93 matches found
BlobRunner - Quickly Debug Shellcode Extracted During Malware Analysis
BlobRunner is a simple tool to quickly debug shellcode extracted during malware analysis. BlobRunner allocates memory for the target file and jumps to the base or offset of the allocated memory. This allows an analyst to quickly debug into extracted artifacts with minimal overhead and effort. To...
EulerOS Virtualization 2.5.1 : kernel (EulerOS-SA-2018-1263)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandle...
EulerOS Virtualization 2.5.0 : kernel (EulerOS-SA-2018-1266)
According to the version of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An address corruption flaw was discovered in the Linux kernel built with hardware breakpoint CONFIGHAVEHWBREAKPOINT support. While...
Amazon Linux AMI : kernel (ALAS-2018-1023)
A weakness was found in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. CVE-2018-1108 A flaw was found in the way the Linux kernel handled exceptions delivered after a stac...
Amazon Linux 2 : kernel (ALAS-2018-1023)
A weakness was found in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. CVE-2018-1108 A flaw was found in the way the Linux kernel handled exceptions delivered after a stac...
Important: kernel
Issue Overview: A weakness was found in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. CVE-2018-1108 A flaw was found in the way the Linux kernel handled exceptions...
SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1375-1) (Spectre)
The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-3639: Information leaks using 'Memory Disambiguation' feature in modern CPUs were mitigated, aka 'Spectre Variant 4' bnc1087082. A new boot...
kernel: ptrace() incorrect error handling leads to corruption and DoS
An address corruption flaw was discovered in the Linux kernel built with hardware breakpoint CONFIGHAVEHWBREAKPOINT support. While modifying a h/w breakpoint via 'modifyuserhwbreakpoint' routine, an unprivileged user/process could use this flaw to crash the system kernel resulting in DoS OR to...
kernel: ptrace() incorrect error handling leads to corruption and DoS
An address corruption flaw was discovered in the Linux kernel built with hardware breakpoint CONFIGHAVEHWBREAKPOINT support. While modifying a h/w breakpoint via 'modifyuserhwbreakpoint' routine, an unprivileged user/process could use this flaw to crash the system kernel resulting in DoS OR to...
Linux Kernel Denial of Service Vulnerability (CNVD-2018-10153)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. Linux Kernel suffers from a ptrace error handling denial of service vulnerability. A local user can exploit this...
UBUNTU-CVE-2018-1000199
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modifyuserhwbreakpoint that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in...
Take a look at the Denial of Service Vulnerability in Video Player
Look Video is an online video player. Look Video generates a breakpoint exception when processing certain avi files, which can be exploited to cause a denial of service attack...
WinDBG and JavaScript Analysis
This blog was authored by Paul Rascagneres.IntroductionJavaScript is frequently used by malware authors to execute malicious code on Windows systems because it is powerful, natively available and rarely disabled. Our previous article on .NET analysis generated much interest relating to how to use...
Breakpoint Panels - Critical - Unsupported - SA-CONTRIB-2017-028
Breakpoint panels adds a button to the Panels In-Place Editor for each pane. When selected, it will display checkboxes next to all of the breakpoints specified in that modules UI. Unchecking any of these will 'hide' it from that breakpoint. The security team is marking this module unsupported...
RealPlayer 18.1.5.705 - .QCP Crash (PoC)
RealPlayer 18.1.5.705 - .QCP Crash PoC Tested on: Win7 / Win10 x64 Date: October 20th 2016 Vendor homepage: http://www.real.com Software link: http://realplayer-download.real.com/free/windows/installer/stubinst/stub/rt1/T10EUDRP/RealTimes-RealPlayer.exe File version both realplay.exe and...
Ocean CMS to the latest version V6. 2 8 command execution 0DAY-vulnerability warning-the black bar safety net
t00ls a friend fuzz out of a 0day, but the analysis does not come out what's the problem, I analyze a bit. I is how to track this 0day? In fact, as long as the chase area parameters of the treated place. After a character is an illegal judgment, call echoSearchPagefunction area parameters after t...
Microsoft Office 2007 - mso.dll Arbitrary Free (MS15-081)
Microsoft Office 2007 - mso.dll Arbitrary Free MS15-081 Source: https://code.google.com/p/google-security-research/issues/detail?id=417&can=1 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testin...
Microsoft Office 2007 - 'mso.dll' Arbitrary Free (MS15-081)
Source: https://code.google.com/p/google-security-research/issues/detail?id=417&can=1 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug did not reproduce in Office...
JDWP Exploitation
JDWP Arbitrary Java Code Execution Exploitation =============================================== Java Debugging Wire Protocol JDWP is the lowlevel protocol used for communication between a debugger and a Java Virtual Machine JVM as outlined in the Java Platform Debugger Architecture. It is often...
Immunity Debugger v1.82 latest version download !
Immunity Debugger v1.82 latest version download ! "Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap analysis tool built specifically for heap creatio...