CVE-2008-4160

CVE-2008-4160 affects the UFS module in Solaris 8–10 and OpenSolaris. The vulnerability is a local denial of service caused by a NULL pointer dereference in the Solaris ACL implementation, leading to a kernel panic. Connected advisories reference Solaris patch updates: 139483-05 (SunOS 5.10 SPARC...

InstallShield Update Agent - Downloads and executes "Rule Scripts" insecurely.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUMMARY InstallShield Update Agent - Remote "Rule Script" Code Execution Vulnerability. OVERVIEW InstallShield Update Agent uses insecure methods of retrieving operational script code from unauthenticated, unverified external sources over HTTP...

Null pointer dereference

net/sctp/socket.c in the Stream Control Transmission Protocol sctp implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service NULL pointer dereferenc...

Integer overflow

Integer overflow in the sctpsetsockoptauthkey function in net/sctp/socket.c in the Stream Control Transmission Protocol sctp implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service panic or possibly have unspecified other impact via a...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise MRG 1.0. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

USN-636-1: Postfix vulnerability

Sebastian Krahmer discovered that Postfix was not correctly handling mailbox ownership when dealing with Linux's implementation of hardlinking to symlinks. In certain mail spool configurations, a local attacker could exploit this to append data to arbitrary files as the root user. The default...

CVE-2008-2940

The alert-mailing implementation in HP Linux Imaging and Printing HPLIP 1.6.7 allows local users to gain privileges and send e-mail messages from the root account via vectors related to the setalerts message, and lack of validation of the device URI associated with an event message...

Design/Logic Flaw

The 1 reallookup and 2 lookuphash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted aka SDEAD directory, which allows local users to cause a denial of service "overflow" of the UBIFS orphan area via a...

CVE-2008-3534

The shmemdeleteinode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service system crash via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv program, related to...

CVE-2008-3534

The shmemdeleteinode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service system crash via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv program, related to...

Nokia series 40 phones multiple security vulnerabilities

Multiple J2ME implementation vulnerabilities allow complete device compromization...

Buffer overflow

Buffer overflow in format descriptor parsing in the uvcparseformat function in drivers/media/video/uvc/uvcdriver.c in uvcvideo in the video4linux V4L implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors...

Pligg Auto-Voter Using XSS to Bypass CSRF Protection

Explanation: Pligg Suffers from a Reflective Cross Site Scripting vulnerability in index.php. For the $GET'category' variable. Exploit code was written that uses this flaw to bypass the CSRF protection to then vote on any pligg article of the attackers choosing. I took inspiration from the Myspac...

DNS BailiWicked Host Attack

No description provided by source. /msf3/msfconsole require 'msf/core' require 'net/dns' require 'scruby' require 'resolv' module Msf class Auxiliary::Spoof::Dns::BailiWickedHost Msf::Auxiliary include Exploit::Remote::Ip def initializeinfo = superupdateinfoinfo, 'Name' = 'DNS BailiWicked Host...

CVE-2008-3264

The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers t...

CVE-2008-3247

The LDT implementation in the Linux kernel 2.6.25.x before 2.6.25.11 on x8664 platforms uses an incorrect size for ldtdesc, which allows local users to cause a denial of service system crash or possibly gain privileges via unspecified vectors...

Sun Java JDK/JRE 5 < Update 16 Multiple Vulnerabilities

The version of Sun Java Runtime Environment JRE 5.0 installed on the remote host is affected by multiple security issues : - A vulnerability in the XML processing module of the JRE could allow an untrusted applet/application unauthorized access to certain URL resources 238628. - A buffer overflow...

Fedora 8 : kernel-2.6.25.6-27.fc8 (2008-5454)

Update to kernel 2.6.25.6: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.6 CVE-2008-1673: The asn1 implementation in a the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ipnatsnmpbasic...

Net-SNMP远程绕过认证漏洞

BUGTRAQ ID: 29623 CVECAN ID: CVE-2008-0960 Net-SNMP是一个免费的、开放源码的SNMP实现，以前称为UCD-SNMP。 Net-SNMP处理认证的实现上存在漏洞，远程攻击者可能利用此漏洞绕过认证获取SNMP对象的访问。...

X.org MIT-SHM extension arbitrary memory read

Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height...