385 matches found
libarchive: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite
A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive...
Important: Red Hat Security Advisory: libarchive security update
An update for libarchive is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Important: Red Hat Security Advisory: Red Hat OpenShift Enterprise 3.1 security update
An update for Red Hat OpenShift Enterprise 3.1 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
libarchive: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite
A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive...
libarchive: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite
A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive...
CVE-2016-5418
A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive...
DEBIAN-CVE-2016-6198
The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service system crash via a rename system call, related to fs/namei.c and fs/open.c...
DEBIAN-CVE-2016-6197
fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service system crash via a rename system call that...
UBUNTU-CVE-2016-6198
The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service system crash via a rename system call, related to fs/namei.c and fs/open.c...
UBUNTU-CVE-2016-6197
fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service system crash via a rename system call that...
GlassWire: Bypass GlassWire's monitoring of Hosts file
Product version: 1.2.64beta OS version: Windows 8.1 Enterprise x86 If a program modifies the Hosts file C:\Windows\System32\drivers\etc\hosts, GlassWire notifies the user that "system file changed" with the path of the hosts file see attachment "screenshothostschanged.png". I discover that a...
Fedora 22 : opensmtpd-5.7.3p1-1.fc22 (2015-fd133d52cc)
"Issues fixed in this release since 5.7.2: - fix an mda buffer truncation bug which allows a user to create forward files that pass session checks but fail delivery later down the chain, within the user mda; - fix remote buffer overflow in unprivileged pony process; - reworked offline enqueue to...
Fedora 23 : opensmtpd-5.7.3p1-1.fc23 (2015-ed1c673f09)
"Issues fixed in this release since 5.7.2: - fix an mda buffer truncation bug which allows a user to create forward files that pass session checks but fail delivery later down the chain, within the user mda; - fix remote buffer overflow in unprivileged pony process; - reworked offline enqueue to...
Man-db 2.6.7.1 - Local Privilege Escalation
Man-db 2.6.7.1 - Local Privilege Escalation / EDB Note: man:man - man:root http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/ man:root - root:root http://www.halfdog.net/Security/2015/MandbSymlinkLocalRootPrivilegeEscalation/ CreateSetgidBinary.c...
MacOS X 10.11 Hardlink Resource Exhaustion
/ MacOS X 10.11 hardlink bomb cause resource exhaustion Avast PoC Credit: Maksymilian Arciemowicz CXSECURITY Website: http://cxsecurity.com/ http://cert.cx/ Affected software: - Commands such as: zip, tar, find - AntiVirus: Avast, Eset32 Let's back to an old bug, which Apple does not patch until...
opensmtpd: multiple issues
an oversight in the portable version of fgetln that allows attackers to read and write out-of-bounds memory - multiple denial-of-service vulnerabilities that allow local users to kill or hang OpenSMTPD - a stack-based buffer overflow that allows local users to crash OpenSMTPD, or execute...
FreeBSD : OpenSMTPD -- multiple vulnerabilities (ee7bdf7f-11bb-4eea-b054-c692ab848c20)
OpenSMTPD developers report : an oversight in the portable version of fgetln that allows attackers to read and write out-of-bounds memory multiple denial-of-service vulnerabilities that allow local users to kill or hang OpenSMTPD a stack-based buffer overflow that allows local users to crash...
OpenSMTPD -- multiple vulnerabilities
OpenSMTPD developers report: fix an mda buffer truncation bug which allows a user to create forward files that pass session checks but fail delivery later down the chain, within the user mda fix remote buffer overflow in unprivileged pony process reworked offline enqueue to better protect against...
OpenSMTPD -- multiple vulnerabilities
OpenSMTPD developers report: an oversight in the portable version of fgetln that allows attackers to read and write out-of-bounds memory multiple denial-of-service vulnerabilities that allow local users to kill or hang OpenSMTPD a stack-based buffer overflow that allows local users to crash...
Mozilla Maintenance Service Log File Overwrite Elevation of Privilege
Source: https://code.google.com/p/google-security-research/issues/detail?id=427&can=1 Mozilla Maintenance Service: Log File Overwrite Elevation of Privilege Platform: Windows Version: Mozilla Firefox 38.0.5 Class: Elevation of Privilege Summary: The maintenance service creates a log file in a use...