2582 matches found
Mandriva Linux Security Advisory : kernel (MDVSA-2009:135)
Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel : The selinuxippostrouteiptablescompat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compatnet is enabled, omits calls to avchasperm...
kernel: exit_notify: kill the wrong capable(CAP_KILL) check
The exitnotify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAPKILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exitsignal field and then uses an exec system...
cpCommerce 1.2.x File Inclusion
!/usr/bin/perl cpCommerce 1.2.x GLOBALSprefix Arbitrary File Inclusion Exploit by staker mail: stakerathotmaildotit url: http://cpcommerce.cpradio.org it works with registerglobals=on if you wanna carry out a LFI - mq=off short explanation: cpCommerce contains one flaw that allows an attacker to...
nfs-utils security and bug fix update
1.0.6-93.EL4 - Updated the tcpwrapper code to handle hostnames bz 467312 1.0.6-92.EL4 - Rebuilt to fix tcpwrapper dependency on x8664 archs. 1.0.6-91.EL4 - Added a run-time dependency on the tcpwrapper package. 1.0.6-90.EL4 - Fixed lockd not using settings in sysconfig/nfs bz 461043 - Fixed...
kernel: exit_notify: kill the wrong capable(CAP_KILL) check
The exitnotify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAPKILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exitsignal field and then uses an exec system...
kernel: exit_notify: kill the wrong capable(CAP_KILL) check
The exitnotify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAPKILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exitsignal field and then uses an exec system...
kernel: exit_notify: kill the wrong capable(CAP_KILL) check
The exitnotify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAPKILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exitsignal field and then uses an exec system...
CVE-2009-1337
The exitnotify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAPKILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exitsignal field and then uses an exec system...
DEBIAN-CVE-2009-0938
Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service exit node crash via "malformed input."...
CVE-2009-0938
Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service exit node crash via "malformed input."...
CVE-2009-0938
Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service exit node crash via "malformed input."...
Linux/x86-64bits - execve("/bin/sh", ["/bin/sh"], NULL) - 33 bytes
No description provided by source. Linux/X86-64 Dummy for shellcode: execve"/bin/sh", "/bin/sh", NULL hophet at gmail.com .text .globl start start: xorq %rdx, %rdx movq $0x68732f6e69622fff,%rbx shr $0x8, %rbx push %rbx movq %rsp,%rdi xorq %rax,%rax pushq %rax pushq %rdi movq %rsp,%rsi mov $0x3b,%...
linux/x86 chmod("/etc/shadow",666) & exit(0) 30 bytes
No description provided by source. / Linux/x86 - chmod"/etc/shadow",666 & exit0 Info reg ------------------ %eax = 15 %ebx = /etc/shadow %ecx = 666 %eax = 1 %ebx = 0 Shellcode 30 bytes Author: Jonathan Salwan submit AT shell-storm.org Web: http://www.shell-storm.org Disassembly of section .text:...
Linux/x86 - exit(1) - 7 bytes
No description provided by source. / exit-core.c by Charles Stevenson [email protected] I made this as a chunk you can paste in to make modular remote exploits. I use it when I need a process to exit cleanly. / char hellcode = / exit1; linux/x86 by core / // 7 bytes exit1 ... 'cause we're nice : by...
Code injection
Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry router and an exit router, to confirm that a sender and receiver are communicating via vectors involving 1 replaying, 2 modifying, 3 inserting, or 4 deleting a single cell, and then observing cell...
CVE-2009-0654
Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry router and an exit router, to confirm that a sender and receiver are communicating via vectors involving 1 replaying, 2 modifying, 3 inserting, or 4 deleting a single cell, and then observing cell...
DEBIAN-CVE-2009-0654
Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry router and an exit router, to confirm that a sender and receiver are communicating via vectors involving 1 replaying, 2 modifying, 3 inserting, or 4 deleting a single cell, and then observing cell...
linux/x86 chmod"/etc/shadow",666 & exit0 30 bytes
linux/x86 chmod"/etc/shadow",666 & exit0 30 bytes. Shellcode exploit for linx86 platform / Linux/x86 - chmod"/etc/shadow",666 & exit0 Info reg ------------------ %eax = 15 %ebx = /etc/shadow %ecx = 666 %eax = 1 %ebx = 0 Shellcode 30 bytes Author: Jonathan Salwan Web: http://www.shell-storm.org...
Linux/x86 - setuid(0) & chmod("/tmp",111) & exit(0)
No description provided by source. / Linux/x86 - setuid0 & chmod"/tmp",111 & exit0 Info reg ------------------ %eax = 23 %ebx = 0 %eax = 15 %ebx = /tmp %ecx = 111 %eax = 1 %ebx = 0 Shellcode 25 bytes Author: Jonathan Salwan submit AT shell-storm.org Web: http://www.shell-storm.org Disassembly of...
Open redirect
Open redirect vulnerability in the ibmsecuritylogout servlet in IBM WebSphere Application Server WAS 5.1.1.19 and earlier 5.x versions, 6.0.x before 6.0.2.33, and 6.1.x before 6.1.0.23 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the...