649 matches found
Fedora 14 : systemtap-1.4-6.fc14 (2011-7302)
Two divide-by-zero flaws were found in the way systemtap interpreted certain corrupted DWARF expressions. A privileged user able to execute arbitrary systemtap scripts could be tricked into triggering this flaw to crash the target machine. An unprivileged user in the stapusr group may be able to...
Fedora 12 : systemtap-1.1-1.fc12 (2010-0688)
Fixes CVE-2009-4273 Bugzilla 550172: https://bugzilla.redhat.com/showbug.cgi?id=CVE-2009-4273 New upstream release containing new features and bug fixes: better support for gcc 4.5 richer DWARF debuginfo, new preprocessor conditional for kernel 'CONFIG' testing, improved experimental unprivileged...
Fedora 11 : systemtap-1.1-1.fc11 (2010-0671)
Fixes CVE-2009-4273 Bugzilla 550172: https://bugzilla.redhat.com/showbug.cgi?id=CVE-2009-4273 New upstream release containing new features and bug fixes: better support for gcc 4.5 richer DWARF debuginfo, new preprocessor conditional for kernel 'CONFIG' testing, improved experimental unprivileged...
DEBIAN-CVE-2009-2911
SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to 1 cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, 2 cause a denial of service...
CVE-2009-2911
SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to 1 cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, 2 cause a denial of service...
CVE-2009-2911
SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to 1 cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, 2 cause a denial of service...
CVE-2009-2911
SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to 1 cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, 2 cause a denial of service...
PHPg 1.6 (XSS/PD/DoS) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ===================================================== PHPg 1.6 XSS/PD/DoS Multiple Remote Vulnerabilities ===================================================== PHPg 1.6 has a few XSSes, path disclosures, and a DoS vulnerability. Home:...
phpg 1.6 - Cross-Site Scripting Full Path Disclosure Denial of Service
phpg 1.6 - Cross-Site Scripting Full Path Disclosure Denial of Service PHPg 1.6 has a few XSSes, path disclosures, and a DoS vulnerability. Home: http://black-dwarf.com HS: http://www.hotscripts.com/Detailed/86225.html Found by: Anarchy Angel - http://hha.zapto.org Temp XSS:...
phpg 1.6 - Cross-Site Scripting / Full Path Disclosure / Denial of Service
PHPg 1.6 has a few XSSes, path disclosures, and a DoS vulnerability. Home: http://black-dwarf.com HS: http://www.hotscripts.com/Detailed/86225.html Found by: Anarchy Angel - http://hha.zapto.org Temp XSS: http://site.com/phpg/index.php?url=" XSS Temp XSS:...
Fedora Core 6 : kernel-2.6.22.14-72.fc6 (2007-759)
Update to Linux 2.6.22.14: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.10 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.11 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.12 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.13...
CentOS 3 : gdb (CESA-2007:0469)
An updated gdb package that fixes a security issue and various bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. GDB, the GNU debugger, allows debugging of programs written in C, C++, and other languages by executing them in a...
GDB buffer overflow
Buffer overflow in the 1 DWARF dwarfread.c and 2 DWARF2 dwarf2read.c debugging code in GNU Debugger GDB 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block DWFORMblock that contains a large number of operations...
gdb security update
CentOS Errata and Security Advisory CESA-2007:0229 An updated gdb package that fixes a security issue and various bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. GDB, the GNU debugger, allows debugging of programs written in C...
GDB buffer overflow
Buffer overflow in the 1 DWARF dwarfread.c and 2 DWARF2 dwarf2read.c debugging code in GNU Debugger GDB 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block DWFORMblock that contains a large number of operations...
Low: Red Hat Security Advisory: gdb security and bug fix update
An updated gdb package that fixes a security issue and various bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. GDB, the GNU debugger, allows debugging of programs written in C, C++, and other languages by executing them in a...
GDB DWARF多个缓冲区溢出漏洞
GDB是一个用来调试C和C++程序的强力调试器。 GDB的DWARF和DWARF2代码中存在多个缓冲区溢出漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意指令。 DWARF规范允许使用包含有操作列表的位置描述块确定一些调试符的最终真实地址。GDB在一个未经检查的64字节栈缓冲区执行这些操作,这就允许任何包含有多于64个操作的位置块(DWFORMblock)使用用户数据覆盖当前的栈帧。dwarfread.c和dwarfread2.c中都存在这个问题。 GNU GDB 6.0 - 6.4 不要使用GDB调试可能包含有DWARF2调试信息的不可信任文件。 厂商补丁: GNU ---...
USN-356-1: gdb vulnerability
Will Drewry, of the Google Security Team, discovered buffer overflows in GDB's DWARF processing. This would allow an attacker to execute arbitrary code with user privileges by tricking the user into using GDB to load an executable that contained malicious debugging information...
GDB GNU debugger buffer overflow
Buffer overflow on DWARF section parsing...
[SA21713] GDB "DWARF" Buffer Overflow Vulnerabilities
TITLE: GDB "DWARF" Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA21713 VERIFY ADVISORY: http://secunia.com/advisories/21713/ CRITICAL: Less critical IMPACT: DoS, System access WHERE: From remote SOFTWARE: GDB 6.x http://secunia.com/product/5137/ DESCRIPTION: Will Drewry has reported some...