Code injection

The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain root privileges...

CVE-2007-5194

The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain root privileges...

RMake privilege escalation

/dev/zero device works as /dev/port in chrooted environment...

cpuset information leak

Integer underflow in the cpusettasksread function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file...

CentOS 4 : cyrus-sasl (CESA-2007:0795)

An updated cyrus-sasl package that addresses a security issue and fixes various other bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The cyrus-sasl package contains the Cyrus implementation...

cyrus security update

CentOS Errata and Security Advisory CESA-2007:0795 An updated cyrus-sasl package that addresses a security issue and fixes various other bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The...

Moderate: Red Hat Security Advisory: cyrus-sasl security and bug fix update

An updated cyrus-sasl package that addresses a security issue and fixes various other bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The cyrus-sasl package contains the Cyrus implementation...

Live for Speed S1/S2/Demo (.ply file) Buffer Overflow Exploit

No description provided by source. / 0day Live for speed patch x s2 /s1 and demo local .ply File buffer over flow Live for speed .ply file is a set up file,This file is shared amongst user's Who want stylish number plate's on there car's the buffer over flow happened with An overly long number...

Alphanumeric Shellcode Encoder Decoder

Exploit for generator platform in category shellcode ====================================== Alphanumeric Shellcode Encoder Decoder ====================================== / //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////...

Debian DSA-1343-1 : file - integer overflow

Colin Percival discovered an integer overflow in file, a file type classification tool, which may lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

CVE-2007-3532

CVE-2007-3532 affects NVIDIA drivers (nvidia-drivers) prior to 1.0.7185, 1.0.9639, and 100.14.11 when used in Gentoo Linux and possibly other distributions. The vulnerability arises because the default driver setup creates /dev/nvidia* device files with insecure permissions, enabling a local atta...

iDefense Security Advisory 06.07.07: Linux Kernel cpuset tasks Information Disclosure Vulnerability

Linux Kernel cpuset tasks Information Disclosure Vulnerability iDefense Security Advisory 06.07.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 07, 2007 I. BACKGROUND Linux is a clone of the UNIX operating system, written from scratch by Linus Torvalds with assistance from a...

Buffer overflow

Multiple buffer overflows in RControl.dll in Remote Display Dev kit 1.2.1.0 allow remote attackers to cause a denial of service Internet Explorer 7 crash via 1 a long first argument to the connect function or 2 a long InternalServer property value, possibly involving ntdll.dll...

CVE-2007-2623

Multiple buffer overflows in RControl.dll in Remote Display Dev kit 1.2.1.0 allow remote attackers to cause a denial of service Internet Explorer 7 crash via 1 a long first argument to the connect function or 2 a long InternalServer property value, possibly involving ntdll.dll...

CVE-2007-2623

Multiple buffer overflows in RControl.dll in Remote Display Dev kit 1.2.1.0 allow remote attackers to cause a denial of service Internet Explorer 7 crash via 1 a long first argument to the connect function or 2 a long InternalServer property value, possibly involving ntdll.dll...

CVE-2007-2623

CVE-2007-2623 describes multiple buffer overflows in RControl.dll of Remote Display Dev kit 1.2.1.0 that allow remote denial of service (IE7 crash) via either (1) a long first argument to the connect function or (2) a long InternalServer property value, potentially involving ntdll.dll. The availa...

CVE-2007-2592

Multiple cross-site scripting XSS vulnerabilities in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allow remote attackers to inject arbitrary web script or HTML via the 1 username...

Remote Display Dev kit 1.2.1.0 - RControl.dll Denial of Service

Remote Display Dev kit 1.2.1.0 - RControl.dll Denial of Service 2007/05/10 ----------------------------------------------------------------------------- RControl.dll v. 1.2.1.0 Denial of Service Exploit url: http://www.fruit2004.com/ price: only $20 : author: shinnai mail: shinnaiatautisticidotor...

Remote Display Dev kit 1.2.1.0 - 'RControl.dll' Denial of Service

2007/05/10 ----------------------------------------------------------------------------- RControl.dll v. 1.2.1.0 Denial of Service Exploit url: http://www.fruit2004.com/ price: only $20 : author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org Tested on Windows XP...

Remote Display Dev kit 1.2.1.0 RControl.dll Denial of Service Exploit

Exploit for unknown platform in category dos / poc ===================================================================== Remote Display Dev kit 1.2.1.0 RControl.dll Denial of Service Exploit ===================================================================== 2007/05/10...