a34ebd4791 atalkgetname can leak 8 bytes of kernel memory to use...
Linux Kernel 2.6.30 - atalk_getname() 8-bytes Stack Disclosure (1)
Linux Kernel 2.6.30 - atalkgetname 8-bytes Stack Disclosure 1 / appleak.c Linux keunouille / include include include include include include include include include include include void kernopint fd / from Jon Oberheide sploit / const int randcalls = NRread, NRwrite, NRopen, NRclose, NRstat,...
CVE-2009-2848
CVE-2009-2848 is confirmed in connected material as applicable to MiracleLinux kernel package 2.6.18-128.10AXS3, aligning with the Linux kernel vulnerability where execve does not properly clear current->clear_child_tid during thread creation/exit. This misbehavior can enable local users to ca...
Linux Kernel < 2.6.30.5 - 'cfg80211' Remote Denial of Service
/ cfg80211-remote-dos.c Linux Kernel http://jon.oberheide.org Information: http://patchwork.kernel.org/patch/41218/ These pointers can be NULL, the ismesh case isn't ever hit in the current kernel, but cmpies can be hit under certain conditions. Usage: $ gcc cfg80211-remote-dos.c -o...
Check Point response to the "Linux 2.6.30 kernel 0day" vulnerability
...
CVE-2009-1897
The CVE affects the Linux kernel tun/tun_chr_poll path: the tun_chr_poll function in drivers/net/tun.c for Linux kernel versions 2.6.30 and 2.6.30.1. The underlying issue is that, when the -fno-delete-null-pointer-checks option is omitted, a NULL pointer dereference can be triggered via a NULL de...
PT-2009-4357 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.30 and 2.6.30.1 Description: The issue allows local users to gain privileges via vectors involving a NULL pointer dereference and an mmap of /dev/net/tun. This is due to the tun chr poll function in drivers/net/tun.c...
Linux 2.6.30+/SELinux/RHEL5 Test Kernel Local Root Exploit 0day
No description provided by source. / super fun 2.6.30+/RHEL5 2.6.18 local kernel exploit in /dev/net/tun A vulnerability which, when viewed at the source level, is unexploitable! But which, thanks to gcc optimizations, becomes exploitable : Also, bypass of mmapminaddr via SELinux vulnerability!...
Linux Kernel 2.6.30 - tun_chr_pool() Null Pointer Dereference
Linux Kernel 2.6.30 - tunchrpool Null Pointer Dereference source: https://www.securityfocus.com/bid/35724/info The Linux kernel is prone to a local NULL-pointer dereference vulnerability. A local attacker can exploit this issue to execute arbitrary code with superuser privileges or crash an...