5 matches found
SUSE CVE-2009-4020
Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32 allows remote attackers to have an unspecified impact via a crafted Hierarchical File System HFS filesystem, related to the hfsreaddir function in fs/hfs/dir.c...
Linux Kernel 'hfs_mac2asc()'本地特权提升漏洞
BUGTRAQ ID: 50750 CVE ID: CVE-2011-4330 Linux是一款开放源代码的操作系统。 hfsmac2asc函数没有对作为参数传递的缓冲区大小进行正确边界检查,在畸形文件系统上src大小可超过HFSMAXNAMELEN。HFSMAXNAMELEN为31而src大小可设置为255无符号字符。 用户可控数据传递给调用hfsmac2asc的hfsreaddir函数可触发基于内核栈的溢出。 Linux内核的"hfsmac2asc"函数在实现上缓冲区溢出漏洞,本地攻击者可利用此漏洞以内核权限执行任意代码,造成完全控制受影响计算机。 Linux kernel 2.6....
kernel: hfs buffer overflow
Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32 allows remote attackers to have an unspecified impact via a crafted Hierarchical File System HFS filesystem, related to the hfsreaddir function in fs/hfs/dir.c...
Linux Kernel HFS子系统栈溢出漏洞
CVE ID: CVE-2009-4020 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的fs/hfs/dir.c文件中的hfsreaddir函数存在栈溢出漏洞,特制的多级文件系统(HFS)可以在 hfsbnoderead函数的memcpy调用过程中触发这个溢出。攻击者可以提供源缓冲区和长度,目标缓冲区是固定长度的本地变量,这个变量存储在了hfsbnoderead调用程序的栈帧中(hfsreaddir)。由于在试图读取文件系统上目录时都会执行 hfsreaddir函数,因此用户试图检查任何文件系统内容时都会调用这个函数。 Linux...
CVE-2009-4020
Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32 allows remote attackers to have an unspecified impact via a crafted Hierarchical File System HFS filesystem, related to the hfsreaddir function in fs/hfs/dir.c...