Cisco IOS HTTP access level authentication bypass

Added: 12/23/2010 CVE: CVE-2001-0537 BID: 2936 OSVDB: 578 Background The Cisco Internetwork Operating System IOS is the operating system used by Cisco routers. Problem A remote attacker could execute arbitrary commands at the highest privilege level level 15 without needing to authenticate by...

Cisco IOS HTTP access level authentication bypass

Added: 12/23/2010 CVE: CVE-2001-0537 BID: 2936 OSVDB: 578 Background The Cisco Internetwork Operating System IOS is the operating system used by Cisco routers. Problem A remote attacker could execute arbitrary commands at the highest privilege level level 15 without needing to authenticate by...

Cisco IOS HTTP access level authentication bypass

Added: 12/23/2010 CVE: CVE-2001-0537 BID: 2936 OSVDB: 578 Background The Cisco Internetwork Operating System IOS is the operating system used by Cisco routers. Problem A remote attacker could execute arbitrary commands at the highest privilege level level 15 without needing to authenticate by...

KVM: Check cpl before emulating debug register access

The handledr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 2.6.31.1 does not properly verify the Current Privilege Level CPL before accessing a debug register, which allows guest OS users to cause a denial of service trap on the host OS via a crafted application...

CentOS 5 : kvm (CESA-2010:0126)

Updated kvm packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on...

Microsoft ISAPI W3Who Library Buffer Overflow (CVE-2004-1134)

The W3Who dynamically linked library DLL, when used in the context of an IIS HTTP server, provides various information about the current HTTP client, as well as the current running environment. It is included with the Internet Services Application Programming Interface ISAPI and is meant to be us...

CVE-2010-0298

The x86 emulator in KVM 83 does not use the Current Privilege Level CPL and I/O Privilege Level IOPL in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service guest OS crash or gain privileges on the guest OS by leveraging access to a 1 IO...

CVE-2009-3722

The handledr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 2.6.31.1 does not properly verify the Current Privilege Level CPL before accessing a debug register, which allows guest OS users to cause a denial of service trap on the host OS via a crafted application...

PT-2009-5979 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.31.1 Description: The issue is related to the handle dr function in the KVM subsystem, which does not properly verify the Current Privilege Level CPL before accessing a debug register. This allows guest OS...

VMware Hosted products update libpng and Apache HTTP Server

a. Third Party Library libpng Updated to 1.2.35Several flaws were discovered in the way third party library libpnghandled uninitialized pointers. An attacker could create a PNG imagefile in such a way, that when loaded by an application linked tolibpng, it could cause the application to crash or...

Sun VirtualBox Host Reboot

Sun's VirtualBox host reboot PoC by Tadas Vilkeliskis Disclosure made at 2009-08-01 VULNERABILITY INFORMATION Remotely exploitable: no Locally exploitable: yes Affected versions: 2.2 - 3.0.2 r49928 for Linux VULNERABILITY DESCRIPTION VirtualBox VM is unable to handle fast call to privilege level ...

CVE-2009-1542

The Virtual Machine Monitor VMM in Microsoft Virtual PC 2004 SP1, 2007, and 2007 SP1, and Microsoft Virtual Server 2005 R2 SP1, does not enforce CPU privilege-level requirements for all machine instructions, which allows guest OS users to execute arbitrary kernel-mode code and gain privileges...

Information disclosure

The Virtual Machine Monitor VMM in Microsoft Virtual PC 2004 SP1, 2007, and 2007 SP1, and Microsoft Virtual Server 2005 R2 SP1, does not enforce CPU privilege-level requirements for all machine instructions, which allows guest OS users to execute arbitrary kernel-mode code and gain privileges...

CVE-2009-1542

The Virtual Machine Monitor VMM in Microsoft Virtual PC 2004 SP1, 2007, and 2007 SP1, and Microsoft Virtual Server 2005 R2 SP1, does not enforce CPU privilege-level requirements for all machine instructions, which allows guest OS users to execute arbitrary kernel-mode code and gain privileges...

CVE-2009-1252

Stack-based buffer overflow in the cryptorecv function in ntpcrypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field...

Cisco IOS Bind shellcode v1.0

No description provided by source. ---------------------------------------------------------------------------------------- Cisco IOS Bind shellcode v1.0 c 2007 IRM Plc By Varun Uppal ---------------------------------------------------------------------------------------- The code creates a new...

Cisco IOS Tiny shellcode v1.0

No description provided by source. ---------------------------------------------------------------------------------------- Cisco IOS Tiny shellcode v1.0 c 2007 IRM Plc By Gyan Chawdhary ---------------------------------------------------------------------------------------- The code creates a ne...

Cisco IOS Connectback Shellcode 1.0

Cisco IOS Connectback shellcode v1.0. Shellcode exploit for hardware platform ---------------------------------------------------------------------------------------- Cisco IOS Connectback shellcode v1.0 c 2007 IRM Plc By Gyan Chawdhary...

Cisco IOS Bind Shellcode 1.0

Cisco IOS Bind shellcode v1.0. Shellcode exploit for hardware platform ---------------------------------------------------------------------------------------- Cisco IOS Bind shellcode v1.0 c 2007 IRM Plc By Varun Uppal...

Cisco IOS Tiny Shellcode 1.0

Cisco IOS Tiny shellcode v1.0. Shellcode exploit for hardware platform ---------------------------------------------------------------------------------------- Cisco IOS Tiny shellcode v1.0 c 2007 IRM Plc By Gyan Chawdhary...