[SECURITY] [DSA 2122-1] New glibc packages fix local privilege escalation

------------------------------------------------------------------------ Debian Security Advisory DSA-2122-1 [email protected] http://www.debian.org/security/ Florian Weimer October 22, 2010 http://www.debian.org/security/faq -...

PHP safe_mode bypass via proc_open() and custom environment

No description provided by source. ----------------------------------------------------------------------- + safe-bypass-procopen.txt - yet another way to bypass PHP safemode. + + By Milen Rangelov [email protected] + ----------------------------------------------------------------------- This...

PHP safe_mode can be bypassed via proc_open() and custom environment.

This should work provided that you have met the following requirements: 1 A writable directory under documentroot to place those files obviously 2 You don't have procopen in your disabledfunctions list 3 You are able to compile a shared library on the same platform as the target web server. Here ...

Gentoo Security Advisory GLSA 200707-04 (glibc)

The remote host is missing updates announced in advisory GLSA 200707-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

GNU GLibC LD.SO Mask动态装载器整数溢出漏洞

Glibc是一款提供系统调用和基本函数的C库。 Glibc包含的动态装载器ld.so存在整数溢出，本地攻击者可以利用漏洞提升特权执行任意指令。 在动态装载器ld.so处理硬件'capabilities mask'时存在缺陷，如果'mask'被指定为一个高计数值，在分配内存时可导致整数溢出，可能以高特权执行任意指令。 GNU glibc 2.3.10 + Debian Linux 2.2 GNU glibc 2.3.4 GNU glibc 2.3.3 + MandrakeSoft apcupsd 2006.0 + MandrakeSoft Linux Mandrake 10.1 x8664...

GNU C integer overflow

Integer overflow in ld.so dynamic loader...

[ GLSA 200707-04 ] GNU C Library: Integer overflow

Gentoo Linux Security Advisory GLSA 200707-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

GLSA-200707-04 : GNU C Library: Integer overflow

The remote host is affected by the vulnerability described in GLSA-200707-04 GNU C Library: Integer overflow Tavis Ormandy of the Gentoo Linux Security Team discovered a flaw in the handling of the hardware capabilities mask by the dynamic loader. If a mask is specified with a high population...

GNU C Library: Integer overflow

Background The GNU C library is the standard C library used by Gentoo Linux systems. It provides programs with basic facilities and interfaces to system calls. ld.so is the dynamic linker which prepares dynamically linked programs for execution by resolving runtime dependencies and related...

McAfee VirusScan: Insecure DT_RPATH

Background McAfee VirusScan for Linux is a commercial antivirus solution for Linux. Description Jakub Moc of Gentoo Linux discovered that McAfee VirusScan was distributed with an insecure DTRPATH which included the current working directory, rather than $ORIGIN which was probably intended. Impact...

GLSA-200612-15 : McAfee VirusScan: Insecure DT_RPATH

The remote host is affected by the vulnerability described in GLSA-200612-15 McAfee VirusScan: Insecure DTRPATH Jakub Moc of Gentoo Linux discovered that McAfee VirusScan was distributed with an insecure DTRPATH which included the current working directory, rather than $ORIGIN which was probably...