UBUNTU-CVE-2016-3135

Integer overflow in the xtalloctableinfo function in net/netfilter/xtables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service heap memory corruption via an IPTSOSETREPLACE setsockopt call...

UBUNTU-CVE-2013-7348

Double free vulnerability in the ioctxalloc function in fs/aio.c in the Linux kernel before 3.12.4 allows local users to cause a denial of service system crash or possibly have unspecified other impact via vectors involving an error condition in the aiosetupring function...

Varnish 2.1.5 DoS in STV_alloc() while parsing Content-Length header

STValloc | st != NULL Authors: 22733db72ab3ed94b5f8a1ffcde850251fe6f466 c8e74ebd8392fda4788179f9a02bb49337638e7b AKAT-1 Versions: 2.1.5 Full panic message: Panic message: Assert error in STValloc, stevedore.c line 192:012 Conditionst != NULL not true. Summary: Varnish 2.1.5 crash and restart via...

kernel: 64-bit Compatibility Mode Stack Pointer Underflow

The compatallocuserspace functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the...

Microsoft SMB Server Trans2 Zero Size Pool Alloc (MS10-054)

Exploit for windows platform in category dos / poc =========================================================== Microsoft SMB Server Trans2 Zero Size Pool Alloc MS10-054 =========================================================== !/usr/bin/env python import sys,struct,socket from socket import if...

Microsoft - SMB Server Trans2 Zero Size Pool Alloc (MS10-054)

Microsoft - SMB Server Trans2 Zero Size Pool Alloc MS10-054 !/usr/bin/env python import sys,struct,socket from socket import if lensys.argv=2: print '' print ' MS10-054 Proof Of Concept by Laurent Gaffie' print ' Usage: python '+sys.argv0+' TARGET SHARE-NAME No backslash' print ' Example: python...

Microsoft - SMB Server Trans2 Zero Size Pool Alloc (MS10-054)

!/usr/bin/env python import sys,struct,socket from socket import if lensys.argv=2: print '' print ' MS10-054 Proof Of Concept by Laurent Gaffie' print ' Usage: python '+sys.argv0+' TARGET SHARE-NAME No backslash' print ' Example: python '+sys.argv0+' 192.168.8.101 users' print '...

Linux Kernel ALSA驱动snd-page-alloc本地Proc文件信息泄露漏洞

BUGTRAQ ID: 25807 CVECAN ID: CVE-2007-4571 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux系统的ALSA声卡驱动实现上存在漏洞，本地攻击者可能利用此漏洞获取内核内存中的敏感信息。 Linux Kernel在处理多个/proc/driver/snd-page-alloc文件的读操作时存在安全漏洞，sound/core/memalloc.c文件中如下定义了读操作的系统调用sndmemprocread： 484 static int sndmemprocreadchar page, char start, offt of...

Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure

/ source: https://www.securityfocus.com/bid/25774/info / The Linux kernel is prone to a local privilege-escalation vulnerability. Exploiting this issue may allow local attackers to gain elevated privileges, facilitating the complete compromise of affected computers. Versions of Linux kernel prior...