448 matches found
Apple macOS/iOS Kernel - Use-After-Free Due to Bad Locking in Unix Domain Socket File Descriptor Externalization
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1123 unpexternalize is responsible for externalizing the file descriptors carried within a unix domain socket message. That means allocating new fd table entries in the receiver and recreating a file which looks looks to userspac...
Apple macOSiOS Kernel - Use-After-Free Due to Bad Locking in Unix Domain Socket File Descriptor Externalization
Apple macOSiOS Kernel - Use-After-Free Due to Bad Locking in Unix Domain Socket File Descriptor Externalization / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1123 unpexternalize is responsible for externalizing the file descriptors carried within a unix domain socket message...
Apple iOS / macOS Kernel - Use-After-Free Due to Bad Locking in Unix Domain Socket File Descriptor E
Exploit for multiple platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1123 unpexternalize is responsible for externalizing the file descriptors carried within a unix domain socket message. That means allocating new fd table entries in the receiver...
Buffer overflow
The sshagentchanneldata function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overfl...
CVE-2017-6542
The sshagentchanneldata function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overfl...
DEBIAN-CVE-2017-6542
The sshagentchanneldata function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overfl...
UBUNTU-CVE-2017-6542
The sshagentchanneldata function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overfl...
ALPINE-CVE-2017-6542
The sshagentchanneldata function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overfl...
CVE-2017-6542
The sshagentchanneldata function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overfl...
CVE-2017-6542
The sshagentchanneldata function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overfl...
CVE-2017-6542
The sshagentchanneldata function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overfl...
Uber: pam-ussh may be tricked into using another logged in user's ssh-agent
Summary https://github.com/uber/pam-ussh was open-sourced today kudos! and is presumably used within Uber's infrastructure. This is a PAM module written a Go that "will authenticate a user based on them having an ssh certificate in their ssh-agent signed by a specified ssh CA." A cursory look at...
Ubuntu: Security Advisory (USN-2948-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2949-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2949-1 advisory. Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of servi...
Ubuntu: Security Advisory (USN-2947-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2949-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2947-3)
Ralf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7833 Venkatesh Pottem discovered a use-after-free...
Ubuntu 15.10 : linux vulnerabilities (USN-2947-1)
Ralf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7833 Venkatesh Pottem discovered a use-after-free...
USN-2947-3: Linux kernel (Raspberry Pi 2) vulnerabilities
Ralf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly validate the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7833 Venkatesh Pottem discovered a use-after-free...
USN-2947-1: Linux kernel vulnerabilities
Ralf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly validate the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7833 Venkatesh Pottem discovered a use-after-free...