33 matches found
Disconf 安全漏洞
Disconf is a distributed configuration management platform by the individual developer Qiqi Liao. A security vulnerability exists in Disconf version 2.6.36, which stems from improper authentication...
PT-2024-16416 · Knightliao · Disconf
Name of the Vulnerable Software and Affected Versions: knightliao Disconf version 2.6.36 Description: A critical issue has been found, affecting an unknown part of the file /api/config/list of the component Configuration Center. This leads to improper authentication and can be initiated remotely...
SUSE CVE-2010-3080
Double free vulnerability in the sndseqossopen function in sound/core/seq/oss/seqossinit.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful attempt to open the /dev/sequencer device...
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authenticated Command Injection
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authenticated Command Injection Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...
KZTech / JatonTec / Neotel JT3500V 4G LTE CPE 2.0.1 - Command Injection (Authenticated) Vulnerabilit
Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Command Injection Authenticated Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page:...
Libc Realpath缓冲区下溢漏洞(CVE-2018-1000001)
Introduction The vulnerability described here is caused by Linux kernel behaviour change in the syscall API returning relative pathnames in getcwd and non-defensive function implementation in libc failing to process that pathname correctly. Other libraries are very likely to be affected as well. ...
EnGenius EnShare IoT Gigabit Cloud Service 1.4.11 - Remote Code Execution Exploit
Exploit for hardware platform in category web applications !/usr/bin/env python coding: utf8 EnGenius EnShare IoT Gigabit Cloud Service 1.4.11 Root Remote Code Execution Vendor: EnGenius Technologies Inc. Product web page: https://www.engeniustech.com Affected version: ESR300 1.4.9, 1.4.7, 1.4.2,...
SOL16781 - Linux kernel vulnerability CVE-2014-3535
include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdevprintk and its related logging implementation, which allows remote attackers to cause a denial of service NULL pointer dereference and system crash by sending invalid packets to a VxLAN interface...
Openswan < 2.6.36 IKE Packet NULL Pointer Dereference Remote DoS
The remote host is running a version of Openswan prior to version 2.6.36. It is, therefore, affected by a remote denial of service vulnerability due to a NULL pointer dereference flaw. A remote attacker, using a specially crafted ISAKMP message with an invalid KEYLENGTH attribute, can cause a...
Linux Kernel < 2.6.36-rc6 pktcdvd Kernel Memory Disclosure
No description provided by source. / cve-2010-3437.c Linux Kernel 2.6.36-rc6 pktcdvd Kernel Memory Disclosure Jon Oberheide [email protected] http://jon.oberheide.org Information: https://bugzilla.redhat.com/showbug.cgi?id=638085 The PKTCTRLCMDSTATUS device ioctl retrieves a pointer to a...
Linux Kernel <= 2.6.36-rc8 - RDS Protocol Local Privilege Escalation
No description provided by source. //source: http://www.vsecurity.com/resources/advisory/20101019-1/ / Linux Kernel = 2.6.36-rc8 RDS privilege escalation exploit CVE-2010-3904 by Dan Rosenberg [email protected] Copyright 2010 Virtual Security Research, LLC The handling functions for sendin...
kernel: CAN info leak
The bcmconnect function in net/can/bcm.c aka the Broadcast Manager in the Controller Area Network CAN implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensiti...
Linux Kernel SCTP INIT/INIT-ACK块长度远程拒绝服务漏洞
Bugtraq ID: 47308 Linux是一款开放源代码的操作系统。 在计算INIT/INIT-ACK块长度时,代码只计算了参数长度,而没有计算参数的零填充长度,如AUTH HMACS参数和CHUNKS参数。没有计算零填充长度参数可导致内核触发oops。 Linux kernel 2.6.38 Linux kernel 2.6.37 Linux kernel 2.6.37 Linux kernel 2.6.36 Linux kernel 2.6.35 Linux kernel 2.6.35 Linux kernel 2.6.35 Linux kernel 2.6.34 Linux...
kernel: heap contents leak for CAP_NET_ADMIN via ethtool ioctl
net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability for an ethtool ioctl call...
kernel: missing tty ops write function presence check in hci_uart_tty_open()
The hciuartttyopen function in the HCI UART driver drivers/bluetooth/hcildisc.c in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, which allows local users to cause a denial of service NULL pointer dereference via vectors related to the...
kernel: heap contents leak for CAP_NET_ADMIN via ethtool ioctl
net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability for an ethtool ioctl call...
kernel: drivers/sound/pci/rme9652/hdsp.c: reading uninitialized stack memory
The sndhdsphwdepioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRVHDSPIOCTLGETCONFIGINFO ioctl call...
kernel: heap contents leak from ETHTOOL_GRXCLSRLALL
The ethtoolgetrxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize a certain block of heap memory, which allows local users to obtain potentially sensitive information via an ETHTOOLGRXCLSRLALL ethtool command with a large info.rulecnt value, a different...
kernel: drivers/usb/serial/mos*.c: reading uninitialized stack memory
The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, and the 1 mos7720ioctl function in...
CVE-2010-4242
The hciuartttyopen function in the HCI UART driver drivers/bluetooth/hcildisc.c in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, which allows local users to cause a denial of service NULL pointer dereference via vectors related to the...