4579 matches found
Paper: Adventures with a certain Xen vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Invisible Things Lab is proud to present: "Adventures with a certain Xen vulnerability in the PVFB backend" by Rafal Wojtczuk Starring Xen 3.2.0, DomU an ordinary virtual machine, paravirtualized, Dom0 privileged administrative domain running on FC8...
linux/x86 setuid(0) . setgid(0) . aslr_off 79 bytes
No description provided by source. / Linux/x86 Fedora 8 setuid0 + setgid0 + execve"echo 0 /proc/sys/kernel/randomizevaspace" by LiquidWorm 2008 c www.zeroscience.org liquidworm at gmail.com 79 bytes. / char sc = "\x6a\x17" // push $0x17 "\x58" // pop %eax "\x31\xdb" // xor %ebx, %ebx "\xcd\x80" /...
Linux Kernel "do_mremap" Local Proof of Concept
No description provided by source. / Proof-of-concept exploit code for domremap Copyright C 2004 Christophe Devine and Julien Tinnes This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software...
iDefense Security Advisory 02.12.08: ClamAV libclamav PE File Integer Overflow Vulnerability
iDefense Security Advisory 02.12.08 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 12, 2008 I. BACKGROUND Clam AntiVirus is a multi-platform GPL anti-virus toolkit. ClamAV is often integrated into e-mail gateways and used to scan e-mail traffic for viruses. It supports virus scanning...
Apple QuickTime 7.2/7.3 RSTP Response Code Exec Exploit (Vista/XP)
No description provided by source. / ============================================================= Apple Quicktime Vista/XP RSTP Response Remote Code Exec ============================================================= Discovered by: h07 Author: InTeL Tested on:...
aquick-rstp.txt
/ ============================================================= Apple Quicktime Vista/XP RSTP Response Remote Code Exec ============================================================= Discovered by: h07 Author: InTeL Tested on: - Quicktime 7.3 on Windows Vista, Result: SEH Overwrite, Code Exec -...
Apple QuickTime 7.2/7.3 RSTP Response Code Exec Exploit (Vista/XP)
Exploit for unknown platform in category remote exploits ================================================================== Apple QuickTime 7.2/7.3 RSTP Response Code Exec Exploit Vista/XP ================================================================== /...
Apple QuickTime 7.2/7.3 (Windows Vista/XP) - RSTP Response Code Execution
/ ============================================================= Apple Quicktime Vista/XP RSTP Response Remote Code Exec ============================================================= Discovered by: h07 Author: InTeL Tested on: - Quicktime 7.3 on Windows Vista, Result: SEH Overwrite, Code Exec -...
CheckPoint Secure Platform Multiple Buffer Overflows
Hi all, we have published a paper about CheckPoint Firewall-1 vulnerabilities. The platform tested is the Secure Platform R60. We have found many buffer overflows. Most of them are located in command line utilities that can be exploited locally. A very few of them maybe can be exploited remotely,...
Design/Logic Flaw
The administrative interface aka DkService.exe in Diskeeper 9 Professional, 2007 Pro Premier, and probably other versions exposes a memory comparison function via RPC over TCP, which allows remote attackers to 1 obtain sensitive information process memory contents, as demonstrated by an attack th...
CVE-2007-4375
The administrative interface aka DkService.exe in Diskeeper 9 Professional, 2007 Pro Premier, and probably other versions exposes a memory comparison function via RPC over TCP, which allows remote attackers to 1 obtain sensitive information process memory contents, as demonstrated by an attack th...
CVE-2007-4375
The CVE-2007-4375 entry concerns the administrative interface (DkService.exe) in Diskeeper 9 Professional, 2007 Pro Premier, and likely other versions. A memory comparison function is exposed via RPC over TCP, enabling remote attackers to (1) read process memory contents (e.g., obtain module base...
diskeeper-disclose.txt
Diskeeper Remote Memory Disclosure Credit: Pravus pravus -a-t- hush -d-o-t- com Greetz: Scientology for making a remotely accessible disk defragmenter. Felix, Jenna, and Isaac. Vulnerability Description: This vulnerability involves a memory comparison function that is remotely, anonymously...
NaviCOPA Web Server 2.01 - Remote Buffer Overflow (Metasploit)
NaviCOPA Web Server 2.01 - Remote Buffer Overflow Metasploit This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core...
GNU/Linux mbse-bbs <= 0.70.0 Local Buffer Overflow Exploit
No description provided by source. / GNU/Linux mbse-bbs 0.70.0 & below stack overflow exploit ======================================================== Multiple overflow conditions occur within mbse-bbs versions 0.70.0 & below...
GNULinux mbse-bbs 0.70.0 - Local Buffer Overflow
GNULinux mbse-bbs 0.70.0 - Local Buffer Overflow / GNU/Linux mbse-bbs 0.70.0 & below stack overflow exploit ======================================================== Multiple overflow conditions occur within mbse-bbs versions 0.70.0 & below. The current version of mbse-bbs does not contain these...
CVE-2004-1983
The archgetunmappedarea function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization ASLR is enabled, allows local users to cause a denial of service infinite loop via unknown attack vectors...
CVE-2004-1983
CVE-2004-1983 involves the arch_get_unmapped_area function in mmap.c within the PaX patches for the Linux kernel 2.6. When ASLR is enabled, it allows local users to trigger a Denial of Service via an infinite loop. Connected sources (Gentoo GLSA 200407-02 and related advisories) confirm the issue...
[Full-Disclosure] Bug in PaX Linux Kernel 2.6 Patches
http://www.cr-secure.net Found by: borg ChrisR- A small bug in PaX was found. What is PaX? ----------------------- PaX is a collection of intrusion prevention patches for the Linux Kernel 2.2, 2.4, and 2.6. This advisory only affects the PaX patches for the 2.6 linux kernel. PaX is located at...