CVE-2012-2394

Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service application crash via a 1 ICMP or 2 ICMPv6 Echo Request packet...

Reverse Engineering SEHOP Chain Validation

Reverse Engineering code of SEHOP Chain Validation by x90c [email protected] -- sehopchainvalidation.c -- typedef struct EXCEPTIONREGISTRATIONRECORD struct EXCEPTIONREGISTRATIONRECORD Next; PEXCEPTIONROUTINE Handler; EXCEPTIONREGISTRATIONRECORD, PEXCEPTIONREGISTRATIONRECORD; / first ER struct o...

Sonique 1.96 Buffer Overflow

Application: Sonique BOF EIP Overwrite Version: 1.96 Author: Securityxxxpert Date Submitted: May 17, 2011 Download Link: http://www.tucows.com/preview/193562 Tested on: Windows XP SP3 EIP Overwritten: 239 Bytes Pita Bytes: 0x00 0x83 0x88 0x93 Notes: Not universal, find your own offsets if not SP3...

Sonique 1.96 .m3u Buffer Overflow

Exploit for windows platform in category local exploits Application: Sonique BOF EIP Overwrite Version: 1.96 Author: Securityxxxpert Date Submitted: May 17, 2011 Download Link: http://www.tucows.com/preview/193562 Tested on: Windows XP SP3 EIP Overwritten: 239 Bytes Pita Bytes: 0x00 0x83 0x88 0x9...

Sonique 1.96 - .m3u Local Buffer Overflow

Sonique 1.96 - .m3u Local Buffer Overflow Application: Sonique BOF EIP Overwrite Version: 1.96 Author: Securityxxxpert Date Submitted: May 17, 2011 Download Link: http://www.tucows.com/preview/193562 Tested on: Windows XP SP3 EIP Overwritten: 239 Bytes Pita Bytes: 0x00 0x83 0x88 0x93 Notes: Not...

The Social-Engineer Toolkit v1.3.5 Released !

The Social-Engineer Toolkit v1.3.5 Released ! "The Social Engineering Toolkit SET is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It's main purpose is to augment and simulate social-engineering attacks and allow the tester to...

kernel security and bug fix update

2.6.9-89.35.1.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...

Securing Your Security Budget: A Failure To Communicate

With increasingly sophisticated exploits and well-informed adversaries targeting systems and data – fighting for more security budget is essential. Too bad, then, that management doesn’t always agree. Why doesn’t management always see the threats same as many security processionals? Maybe the...

2011: What's Your IT Security Plan?

A gusher of Web applications vulnerabilities, malicious insiders and sophisticated malware threaten networks and data. To keep your systems reasonably secure, what will your security focus be during the year ahead? The answer to that question might depend on what kind of business you’re in – or...

Winamp 5.6 - 'MIDI Parser' Arbitrary Code Execution

http://www.kryptoslogic.com/advisories/2010/kryptoslogic-winamp-midi.txt PoC: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/15706.c ==-===-=====-=======-===========-=============-================= Winamp 5.6 Arbitrary Code Execution in MIDI Parser Kryptos Logic,...

Winamp 5.6 - MIDI Parser Arbitrary Code Execution

Winamp 5.6 - MIDI Parser Arbitrary Code Execution http://www.kryptoslogic.com/advisories/2010/kryptoslogic-winamp-midi.txt PoC: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/15706.c ==-===-=====-=======-===========-=============-================= Winamp 5.6...

kernel security and bug fix update

2.6.9-89.31.1.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...

Fedora 14 : glibc-2.12.90-17 (2010-16308)

Implement accurate fma BZ3268, 43358 - Fix alignment of AVX save area on x86-64 BZ12113 - Fix regex memory leaks BZ12078 - Improve output of psiginfo BZ12107, BZ12108 - Don't return NULL address in getifaddrs BZ12093 - Fix strstr and memmem algorithm BZ12092, 641124 - Don't discard result of...

kernel security update

2.6.9-89.0.29.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...

kernel security and bug fix update

2.6.9-89.0.26.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...

kernel security and bug fix update

2.6.9-89.0.23.0.1 - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...

kernel security and bug fix update

2.6.9-89.0.20.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race...

SuSE 11 Security Update : wireshark (SAT Patch Number 1606)

Version upgrade of wireshark fix multiple vulnerabilities : - The Paltalk dissector could crash on alignment-sensitive processors. CVE-2009-3549: CVSS v2 Base Score: 5.0 MEDIUM - The DCERPC/NT dissector could crash. CVE-2009-3550: CVSS v2 Base Score: 4.3 MEDIUM - The SMB dissector could crash...

Wireshark Multiple Denial Of Service Vulnerabilities - Nov09 (Windows)

This host is installed with Wireshark and is prone to multiple Denial of Service vulnerabilities. OpenVAS Vulnerability Test $Id: gbwiresharkmultdosvulnnov09win.nasl 4906 2017-01-02 13:06:55Z teissa $ Wireshark Multiple Denial Of Service Vulnerabilities - Nov09 Windows Authors: Antu Sanadi...

kernel security and bug fix update

2.6.9-89.0.15.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race...