RedHat Update for thunderbird RHSA-2013:0145-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Nvidia Display Driver Service Attack Escalates Privileges on Windows Machines

There’s nothing like a zero-day to ruin the holiday break, but that’s just what may be in store for engineers at Nvidia after a researcher discovered a new vulnerability in the Nvidia Display Driver Service. The flaw could hand over administrator privileges on Windows machines to an attacker. Pet...

RedHat Update for kernel RHSA-2012:1426-01

Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2012:1426-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2012:1426 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring...

PT-2013-1527 · Red Hat +3 · Fedora +4

Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Linux RHEL versions 5 and 6 Fedora versions 15 and 16 Description: The ExecShield feature in a certain Red Hat patch for the Linux kernel does not properly handle use of many shared libraries by a 32-bit executable file. Th...

Разработка эксплоитов для Linux. Часть 4 – обход ASCII armor и возврат в plt

Автор: sickness Блог автора: Перевод: Gh0St 07.04.2012 Разработка эксплоитов для Linux. Часть 4 – обход ASCII armor и возврат в plt. ПРИМЕЧАНИЕ: Перед чтением данного документа, рекомендуется ознакомиться со следующими работами: Руководство по написанию эксплоитов для Linux. Часть I – переполнени...

Analyzing ASLR in Android Ice Cream Sandwich 4.0

When I first saw the release notes for the new Android Ice Cream Sandwich ICS platform, I was excited to see that Google mentioned that “Android 4.0 now provides address space layout randomization”. For the uninitiated, ASLR randomizes where various areas of memory eg. stack, heap, libs, etc are...

linux/x86 sys_execve("/sbin/sysctl") 121 bytes polymorphic shellcode

/ sysexecve"/sbin/sysctl", "/sbin/sysctl", "-w", "kernel.randomizevaspace=0" , NULL; 121 bytes polymorphic shellcode Programmer : Paulus Gandung Prakosa syn-attack Thanks to : mywisdom, gunslinger, nofia fitri, chaer.newbie, wenkhairu, ketek, xtr0nic, supermen ganteng, and all devilzc0de members ...

Aviosoft DTV Player buffer overflow vulnerability

Overview Aviosoft DTV Player contains a buffer overflow in the handling of playlist .plf files, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Aviosoft DTV Player is a multiple format video player application. Aviosoft DTV Player...

AmmSoft ScriptFTP 3.3 client remote buffer overflow vulnerability

Overview AmmSoft's ScriptFTP client is susceptible to a remote buffer overflow vulnerability that is triggered when processing a sufficiently long filename during a FTP LIST command. Description AmmSoft's ScriptFTP client can be exploited to execute arbitrary code when processing GETLIST or GETFI...

[SECURITY] [DSA 2240-1] linux-2.6 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-2240-1 [email protected] http://www.debian.org/security/ dann frazier May 24, 2011 http://www.debian.org/security/faq -...

kernel: proc: protect mm start_code/end_code in /proc/pid/stat

The dotaskstat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the startcode and endcode fields in the /proc//stat file for a process executing a PIE...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

Updated kernel-rt packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise MRG 1.3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Unpatched Flaw in IE Bypasses Key Windows Security Features

An exploit exploiting an unpatched vulnerability in Internet Explorer IE has gone public. Security researcher Shahin Ramezany announced in a Tuesday tweet that he successfully exploited the flaw, which involves how IE handles CSS style sheets on Windows 7 and Vista machines. Offensive Security, a...

Microsoft Warns On New Browser Vulnerability

Microsoft on Wednesday issued a security advisory to users of its Internet Explorer Web browser about a newly disclosed vulnerability that could be exploited and used to run malicious code on vulnerable Windows systems. The Redmond, Washington company said it is investigating new, public reports ...

Microsoft Releases New Version of EMET Exploit Mitigation Toolkit

Mitigation has become the word of the moment at Microsoft, and the company on Thursday continued its recent flow of tools designed to lessen the effectiveness of certain attacks with the release of version 2.0 of its Enhanced Mitigation Experience Toolkit. The new version of the toolkit includes ...

linux/x86-64 Disable ASLR Security 143 bytes

Exploit for linux/x86-64 platform in category shellcode ============================================ linux/x86-64 Disable ASLR Security 143 bytes ============================================ / Title: Linux/x86-64 - Disable ASLR Security - 143 bytes Date: 2010-06-17 Tested: Archlinux x8664 k2.6.33...

Mozilla Falls Short on Firefox ASLR Implementation

Like Apple’s Safari, the open-source Mozilla Firefox browser does not properly implement ASLR, a key anti-exploit mitigation that can limit the damage from hacker attacks. Nils, the U.K.-based researcher who compromised a Windows machine running Firefox for the second year in a row told me it’s...

CORE-2009-0803: Virtual PC Hypervisor Memory Protection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Virtual PC Hypervisor Memory Protection Vulnerability 1. Advisory Information Title: Virtual PC Hypervisor Memory Protection Vulnerability Advisory Id: CORE-2009-0803...

Virtual PC Hypervisor - Memory Protection

Virtual PC Hypervisor - Memory Protection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Virtual PC Hypervisor Memory Protection Vulnerability 1. Advisory Information Title: Virtual PC Hypervisor Memory Protection...