4826 matches found
Linux Kernel 3.3.5 - 'b43' Wireless Driver Privilege Escalation
source: https://www.securityfocus.com/bid/60410/info Linux kernel is prone to a local privilege-escalation vulnerability. Local attackers can exploit the issue to execute arbitrary code with kernel privileges or to crash the kernel, effectively denying service to legitimate users. rmmod b43...
PostgreSQL 临时文件创建漏洞(CVE-2013-1902)
BUGTRAQ ID: 58877 CVECAN ID: CVE-2013-1902 PostgreSQL是一款高级对象-关系型数据库管理系统,支持扩展的SQL标准子集。 PostgreSQL 9.2.4, 9.1.9, 9.0.13之前版本存用可预测的文件名生成了不安全的临时文件,本地攻击者可以进行符号链接攻击。 0 Debian Linux 6.0 x PostgreSQL 9.x 厂商补丁: PostgreSQL ---------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.postgresql.org...
Viscosity ViscosityHelper Symlink Attack Local Privilege Escalation
The remote host has a version of Viscosity VPN client installed that has a path name validation flaw in the setuid-set ViscosityHelper binary. This flaw can be exploited to execute arbitrary code with root privileges. C Tenable Network Security, Inc. include"compat.inc"; if description...
DEBIAN-CVE-2013-1775
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch...
Apple WGT Dictionnaire 1.3 Script Code Injection
Title: ====== Apple WGT Dictionnaire 1.3 - Script Code Inject Vulnerability Date: ===== 2012-11-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=774 VL-ID: ===== 774 Common Vulnerability Scoring System: ==================================== 2.3 Introduction:...
Zoner Photo Studio 15 b3 - Buffer Overflow (PoC)
Title: ====== Zoner Photo Studio v15 b3 - Buffer Overflow Vulnerabilities Date: ===== 2012-11-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=759 VL-ID: ===== 759 Common Vulnerability Scoring System: ==================================== 4.5 Introduction: ============...
Python不安全文件权限漏洞
BUGTRAQ ID: 55882 Python是一种面向对象、直译式计算机程序设计语言。 Python 3.3.0及其他版本的安装目录存在不安全文件权限漏洞,本地攻击者可利用此漏洞以提升的权限执行任意代码。 0 python 3.x 厂商补丁: Python ------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: www.python.org...
Linux kernel 2.6.x KVM 'kvm_set_irq()'函数本地缓冲区溢出漏洞
BUGTRAQ ID: 54063 CVE ID: CVE-2012-2137 Linux Kernel是Linux操作系统的内核。 Linux Kernel在实现上存在影响KVM的本地缓冲区溢出漏洞,本地攻击者可利用此漏洞用内核权限运行任意代码。 0 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.kernel.org/...
GLSA-201206-25 : Apache HTTP Server: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201206-25 Apache HTTP Server: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Apache HTTP Server. Please review the CVE identifiers referenced below for details. Impact : A remote attacker might obtain...
SYSRET 64-bit operating system privilege escalation vulnerability on Intel CPU hardware
Overview Some 64-bit operating systems and virtualization software running on Intel CPU hardware are vulnerable to a local privilege escalation attack. The vulnerability may be exploited for local privilege escalation or a guest-to-host virtual machine escape. Intel claims that this vulnerability...
USN-1459-1 : linux-ti-omap4 vulnerabilities
A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. CVE-2012-1601 Steve Grubb reported a flaw with Linux fscaps file system base capabilities when used to increa...
Format Factory 2.95 Buffer Overflows
Title: ====== Format Factory v2.95 - Buffer Overflow Vulnerabilities Date: ===== 2012-05-02 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=536 http://www.vulnerability-lab.com/getcontent.php?id=539 VL-ID: ===== 536 Introduction: ============= Format Factory is a...
Format Factory v2.95 - Buffer Overflow Vulnerabilities
Document Title: =============== Format Factory v2.95 - Buffer Overflow Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=536 http://www.vulnerability-lab.com/getcontent.php?id=539 Release Date: ============= 2012-05-01 Vulnerability...
CVE-2012-0808
as31 2.3.1-4 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink attack...
Linux kernel 2.6.x '__split_huge_page()'竞争条件本地拒绝服务漏洞
Linux是一款开源的操作系统 Linux内核存在安全漏洞,允许本地用户,Guest中的本地用户进行拒绝服务攻击 在发生"bad pmd"之后处理PMD表项存在竞争条件错误,本地攻击者可以利用漏洞使内核崩溃 0 Linux kernel 2.6.x 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息: http://comments.gmane.org/gmane.linux.kernel.mm/75413...
LightDM 1.0.6 - Arbitrary File Deletion
LightDM 1.0.6 - Arbitrary File Deletion source: https://www.securityfocus.com/bid/52452/info Light Display Manager LightDM is prone to a local arbitrary-file-deletion vulnerability. A local attacker can exploit this issue to delete arbitrary files with administrator privileges. Light Display...
LightDM 1.0.6 - Arbitrary File Deletion
source: https://www.securityfocus.com/bid/52452/info Light Display Manager LightDM is prone to a local arbitrary-file-deletion vulnerability. A local attacker can exploit this issue to delete arbitrary files with administrator privileges. Light Display Manager LightDM 1.0.6 is vulnerable. Other...
Macro Toolworks 7.5 - Local Buffer Overflow
source: https://www.securityfocus.com/bid/52351/info Macro Toolworks is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Local attackers can exploit this issue to run arbitrary code with elevated privileges. Failed exploit...
Socusoft Photo 2 Video 8.05 Buffer Overflow
Title: ====== Socusoft Photo 2 Video v8.05 - Buffer Overflow Vulnerability Date: ===== 2012-02-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=460 VL-ID: ===== 460 Introduction: ============= Socusoft photo to video converter Professional allows you to create all kin...
Apache 2.2 < 2.2.22 Multiple Vulnerabilities
Binary data 800552.prm...