lighthttpd symbolic links vulnerabilities

Unix socket with fixed name is created in world-writable directory...

Debian DSA-2399-2 : php5 - several vulnerabilities

Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2011-1938 The UNIX socket handling allowed attackers to trigger a buffer overflow via a long path name. - CVE-2011-2483 The...

DSA-2399-1 php5 - several

Bulletin has no description...

FreeBSD : FreeBSD -- Buffer overflow in handling of UNIX socket addresses (f56390a4-4638-11e1-9f47-00e0815b8da8)

When a UNIX-domain socket is attached to a location using the bind2 system call, the length of the provided path is not validated. Later, when this address was returned via other system calls, it is copied into a fixed-length buffer. Linux uses a larger socket address structure for UNIX-domain...

php: stack-based buffer overflow in socket_connect()

Stack-based buffer overflow in the socketconnect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket...

CVE-2011-4062

Buffer overflow in the kernel in FreeBSD 7.3 through 9.0-RC1 allows local users to cause a denial of service panic or possibly gain privileges via a bind system call with a long pathname for a UNIX socket...

CVE-2011-4062

Buffer overflow in the kernel in FreeBSD 7.3 through 9.0-RC1 allows local users to cause a denial of service panic or possibly gain privileges via a bind system call with a long pathname for a UNIX socket...

CVE-2011-4062

Buffer overflow in the kernel in FreeBSD 7.3 through 9.0-RC1 allows local users to cause a denial of service panic or possibly gain privileges via a bind system call with a long pathname for a UNIX socket...

CVE-2011-4062

CVE-2011-4062 affects FreeBSD kernels 7.3–9.0-RC1 via a buffer overflow in the Linux emulation binding path for UNIX sockets, enabling local denial of service (panic) and potentially privilege escalation. Affected component: kernel Linux emulation support; root cause: poorly handled long bind() p...

CVE-2011-4062

Removed by vendor...

FreeBSD Security Advisory FreeBSD-SA-11:05.unix

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-11:05.unix Security Advisory The FreeBSD Project Topic: Buffer overflow in handling of UNIX socket addresses Category: core Module: kern Announced: 2011-09-28...

FreeBSD-SA-11:05.unix

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-11:05.unix Security Advisory The FreeBSD Project Topic: Buffer overflow in handling of UNIX socket addresses Category: core Module: kern Announced: 2011-09-28...

FreeBSD -- Buffer overflow in handling of UNIX socket addresses

Problem Description: When a UNIX-domain socket is attached to a location using the bind2 system call, the length of the provided path is not validated. Later, when this address was returned via other system calls, it is copied into a fixed-length buffer. Linux uses a larger socket address structu...

PHP 5.3.6 buffer overflow POC（ROP）of the CVE-vulnerability warning-the black bar safety net

? PHP / [email protected] http://bbs.xxoxo.org 2 0 1 1 year 7 month 1 5 day Stack-based buffer overflow in ext /socket/ sockets. c socketconnect function In PHP 5.3. 3 to 5. 3. 6 may be context-dependent attacker to execute arbitrary The code through the UNIX socket path name. By: small blue /...

PHP 5.3.6 Buffer Overflow PoC (ROP) CVE-2011-1938

No description provided by source. ?php / Jonathan Salwan - @shellstorm http://shell-storm.org 2011-06-04 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 Stack-based buffer overflow in the socketconnect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow...

PHP 5.3.6 - Local Buffer Overflow (ROP)

PHP 5.3.6 - Local Buffer Overflow ROP ?php / Jonathan Salwan - @jonathansalwan http://shell-storm.org 2011-06-04 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 Stack-based buffer overflow in the socketconnect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow...

PHP 5.3.6 - Local Buffer Overflow (ROP)

?php / Jonathan Salwan - @jonathansalwan http://shell-storm.org 2011-06-04 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 Stack-based buffer overflow in the socketconnect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute...

PHP 5.3.6 Buffer Overflow PoC (ROP) CVE-2011-1938

Exploit for multiple platform in category local exploits ?php / Jonathan Salwan - @shellstorm http://shell-storm.org 2011-06-04 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 Stack-based buffer overflow in the socketconnect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6...

PHP 5.3.6 Buffer Overflow

?php / Jonathan Salwan - @shellstorm http://shell-storm.org 2011-06-04 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 Stack-based buffer overflow in the socketconnect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute...

CVE-2011-1938

Stack-based buffer overflow in the socketconnect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket...