kernel: 64-bit Compatibility Mode Stack Pointer Underflow

The compatallocuserspace functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the...

kernel: 64-bit Compatibility Mode Stack Pointer Underflow

The compatallocuserspace functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

kernel security update

2.6.18-194.11.4.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina Yang orabug...

Debian DSA-2110-1 : linux-2.6 - privilege escalation/denial of service/information leak

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-2492 Andre Osterhues reported an issue in the eCryptfs...

Kindeditor traverse the directory 0DAY-vulnerability warning-the black bar safety net

Author: sub - ↘meter Version: 3.4.2 Description: KindEditor is an open source HTML visual editor, mainly used to allow users on the site to get WYSIWYG editing effects, compatible with IE, Firefox, Chrome, Safari, Opera and other mainstream browser. KindEditor using JavaScript, you can seamlessly...

Linux Kernel 2.6.27+ x86-64 compat exploit

Exploit for linux platform in category local exploits ========================================== Linux Kernel 2.6.27+ x86-64 compat exploit ========================================== / Ac1dB1tch3z Vs Linux Kernel x8664 0day Today is a sad day.. R.I.P. Tue, 29 Apr 2008 / Tue, 7 Sep 2010 a bit of...

DSA-2110-1 linux-2.6 - several issues

Bulletin has no description...

CVE-2010-3081

The compatallocuserspace functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the...

VulnCheck KEV: CVE-2010-3081

The compatallocuserspace functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of...

VPSProxy (PHP Secure proxy + GUI)

PHP Secure proxy - программа для туннелирования HTTP/HTTPS трафика через PHP-гейт. На написание меня подтолкнула идея bons'a, в реализации которого не было необходимого мне функционала, и самое главное, GUI. Возможности + Поддержка HTTPS для php-гейтов. + Туннелирование HTTPS трафика добавлено в...

Multiple Vulnerabilities Found by PROTOS IPSec Test Suite - Cisco Systems

Multiple Cisco products contain vulnerabilities in the processing of IPSec IKE Internet Key Exchange messages. These vulnerabilities were identified by the University of Oulu Secure Programming Group OUSPG "PROTOS" Test Suite for IPSec and can be repeatedly exploited to produce a denial of servic...

[SECURITY] Fedora 13 Update: freeciv-2.2.2-1.fc13

Freeciv is a turn-based, multi-player, X based strategy game. Freeciv is generally comparable to, and has compatible rules with, the Civilization IIR game by MicroproseR. In Freeciv, each player is the leader of a civilization, and is competing with the other players in order to become the leader...

Old and Insecure, IE6 Still Popular in the Enterprise

Conventional wisdom has it that Microsoft’s Internet Explorer Web browser is on the way out: succumbing to the death of thousand cuts administered by plucky rivals like Mozilla’s Firefox, Google’s Chrome and even Opera. But data from Web security firm zScaler shows that the Old Blue Lady of the W...

websudo annotation backwards compatibility (Confluence 3.3)

Following this guide|http://confluence.atlassian.com/pages/viewpage.action?pageId=219021702, I started to use the websudo annotations to secure an XWork action that would process a form in the space admin tab. The plugin is meant to work with Confluence 3.3 and I haven't released a public version...

websudo annotation backwards compatibility (Confluence 3.3)

Following this guide|http://confluence.atlassian.com/pages/viewpage.action?pageId=219021702, I started to use the websudo annotations to secure an XWork action that would process a form in the space admin tab. The plugin is meant to work with Confluence 3.3 and I haven't released a public version...

Satanic Socks Server: RDot edition

Satanic Socks Server - sss.c v0.66 by drmist/STNC mod for rdot.org v1.1 Отличия от Satanic Socks Server v0.66.170506 sss.c by drmist\STNC: -убрана поддержка windows +добавлено ограничение на подключения только с заданного IP +маскировка списке процессов +режим агрессивного закрытия отработавших...

[SECURITY] Fedora 12 Update: squirrelmail-1.4.21-1.fc12

SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 with no JavaScript for maximum compatibility across browsers. It has very few requirements and is very easy to configure and instal...

CVE-2010-1900

Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Works 9 do not properly handle malformed records in a Wo...

CVE-2010-1902

CVE-2010-1902 describes a remote-code-execution flaw in Microsoft Word’s RTF parsing engine. The vulnerability is triggered by crafted RTF data, specifically via drawing object control words that copy properties into a heap buffer without bounds checking, causing a heap buffer overflow. Affected ...