gdb: Multiple vulnerabilities

Background gdb is the GNU project's debugger, facilitating the analysis and debugging of applications. The BFD library provides a uniform method of accessing a variety of object file formats. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered an integer overflow in the B...

Multiple gdb GNU debugger vulnerabilities

Multiple vulnerabilities, including integer overflows...

CVE-2005-0770

Format string vulnerability in DataRescue Interactive Disassembler and Debugger IDA Pro 4.7.0.830 allows remote attackers or local users to cause a denial of service CPU consumption or application crash and possibly execute arbitrary code via format string specifiers in a dynamic link library DLL...

WinHex 12.05 SR-14 (maybe others)

WinHex 12.05 SR-14 maybe others number: 18 author: darkeagle mail: darkeagle at linkin-park dot cc || darkeagle at unl0ck dot org date: 14.04.05 vendor: http://www.x-ways.net/ overview: WinHex is a powerfully hex editor in win32 systems. details: I'mma found heap corruption bug in latest version ...

PVDasm disassembler/debugger buffer overflow

Buffer overflow on oversized module name...

OllyDbg debugger buffer oveflow

Buffer overflow on oversized program module...

ADVISORY: DataRescue Interactive Disassembler Pro Debugger Format String Vulnerability

DataRescue Interactive Disassembler Pro Debugger Format String Vulnerability by Piotr Bania [email protected] http://pb.specialised.info Severity: High / Medium - code execution. Versions affected: Probably all versions, however tested on 4.7.0.830. I. BACKGROUND "The IDA Pro Disassembler and...

W32Dasm disassembler debugger buffer overflow

Buffer overflow on oversized function name...

Microsoft Windows - Compressed Zipped Folders (MS04-034)

/ Microsoft Windows Vulnerability in Compressed zipped Folders MS04-034 Tested under Windows XP SP0 Spanish/English Original Advisory: http://www.eeye.com/html/research/advisories/AD20041012A.html Exploit Date: 21/10/2004 Tarako - Haxorcitos.com 2004 THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY ...

MS Windows Compressed Zipped Folders Exploit (MS04-034)

Exploit for unknown platform in category remote exploits ======================================================= MS Windows Compressed Zipped Folders Exploit MS04-034 ======================================================= / Microsoft Windows Vulnerability in Compressed zipped Folders MS04-034...

[FMADV] Format String Bug in OllyDbg 1.10

FMADV - OllyDbg Format String Bug Introduction: There exists a format string bug in the code that handles Debugger Messages in OllyDbg. This means any traced application can crash OllyDbg and execute machine code. About From the Webpage: OllyDbg is a 32-bit assembler level analysing debugger for...

Confixx 2 - Perl Debugger Remote Command Execution

source: https://www.securityfocus.com/bid/9831/info The Confixx PERL debugging utility functionality has been reported to be prone to a remote command execution vulnerability. The issue is reported to occur when a command sequence is appended to a HTTP request for a PERL script resource, the...

CVE-2003-0112

CVE-2003-0112 corresponds to a local privilege‑escalation in the Windows kernel. Technical details from connected docs show a buffer/stack overflow in ntoskrnl.exe related to debugging message handling (LpcRequestWaitReplyPort), enabling a local attacker to execute code with kernel privileges. Af...

CVE-2002-2099

Buffer overflow in the GNU DataDisplay Debugger DDD 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE...

Security Bulletin MS02-024: Authentication Flaw in Windows Debugger can Lead to Elevated Privileges (Q320206)

---------------------------------------------------------------------- Title: Authentication Flaw in Windows Debugger can Lead to Elevated Privileges Q320206 Date: 22 May 2002 Software: Microsoft Windows Impact: Elevation of Privilege Max Risk: Critical Bulletin: MS02-024 Microsoft encourages...

MS02-024: Windows Debugger flaw can Lead to Elevated Privileges (320206)

The remote host contains a flaw in the Windows Debugger that could allow a local user to elevate his privileges. To exploit this vulnerability, a user needs to send a specially crafted code to the Debbuging handler to execute arbitrary code with SYSTEM privileges. %NASLMINLEVEL 70300 C Tenable...

Etnus TotalView 5.

Program: Etnus TotalView Version: 5.0.0-4 DESCRIPTION ----------- TotalView is a multiprocess source-level debugger for programs written in the C, C++, and Fortran programming languages. TotalView is part of a suite of programming tools from Etnus, LLC. PROBLEM ------- Failed to install the files...

CVE-2001-0653

CVE-2001-0653 affects Sendmail 8.10.0–8.11.5 and 8.12.0 beta. The root cause is an input-validation/overflow in the debugger (-d) category handling: a large numeric value can be interpreted as a signed negative index, bypassing bounds checks and allowing local writes to process memory. Consequenc...

CVE-1999-1077

Idle locking function in MacOS 9 allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock...

Sendmail 8.118.12 Debugger - Arbitrary Code Execution (3)

Sendmail 8.118.12 Debugger - Arbitrary Code Execution 3 source: https://www.securityfocus.com/bid/3163/info An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in the program's tTflag function, which is responsible for...