[ MDVSA-2009:082 ] krb5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:082 http://www.mandriva.com/security/ Package : krb5 Date : March 30, 2009 Affected: 2008.0, 2008.1, 2009.0 Problem Description: The spnegogssacceptseccontext function in lib/gssapi/spnego/spnegomech.c in MI...

F-Secure Product(s) Integer Overflow Vulnerability (Linux)

This host is installed with F-Secure Products and is prone to Integer Overflow vulnerability. OpenVAS Vulnerability Test $Id: gbfsecureprdtsintoverflowvulnlin.nasl 6516 2017-07-04 12:20:47Z cfischer $ F-Secure Products Integer Overflow Vulnerability Linux Authors: Sharath S Copyright: Copyright c...

F-Secure Products Integer Overflow Vulnerability (Oct 2008) - Linux

F-Secure Products is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RedHat Update for bind RHSA-2008:0300-02

Check for the Version of bind OpenVAS Vulnerability Test RedHat Update for bind RHSA-2008:0300-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Linux/x86 - execve(chmod 0777 /etc/shadow) Shellcode (57 bytes)

Linux/x86 - execvechmod 0777 /etc/shadow Shellcode 57 bytes. Shellcode exploit for Linuxx86 platform Linux/x86 execve-chmod 0777 /etc/shadow 57 bytes Author: Hamza Megahed Twitter: @HamzaMega blog: hamza-megadotblogspotdotcom E-mail: hamzadotmegahedatgmaildotcom xor %eax,%eax push %eax pushl...

linux/x86 append rsa key to /root/.ssh/authorized_keys2 295 bytes

Exploit for linux/x86 platform in category shellcode ================================================================= linux/x86 append rsa key to /root/.ssh/authorizedkeys2 295 bytes ================================================================= / linux/x86 shellcode to append rsa key to...

verlihub 0.9.8d-RC2 - Remote Command Execution

verlihub 0.9.8d-RC2 - Remote Command Execution == verlihub Verlihub does not sanitize user input passed to the shell via its "trigger" mechanism. Furthermore, the Verlihub daemon can optionally be configured to run as root. This allows for the arbitrary execution of commands by users connected to...

linux/x86 connect back, download a file and execute 149 bytes

Exploit for linux/x86 platform in category shellcode ============================================================= linux/x86 connect back, download a file and execute 149 bytes ============================================================= / ;file download shellcode 149 bytes ; ;connect back,...

linux/x86 rm -rf / attempts to block the process from being stopped

Exploit for linux/x86 platform in category shellcode =================================================================== linux/x86 rm -rf / attempts to block the process from being stopped =================================================================== / x86 linux rm -rf / which attempts to...

Brk vulnerability analysis and remediation-vulnerability and early warning-the black bar safety net

| brk vulnerability analysis A little out of date music at: I hope everyone also can be a little. --- Brk vulnerability analysis by icbm@0x557 1. brk loopholes in the background 2. The vulnerability principle analysis 3. Exploit analysis 4. The vulnerability is caused by thinking Brk vulnerabilit...

linux/amd64 connect-back semi-stealth shellcode 88+ bytes

No description provided by source. include sys/socket.h include netinet/in.h include arpa/inet.h include stdlib.h include stdio.h include string.h include limits.h / usual rant here.. this is just a doodle.. i was curious about the amd64 and since i dont think a simple exec /bin/sh is worth...

Linux multiple security vulnerabilities

Multiple DoS conditions and privilege escalation...

GLSA-200804-09 : am-utils: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200804-09 am-utils: Insecure temporary file creation Tavis Ormandy discovered that, when creating temporary files, the 'expn' utility does not check whether the file already exists. Impact : A local attacker could exploit the...

endian-xss.txt

Security Advisory - Multiple Vulnerabilities in Endian firewall Endian Firewall is a "turn-key" linux security distribution that turns every system into a full featured security appliance. It features stateful packet filtering, proxies, antivirus/antispam, content filtering and a VPN module. Date...

GLSA-200712-07 : Lookup: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200712-07 Lookup: Insecure temporary file creation Tatsuya Kinoshita reported that the ndeb-binary function does not handle temporay files correctly. Impact : A local attacker could use a symlink attack to overwrite files with the...

GLSA-200708-14 : NVIDIA drivers: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200708-14 NVIDIA drivers: Denial of Service Gregory Shikhman discovered that the default Gentoo setup of NVIDIA drivers creates the /dev/nvidia with insecure file permissions. Impact : A local attacker could send arbitrary values...

MDKA-2007:083 : imap

Due to the configuration of the xinetd configuration files included in the imap package, initial connections to the IMAP and/or POP3 services would have a substantial delay due to xinetd attempting to perform ident lookups. This update has corrected xinetd configuration files that remove the iden...

[ MDKSA-2007:135 ] - Updated webmin packages fix XSS vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2007:135 http://www.mandriva.com/security/ Package : webmin Date : June 23, 2007 Affected: 2007.0, 2007.1, Corporate 4.0 Problem Description: Multiple cross-site scripting XSS vulnerabilities were discovered in...

Mandrake Linux Security Advisory : libwmf (MDKSA-2007:123)

A flaw in libgd2 was found by Xavier Roche where it would not correctly validate PNG callback results. If an application linked against libgd2 was tricked into processing a specially crafted PNG file, it could cause a denial of service scenario via CPU resource consumption. Libwmf uses an embedde...

MDKA-2007:027 : php-session

The php-session package includes a cron setting to remove PHP sessions that are no longer in use. Previously, it could expire the session even if it was still in use. This update will prevent the cron job from removing sessions that are still actively being used, and will only expire after the la...