Linux Kernel "execve()"内存扩展"OOM-killer"本地拒绝服务漏洞

BUGTRAQ ID: 45004 CVE ID: CVE-2010-4243 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的"OOM-killer"功能在实现上存在安全漏洞，本地攻击者可利用此漏洞终止不相关的进程，造成拒绝服务。 漏洞源于oomkill函数看不到没有附加到任何线程的已分配内存。 Linux kernel 2.6.24.3 - 2.6.37 RedHat Enterprise Linux Desktop v.5 client 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载...

Linux Kernel 'drivers/scsi/gdth.c' IOCTL本地特权提升漏洞

Bugtraq ID: 44648 CVE ID：CVE-2010-4157 CNCVE ID：CNCVE-20104157 Linux是一款开放源代码的操作系统。 gdthioctlalloc接收整数类型大小变量，copyfromuser接收无符长整型大小变量。gen.datalen和gen.senselen为符长整型，在x8664上长型为64位，整数为32位。 传递超大值，内存分配会截断大小为32位而分配较小的缓冲区，在copyfromuser函数中可触发内存破坏。 RedHat Enterprise MRG v1 for Red Hat Enterprise Linux versi...

Microsoft SMB Server Trans2 Zero Size Pool Alloc (MS10-054)

No description provided by source. !/usr/bin/env python import sys,struct,socket from socket import if lensys.argv=2: print '' print ' MS10-054 Proof Of Concept by Laurent Gaffie' print ' Usage: python '+sys.argv0+' TARGET SHARE-NAME No backslash' print ' Example: python '+sys.argv0+' 192.168.8.1...

kernel security update

2.6.9-89.0.16.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race...

Netscape 'select()' Object Denial Of Service Vulnerability - Windows

Netscape browser is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200403-12 (openldap)

The remote host is missing updates announced in advisory GLSA 200403-12. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-200611-18 : TIN: Multiple buffer overflows

The remote host is affected by the vulnerability described in GLSA-200611-18 TIN: Multiple buffer overflows Urs Janssen and Aleksey Salow have reported multiple buffer overflows in TIN. Additionally, the OpenPKG project has reported an allocation off-by-one flaw which can lead to a buffer overflo...