24 matches found
EUVD-2008-1620
Malware in sbrugna...
EUVD-2005-1763
Malware in sbrugna...
EUVD-2006-0565
Malware in sbrugna...
EUVD-2004-0446
Malware in sbrugna...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality of protected information
The Linux-headers-2.6.18-4-all-ia64 package of the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to violations of the confidentiality of protected information. These vulnerabilities can be exploited remotely...
Design/Logic Flaw
The Linux kernel before 3.12.2 does not properly use the getdumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h...
/kernel/security/CVE-2006-0742 test cause kernel-xen panic on ia64
arch/ia64/xen/faults.c in Xen 3.4 and 4.0 in Linux kernel 2.6.18, and possibly other kernel versions, when running on IA-64 architectures, allows local users to cause a denial of service and "turn on BE by modifying the user mask of the PSR," as demonstrated via exploitation of CVE-2006-0742...
Openswan和strongSwan DPD报文远程拒绝服务漏洞
BUGTRAQ ID: 34296 CVECAN ID: CVE-2009-0790 Openswan和strongSwan都是Linux系统下的IPSEC实现。 死亡对等体检测(DPD)是IPsec IKE通知消息,使用ICOOKIE/RCOOKIE机制将入站报文匹配到已知的安全关联(ISAKMP)。在一个端点的ISAKMP状态已过期但另一个端点仍在使用旧状态发送DPD通知的情况下,如果远程攻击者向Openswan和strongSwan发送了恶意的RUTHERE或 RUTHEREACK通知报文的话,就会在不存在的状态对象st上触发空指针引用,导致pluto IKE守护程序崩溃并重启。...
[SECURITY] [DSA 1683-1] New streamripper packages fix potential code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1683-1 [email protected] http://www.debian.org/security/ Florian Weimer December 08, 2008 http://www.debian.org/security/faq -...
Afuse afuse.c文件Shell命令注入漏洞
BUGTRAQ ID: 30245 CVECAN ID: CVE-2008-2232 Afuse是使用FUSE在用户域实现的自动加载文件系统。 Afuse没有正确地过滤文件名便将其用在了system调用中。如果能够读访问afuse文件系统的攻击者使用了类似于以下的路径的话: /path/";arbitrary command;" /path/arbitrary command 则从注册为Afuse加载的目录请求上述特制文件就会导致以提升的权限执行任意命令。 Jacob Bower Afuse 0.2 Debian ------...
[SECURITY] [DSA 1587-1] New mtr packages fix execution of arbitrary code
------------------------------------------------------------------------ Debian Security Advisory DSA-1587-1 [email protected] http://www.debian.org/security/ Steve Kemp May 26, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------...
[xen-ia64] Dom0 panic while we run ftp test tool between HVM and Dom0.
The ssmi emulation in Xen 5.1 on IA64 architectures allows attackers to cause a denial of service dom0 panic via certain traffic, as demonstrated using an FTP stress test tool...
CVE-2008-1619
The ssmi emulation in Xen 5.1 on IA64 architectures allows attackers to cause a denial of service dom0 panic via certain traffic, as demonstrated using an FTP stress test tool...
[SECURITY] [DSA 1448-1] New eggdrop packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1448-1 [email protected] http://www.debian.org/security/ Steve Kemp January 05, 2008 http://www.debian.org/security/faq -...
Debian DSA-1082-1 : kernel-source-2.4.17 - several vulnerabilities
Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2004-0427 A local denial of service vulnerability i...
security flaw
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service kernel crash via ptrace and the restoresigcontext function...
CVE-2005-1761
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service kernel crash via ptrace and the restoresigcontext function...
CVE-2005-1761
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service kernel crash via ptrace and the restoresigcontext function...
CVE-2005-1761
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service kernel crash via ptrace and the restoresigcontext function...
SQL 2005 English ia64
...