1248 matches found
BSA-2017-351
Security Advisory ID : BSA-2017-351 Component : Linux Kernel Revision : 3.0: Interim Theinetcskclonelockfunction in net/ipv4/inetconnectionsock.cin the Linux kernel allows attackers to cause a denial of service double free or possibly have unspecified other impact by leveraging use of the accept...
kernel: crypto: GPF in lrw_crypt caused by null-deref
The lrwcrypt function in 'crypto/lrw.c' in the Linux kernel before 4.5 allows local users to cause a system crash and a denial of service by the NULL pointer dereference via accept2 system call for AFALG socket without calling setkey first to set a cipher key...
kernel: crypto: GPF in lrw_crypt caused by null-deref
The lrwcrypt function in 'crypto/lrw.c' in the Linux kernel before 4.5 allows local users to cause a system crash and a denial of service by the NULL pointer dereference via accept2 system call for AFALG socket without calling setkey first to set a cipher key...
kernel: crypto: GPF in lrw_crypt caused by null-deref
The lrwcrypt function in 'crypto/lrw.c' in the Linux kernel before 4.5 allows local users to cause a system crash and a denial of service by the NULL pointer dereference via accept2 system call for AFALG socket without calling setkey first to set a cipher key...
kernel: Double free in the inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c
The inetcskclonelock function in net/ipv4/inetconnectionsock.c in the Linux kernel allows attackers to cause a denial of service double free or possibly have unspecified other impact by leveraging use of the accept system call. An unprivileged local user could use this flaw to induce kernel memor...
Cloudflare: SSRF
Hi i make report grabtaxi for SSRF But grabtaxi answer me coffeecup closed the report and changed the status to Not Applicable. Jul 26th 2 hrs ago Hello @linkks - After further review, we have determined that this is not SSRF on any of our web properties or assets. All IP's mentioned in this repo...
“Phoenix Talon”in the Linux Kernel —lurking for over 11 years, the kernel vulnerability-vulnerability warning-the black bar safety net
! About “Phoenix Talon” 2017 5 November 9, qimingxing e ADLab found that the Linux kernel there is a remote vulnerability“Phoenix Talon”the Phoenix claw fourth toe of Italy, and relates to CVE-2017-8890, CVE-2017-9075, CVE-2017-9076, CVE-2017-9077, can affect almost all Linux kernel 2.5.69 Linux...
"Phoenix Talon" in Linux Kernel (Phoenix Talon)
About “Phoenix Talon” 2017 5 November 9, qimingxing e ADLab found that the Linux kernel there is a remote vulnerability“Phoenix Talon”the Phoenix claw fourth toe of Italy, and relates to CVE-2017-8890, CVE-2017-9075, CVE-2017-9076, CVE-2017-9077, can affect almost all Linux kernel 2.5.69 Linux...
PT-2017-2223 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.11.1 Description: The issue is related to the sctp v6 create accept sk function in net/sctp/ipv6.c, which mishandles inheritance. This allows local users to cause a denial of service or possibly have other...
DEBIAN-CVE-2017-8890
The inetcskclonelock function in net/ipv4/inetconnectionsock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service double free or possibly have unspecified other impact by leveraging use of the accept system call...
CVE-2017-8890
The inetcskclonelock function in net/ipv4/inetconnectionsock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service double free or possibly have unspecified other impact by leveraging use of the accept system call...
UBUNTU-CVE-2017-8890
The inetcskclonelock function in net/ipv4/inetconnectionsock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service double free or possibly have unspecified other impact by leveraging use of the accept system call...
CVE-2017-8890
The inetcskclonelock function in net/ipv4/inetconnectionsock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service double free or possibly have unspecified other impact by leveraging use of the accept system call...
PT-2017-2033 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.10.15 Description: The issue is related to the inet csk clone lock function in the Linux kernel, which can be exploited to cause a denial of service due to a double free error. This can be achieved by leveragi...
Drupal 7. x Service Module SQLi & RCE vulnerability analysis and EXP-vulnerability warning-the black bar safety net
Drupal 7. x Service Module SQLi & RCE In the audit of the Drupal Service module when it is detected on the unserializefunction of a insecure call. Through the vulnerability, can lead to permission to escape, SQL injection, and remote code execution. 0x00 Service Module In Drupal, the Service modu...
Denial Of Service (DoS)
hapi is vulnerable to denial of service DoS attacks. A malicious user can send a malicious accept-encoding header to the system that causes the library to crash or the client to hang until the timeout period is reached...
Denial of Service via malformed accept-encoding header
Overview Affected versions of hapi will crash or lock the event loop when a malformed accept-encoding header is recieved. Recommendation Update to version 16.1.1 or later. References - Issue 3466 - GitHub Advisory...
Linux/x86-64 - Random Listener Shellcode (54 bytes)
;The MIT License MIT ;Copyright c 2017 Robert L. Taylor ;Permission is hereby granted, free of charge, to any person obtaining a ;copy of this software and associated documentation files the “Software”, ;to deal in the Software without restriction, including without limitation ;the rights to use,...
Linux/x86_64 - Random Listener Shellcode (54 bytes)
Linux/x8664 - Random Listener Shellcode 54 bytes. Shellcode exploit for Linx86-64 platform ;The MIT License MIT ;Copyright c 2017 Robert L. Taylor ;Permission is hereby granted, free of charge, to any person obtaining a ;copy of this software and associated documentation files the “Software”, ;to...
Scientific Linux Security Update : openssl on SL6.x, SL7.x i386/x86_64 (20170220)
Security Fixes : - An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite. CVE-2017-3731 - A denial of service flaw was found in th...