1246 matches found
PT-2007-6895 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.23.10 Description: The issue is related to an integer overflow in the hrtimer start function, which can be exploited by local users to execute arbitrary code or cause a denial of service, resulting in a syst...
Linux Kernel < 2.6.16.18 (Netfilter NAT SNMP Module) Remote DoS Exploit
No description provided by source. / ecl-nf-snmpwn.c - 30/05/06 Alex Behar [email protected] Yuri Gushin [email protected] A patch review we did on the 2.6.16.17-18 Linux kernel source tree revealed a restructuring of code in the snmpparsemangle and the snmptrapdecode functions. After further...
Linux Kernel DCCP多个本地信息泄露漏洞
Linux是一款开放源代码的操作系统。 Linux针对DCCP支持存在多个问题,本地攻击者可以利用漏洞访问敏感信息。 问题存在于net/dccp/proto.c文件中的dodccpgetsockopt函数: ----------------------- static int dodccpgetsockoptstruct sock sk, int level, int optname, char user optval, int user optlen ... if getuserlen, optlen return -EFAULT; if len sizeofint return...
Linux Kernel <= 2.6.20 with DCCP Support Memory Disclosure Exploit v2
Exploit for linux platform in category local exploits ===================================================================== Linux Kernel include include include include include include define BUFSIZE 0x10000000 int mainint argc, char argv void mem = mmap0, BUFSIZE, PROTREAD | PROTWRITE,...
MOAB-13-01-2007: Apple DMG HFS+ do_hfs_truncate() Denial of Service Vulnerability
Summary A specially crafted HFS+ filesystem in a DMG image can cause the dohfstruncate function to panic the kernel denial of service, when attempting to remove a file from the mounted filesystem. This issue can't lead to arbitrary code execution, although there's a significant risk of local HFS+...
MOAB-12-01-2007: Apple DMG UFS ufs_lookup() Denial of Service Vulnerability
Summary A specially crafted UFS filesystem in a DMG image can cause the ufslookup function to call ufsdirbad when a corrupted directory entry is being read, leading to a kernel panic denial of service. This issue can't lead to arbitrary code execution. Affected versions This issue has been verifi...
DSA-1233 kernel-source-2.6.8 - several
Bulletin has no description...
Apple Airport - 802.11 Probe Response Kernel Memory Corruption (PoC) (Metasploit)
A proof-of-concept exploit has been added to the Metasploit Framework 3.0 source tree: msf use auxiliary/dos/wireless/daringphucball require 'msf/core' module Msf class Auxiliary::Dos::Wireless::DaringPhucball 'Apple Airport 802.11 Probe Response Kernel Memory Corruption', 'Description' = %q The...
[SECURITY] [DSA 1111-1] New Linux kernel 2.6.8 packages fix privilege escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- Debian Security Advisory DSA 1111-1 security at debian dot org email concealed http://www.debian.org/security/ Dann Frazier Jul 16th, 2006 http://www.debian.org/security/faq...
Linux Kernel <= 2.6.17.4 (proc) Local Root Exploit
Exploit for linux platform in category local exploits ================================================== Linux Kernel Example: h00lyshit /usr/X11R6/lib/libethereal.so.0.0.1 if y0u dont have one, make big file 100MB in /tmp with dd and try to junk the cache e.g. cat /usr/lib/ /dev/null / include...
Linux Kernel 2.6.13 2.6.17.4 - sys_prctl() Local Privilege Escalation (2)
Linux Kernel 2.6.13 2.6.17.4 - sysprctl Local Privilege Escalation 2 / Linux = 2.6.13 prctl kernel exploit C Julien TINNES If you read the Changelog from 2.6.13 you've probably seen: PATCH setuid core dump This patch mainly adds suidsafe to suiddumpable sysctl but also a new per process, user...
Linux Kernel may fail to properly handle SNMP packets
Overview A memory freeing vulnerability in the Linux kernel module ipnatsnmpbasic can be exploited to create a denial-of-service condition. Description ipnatsnmpbasic The ipnatsnmpbasic IP NAT module is intended for use with SNMP network discovery and monitoring applications where target networks...
Python <= 2.4.2 realpath() Local Stack Overflow Exploit
No description provided by source. !/usr/bin/python gexp-python.py Python = 2.4.2 realpath Local Stack Overflow ----------------------------------------------- Against VA Space Randomization. Copyright c 2006 Gotfault Security Bug found and developed by: dx/vaxen Gotfault Security, posidron Tripb...
Python 2.4.2 - realpath() Local Stack Overflow
Python 2.4.2 - realpath Local Stack Overflow !/usr/bin/python gexp-python.py Python vuln.py; python vuln.py' os.remove"vuln.py" os.chdirbase os.removedirsdir milw0rm.com 2006-03-18...
CVE-2005-4782
NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service kernel assertion panic via a negative linger time in the SOLINGER socket option...
security flaw
Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T architectures, allows local users to write to privileged IO ports via the OUTS instruction...
DSA-403 kernel-image-2.4.18-1-alpha, kernel-image-2.4.18-1-i386, kernel-source-2.4.18 - local root exploit
Bulletin has no description...
security advisory linux 2.4.x ip_conntrack_irc
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Important security announcement of the netfilter project, 25 Feb 2002 http://www.netfilter.org/security/2002-02-25-irc-dcc-mask.html. SUBJECT: IRC connection tracking helper module SUMMARY: IRC connection tracking opens unwanted ports SYSTEM: All Linu...
Linux 2.2.17pre20 Вышла новая pre-версия следующего стабильного ядра Linux: 2.2.17pre20. Список изменений пока не попался мне на глаза. Подробнее: ftp://ftp.kernel.org/pub/linux/kernel/people/alan/2.2.17pre/ Linux-2.4.0-test7 Вышло новое "нестабильное" ядро Linux: Linux-2.4.0-test7. Подробнее:...
Kernel 2.2.16 and /usr/bin/Mail
...