Sun Solaris Loopback文件系统本地拒绝服务漏洞

Sun Solaris是一款商业性质的操作系统。 Sun Solaris Loopback文件系统存在安全问题，本地攻击者可以利用漏洞删除或者重命名文件。 在非全局域中的本地特权用户可以删除或重命名只读挂接的loopback文件系统中的文件。此文件系统与全局域共享，可导致全局域中的文件删除。 Sun Solaris 10.0 x86 Sun Solaris 10 补丁下载： Sun Solaris 10.0 x86 Sun 118855-28 http://sunsolve.sun.com/pub-cgi/pdownload.pl?target=118855-28&method=h...

Sun Solaris Loopback Filesystem protection bypass

Users can rename and delete files in read-only file system...

CVE-2007-0668

The Loopback Filesystem LOFS in Sun Solaris 10 allows local users in a non-global zone to move and rename files in a read-only filesystem, which could lead to a denial of service...

Microsoft IPv6 TCP/IP Loopback LAND攻击拒绝服务(MS05-019/MS06-064)

Microsoft Windows是微软发布的非常流行的操作系统。 关闭了Windows防火墙的Windows Server 2003和XP SP2受LAND攻击的影响。攻击者可以发送设置了SYN标记的TCP报文，将源IP地址和目标IP地址及源端口和目标端口都设置为目标机器，导致15-30秒的DoS情况。 向文件服务器发送单个LAND报文就可能导致当前连接到服务器上所有工作站的Windows explorer僵死，服务器的CPU使用率达到100%。有时有漏洞服务器上的网络监控甚至无法嗅探的出恶意的报文。使用tcpreplay重现攻击可以导致网络完全瘫痪。 Microsoft Window...

CVE-2006-5396

The tcpfusercvdrain function in the Sun Solaris 10 kernel before 20061017, when TCP Fusion is enabled, allows local users to cause a denial of service system crash via a TCP loopback connection with both endpoints on the same system...

gld -- format string and buffer overflow vulnerabilities

Gld has been found vulnerable to multiple buffer overflows as well as multiple format string vulnerabilities. An attacker could exploit this vulnerability to execute arbitrary code with the permissions of the user running Gld, the default user being root. The FreeBSD port defaults to running gld ...

CVE-2003-0415

Remote PC Access Server 2.2 allows remote attackers to cause a denial of service crash by receiving packets from the server and sending them back to the server...

Eggdrop arbitrary connection vulnerability

Hi, there is a serious security problem in the popular eggdrop IRCbot. The hole allows a regular user with enough 'power' at least power to add new bot records to use any linked instance of the bot on the botnet as an instant 'proxy'. The following session demonstrates the problem with an...

CVE-2002-1921

The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database...

CVE-1999-1423

ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service crash via a ping request to a multicast address through the loopback interface, e.g. via ping -i...

Wingate 4.1.1, new year 's bug: UPDATE

Hi, I posted the mail below to bugtraq few days ago describing a somewhat weird bug into wingate 4.1.1 last release that allow to bypass all authentication/wrapper mechanism in the software. Further tests later, i think to know why. When you configure a proxy service in the properties window, u...

TCP Loopback DoS Attack (land.c) and Cisco Devices

...

FreeBSD 2.x HP-UX 91011 Kernel 2.0.3 Windows NT 4.0Server 2003 NetBSD 1 - land.c loopback Denial of Service (3)

FreeBSD 2.x HP-UX 91011 Kernel 2.0.3 Windows NT 4.0Server 2003 NetBSD 1 - land.c loopback Denial of Service 3 / source: https://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP SYN packet with the source address and...

FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (1)

/ source: https://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sort is received, an infinite loo...

FreeBSD 2.x HP-UX 91011 Kernel 2.0.3 Windows NT 4.0Server 2003 NetBSD 1 - land.c loopback Denial of Service (1)

FreeBSD 2.x HP-UX 91011 Kernel 2.0.3 Windows NT 4.0Server 2003 NetBSD 1 - land.c loopback Denial of Service 1 / source: https://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP SYN packet with the source address and...

FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (2)

source: https://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sort is received, an infinite loop ...

FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (5)

/ source: https://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sort is received, an infinite loo...

FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (4)

/ source: https://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sort is received, an infinite loo...

FreeBSD 2.x HP-UX 91011 Kernel 2.0.3 Windows NT 4.0Server 2003 NetBSD 1 - land.c loopback Denial of Service (4)

FreeBSD 2.x HP-UX 91011 Kernel 2.0.3 Windows NT 4.0Server 2003 NetBSD 1 - land.c loopback Denial of Service 4 / source: https://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP SYN packet with the source address and...

FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (3)

/ source: https://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sort is received, an infinite loo...