5 matches found
CVE-2014-5439
Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit prior to 0.3.7 via a crafted configuration file that will bypass Non-eXecutable bit NX, stack smashing protector SSP, and address space layout randomization ASLR protection mechanisms, which could let a malicious user execute...
DEBIAN-CVE-2014-5439
Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit prior to 0.3.7 via a crafted configuration file that will bypass Non-eXecutable bit NX, stack smashing protector SSP, and address space layout randomization ASLR protection mechanisms, which could let a malicious user execute...
CVE-2014-5439
SniffIt before 0.3.7 contains multiple stack-based buffer overflow vulnerabilities triggered by crafted configuration files, allowing arbitrary code execution (as reported across NVD/OSV/Ubuntu/Debian advisories). The issue bypasses NX/SSP/ASLR protections and is documented in multiple feeds (NVD...
[SECURITY] [DLA 713-1] sniffit security update
Package : sniffit Version : 0.3.7.beta-16.1+deb7u1 CVE ID : CVE-2014-5439 Debian Bug : 845122 It was discovered that there was a buffer overflow in the packet sniffer and monitoring tool "sniffit" which allowed a specially-crafted configuration file to provide a root shell. For Debian 7 "Wheezy",...
CVE-2014-5439 - Root shell on Sniffit [with exploit]
CVE-2014-5439 - Root shell on Sniffit Sniffit is a packet sniffer and monitoring tool. The attacker can create a specially-crafted sniffit configuration file, which is able to bypass all three protection mechanisms: - Non-eXecutable bit NX - Stack Smashing Protector SSP - Address Space Layout...