USN-2419-1: Linux kernel (Trusty HWE) vulnerabilities

A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service kill arbitrary processes, or system disruption by leveraging /dev/kvm access...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2419-1)

A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service kill arbitrary processes, or system disruption by leveraging /dev/kvm access...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2420-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2420-1 advisory. A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream -longterm 3.14.23 and fixes the following security issues: The kvmiommumappages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to 1 caus...

CVE-2014-7970

The pivotroot implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service mount-tree loop via . dot values in both arguments to the pivotroot system call...

CentOS 5 : bind97 (CESA-2014:1244)

Updated bind97 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Moderate: Red Hat Security Advisory: bind97 security and bug fix update

Updated bind97 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Gopherd <= 3.0.5 FTP Gateway Remote Overflow Exploit

No description provided by source. / UMN gopherd2.x.x/3.x.x: remote ftp gateway buffer overflow. by: vade79/v9 v9 at fakehalo.deadpig.org fakehalo/realhalo three years since last audit, code is a little more secure. but, still found a few potentially exploitable situations. this exploits the ftp...

Linux VServer Project 1.2x CHRoot Breakout Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9596/info VServer is reported prone to a breakout vulnerability that allows a malicious user to escape from the context of the chrooted root directory of the virtual server. This issue is due to the VServer application...

Hylafax 4.1.x HFaxD Unspecified Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9005/info Hylafax hfaxd daemon has been reported prone to an unspecified format string vulnerability that may be exploited under non-standard configurations to execute arbitrary instructions remotely as the root user. /...

wu-ftpd <= 2.6.1 - Remote Root Exploit

No description provided by source. / 7350wurm - x86/linux wuftpd remote root exploit TESO CONFIDENTIAL - SOURCE MATERIALS This is unpublished proprietary source code of TESO Security. The contents of these coded instructions, statements and computer programs may not be disclosed to third parties,...

wu-ftpd 2.4.2/2.5 .0/2.6 .0/2.6.1/2.6.2 - FTP Conversion Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2240/info Some FTP servers provide a conversion service that pipes a requested file through a program, for example a decompression utility such as tar, before it is passed to the remote user. Under some configurations whe...

Linux Kernel 2.6.x CIFS CHRoot Security Restriction Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17742/info The Linux Kernel is prone to a vulnerability that allows attackers to bypass a security restriction. This issue is due to a failure in the kernel to properly sanitize user-supplied data. The problem affects...

linux chroot()/execve() code

No description provided by source. / This is Linux chroot/execve code.It is 80 bytes long.I have some ideas how to make it smaller, but till then use this one. signed predator linux registered user : 181116 preedatoratsendmaildotru / char...

linux/x86 break chroot setuid(0) + /bin/sh 132 bytes

No description provided by source. / Linux/x86 - setreuid0, 0; - chroot-break make a temp dir with mkdir, chroot to tempdir, go through a loop of chdir..; then a final chroot.; - execve of /bin/sh used in several wu-ftpd, beroftpd and proftpd exploits, amongst others / include stdio.h char c0de =...

Netscape Professional Services FTP Server (LDAP Aware) 1.3.6 FTP Server Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1411/info Certain versions of the LDAP-aware Netscape Professional Services FTP Server distributed with Enterprise Web Server have a serious vulnerability which may lead to a remote or local root compromise. The...

Digital Ultrix 4.0/4.1 /usr/bin/chroot Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17/info By default, /usr/bin/chroot is improperly installed in Ultrix versions 4.0 and 4.1. Anyone can execute /usr/bin/chroot this can lead to system users to gain unauthorized privileges. $ mkdir /tmp/etc $ echo...

GlFtpd 1.17.2 - Remote Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/891/info GlFtpd is a popular alternative to the mainstream unix ftp daemons and is currently in wide use on the internet. There are three known serious vulnerabilities in GlFtpd. The first problem is an account which is...

Linux Kernel 2.6.x SMBFS CHRoot Security Restriction Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17735/info The Linux Kernel is prone to a vulnerability that allows attackers to bypass a security restriction. This issue is due to a failure in the kernel to properly sanitize user-supplied data. The problem affects...

ManTrap 1.6.1 Root Directory Inode Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1909/info ManTrap is a honeypot intrusion detection system designed to lure attackers into it for analysis. The honeypot is implemented as a chroot'ed Solaris environment, designed to look and feel real to an attacker who...