449 matches found
Sun Solaris I_PEEK IOCTL处理器信息泄露漏洞
Sun Solaris是一款商业性质的操作系统。 Sun Solaris IPEEK IOCTL处理器存在整数无符号错误,本地攻击者可以利用漏洞获得内存敏感信息。 Sun Solaris内核提供的FIFO FS先进先出文件系统服务用于IPC通信,一个FIFO代表文件系统中的节点类似windows系统中的有名管道概念。 kernel FIFOs ioctl处理器存在漏洞,IPEEK ioctl用于进程查看包含在FIFO中的字节数,而实际该操作并清除队列中的消息。这个命令的其中一个参数代表要取数的字节数,是符号整数值,由于这个参数没有正确验证,提供负值可导致内核内存内容被泄露。 Sun...
CVE-2007-5225
Integer signedness error in FIFO filesystems named pipes on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the IPEEK ioctl...
Integer overflow
Integer signedness error in FIFO filesystems named pipes on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the IPEEK ioctl...
CVE-2007-5225
CVE-2007-5225 is a Solaris local-privilege/ memory-leak issue caused by an integer signedness error in fifofs (FIFO filesystems) that allows a local user to read unspecified memory via a negative value to the I_PEEK ioctl on Solaris 8–10. For Solaris 10, patches exist: 127738-01 for x86 and 12773...
Sun Solaris FIFO filesystem information leak
Integer overflow on IOCTL processing allows large memory regions reading...
iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability
Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability iDefense Security Advisory 10.02.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 02, 2007 I. BACKGROUND Solaris is a UNIX operating system developed by Sun Microsystems. More information can be found at the...
openssh43p1DoS.txt
!/bin/bash OpenSSH CRC compensation attack detection DoS PoC. Tavis Ormandy Yes, I really did implement crc-32 in bash. usage: script victim hostname hostname=$1:-localhost port=$2:-22 where the fifo is created to communicate with netcat fifo=/tmp/nc.$$ make the fifos mkfifo $fifo.in mkfifo...
CVE-2002-0767
simpleinit on Linux systems does not close a read/write FIFO file descriptor before creating a child process, which allows the child process to cause simpleinit to execute arbitrary programs with root privileges...
CVE-2002-0767
The CVE-2002-0767 issue affects Linux systems running the simpleinit component. The root cause is that simpleinit does not close a read/write FIFO file descriptor before forking a child process. Consequently, the child process can cause simpleinit to execute arbitrary programs with root privilege...