206 matches found
Null pointer dereference
The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PERCLEARONSETID setting that does not clear the ADDRCOMPATLAYOUT and MMAPPAGEZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to 1 conduct NULL...
Linux Kernel PER_CLEAR_ON_SETID绕过安全限制漏洞
BUGTRAQ ID: 35647 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的PERCLEARONSETID mask没有包含有MMAPPAGEZERO和ADDRCOMPATLAYOUT,这可能允许本地用户绕过mmapminaddr保护,或禁用某些ASLR(地址空间布局随机化)功能。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Positron Security Advisory #2009-001: Memcached and MemcacheDB ASLR Bypass Weakness
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 POSITRON SECURITY LLC http://www.positronsecurity.com/ Security Advisory 2009-001 Memcached and MemcacheDB ASLR Bypass Weakness Author: Joe Testa jt atsign positronsecuritydotcom Date: April 28th, 2009 URL:...
CheckPoint Secure Platform Multiple Buffer Overflows
Hi all, we have published a paper about CheckPoint Firewall-1 vulnerabilities. The platform tested is the Secure Platform R60. We have found many buffer overflows. Most of them are located in command line utilities that can be exploited locally. A very few of them maybe can be exploited remotely,...
PaX 2.6 Kernel Patch - Denial of Service
PaX 2.6 Kernel Patch - Denial of Service / source: https://www.securityfocus.com/bid/10264/info PaX for 2.6 series Linux kernels has been reported prone to a local denial of service vulnerability. The issue is reported to present itself when PaX Address Space Layout Randomization Layout ASLR is...
CVE-2004-1983
The archgetunmappedarea function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization ASLR is enabled, allows local users to cause a denial of service infinite loop via unknown attack vectors...