Lucene search
+L

79 matches found

seebug.org
seebug.org
added 2011/11/29 12:0 a.m.42 views

Linux GNU Debugger "debug_gdb_scripts"加载任意代码执行漏洞

BUGTRAQ ID: 50829 CVE ID: CVE-2011-4355 Linux是自由电脑操作系统内核,Linux所带的GNU Debugger gdb工具实现上存在漏洞,在定义了.debuggdbscripts后,gdb会从当前目录加载可疑文件,造成以当前用户权限执行任意代码。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.kernel.org/...

6.9CVSS0.3AI score0.0036EPSS
Exploits1
seebug.org
seebug.org
added 2011/11/22 12:0 a.m.55 views

Linux Kernel 'hfs_mac2asc()'本地特权提升漏洞

BUGTRAQ ID: 50750 CVE ID: CVE-2011-4330 Linux是一款开放源代码的操作系统。 hfsmac2asc函数没有对作为参数传递的缓冲区大小进行正确边界检查,在畸形文件系统上src大小可超过HFSMAXNAMELEN。HFSMAXNAMELEN为31而src大小可设置为255无符号字符。 用户可控数据传递给调用hfsmac2asc的hfsreaddir函数可触发基于内核栈的溢出。 Linux内核的"hfsmac2asc"函数在实现上缓冲区溢出漏洞,本地攻击者可利用此漏洞以内核权限执行任意代码,造成完全控制受影响计算机。 Linux kernel 2.6....

7.2CVSS0.1AI score0.00444EPSS
Exploits1
seebug.org
seebug.org
added 2011/05/18 12:0 a.m.55 views

Linux内核'IP GRE'模块空指针引用远程拒绝服务漏洞

Bugtraq ID: 47852 CVE ID:CVE-2011-1767 Linux是一款开放源代码的操作系统。 net/ipv4/ipgre.c中IP GRE模块初始化函数包含如下代码: 01 / 02 And now the modules code and kernel interface. 03 / 04 05 static int init ipgreinitvoid 06 07 int err; 08 09 printkKERNINFO "GRE over IPv4 tunneling driver\n"; 10 11 if...

5.4CVSS0.8AI score0.0283EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2011/04/08 2:53 a.m.5 views

kernel: panic in ib_cm:cm_work_handler

Race condition in the cmworkhandler function in the InfiniBand driver drivers/infiniband/core/cma.c in Linux kernel 2.6.x allows remote attackers to cause a denial of service panic by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer...

5.7CVSS7.2AI score0.01194EPSS
Exploits2References4
Prion
Prion
added 2011/03/15 5:55 p.m.21 views

Race condition

Race condition in the cmworkhandler function in the InfiniBand driver drivers/infiniband/core/cma.c in Linux kernel 2.6.x allows remote attackers to cause a denial of service panic by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer...

5.7CVSS6.8AI score0.01194EPSS
Exploits2References8Affected Software7
CVE
CVE
added 2011/03/15 5:0 p.m.112 views

CVE-2011-0695

CVE-2011-0695 is a race condition in the Linux kernel’s InfiniBand driver (cm_work_handler in drivers/infiniband/core/cma.c) on 2.6.x. The issue allows remote attackers to trigger a denial of service (panic) by issuing an InfiniBand request while other request handlers are active, causing an inva...

5.7CVSS6.2AI score0.01194EPSS
Exploits2References8Affected Software1
CVE
CVE
added 2010/04/06 10:0 p.m.100 views

CVE-2010-1087

CVE-2010-1087 affects the Linux kernel family 2.6.x up to 2.6.33-rc5. The vulnerability is in nfs_wait_on_request (fs/nfs/pagelist.c) and can cause a denial of service (kernel OOPS) via unknown vectors related to truncating a file and an operation that is not interruptible. The impact is a DoS on...

7.8CVSS6.2AI score0.03573EPSS
Exploits1References13Affected Software1
UbuntuCve
UbuntuCve
added 2010/04/06 12:0 a.m.25 views

CVE-2010-1083

The processcomplcompat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensiti...

4.7CVSS6.4AI score0.00361EPSS
Exploits1References2
seebug.org
seebug.org
added 2010/03/21 12:0 a.m.86 views

Linux Kernel ip6_dst_lookup_tail()函数远程拒绝服务漏洞

CVECAN ID: CVE-2010-0437 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的ip6dstlookuptail函数中存在空指针引用漏洞。本地网络上的攻击者可以通过向目标系统发送IPv6通讯来触发这个漏洞,如果接收到IPv6报文时目标系统上dst-neighbour为空,就会导致系统崩溃 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

7.8CVSS0.12426EPSS
Exploits2
seebug.org
seebug.org
added 2010/03/02 12:0 a.m.20 views

Linux kernel 2.6.x hda-intel驱动本地拒绝服务漏洞

BUGTRAQ ID: 38348 Linux Kernel是开放源码操作系统Linux所使用的内核。 对于使用了hda-intel驱动的Linux Kernel操作系统,sound/pci/hda/hdaintel.c文件中的azxpositionok函数在执行计算时可能将0用作初始,导致内核崩溃。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2010/02/03 12:0 a.m.21 views

Linux Kernel 64位Personality处理本地拒绝服务漏洞

BUGTRAQ ID: 38027 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel在设置进程的personality时存在错误,本地用户在执行缺少ELF解释器的64位应用时可能触发分段错误,导致内核崩溃。 漏洞起因是fs/binfmtelf.c文件中的loadelfbinary函数,该函数在检查ELF解释器可用之前调用了 SETPERSONALITY,将之前的32位进程转换为了64位进程。如果execve成功,这不会导致问题,但在...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2010/02/02 12:0 a.m.12 views

Linux Kernel 2.6.x - KVM pit_ioport_read() Local Denial of Service

Linux Kernel 2.6.x - KVM pitioportread Local Denial of Service source: https://www.securityfocus.com/bid/38038/info The Linux kernel is prone to a local denial-of-service vulnerability that affects the Kernel-based Virtual Machine KVM. Attackers with local access to a guest operating system can...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2010/02/01 12:0 a.m.38 views

Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service

source: https://www.securityfocus.com/bid/38027/info The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to cause the affected kernel to crash, denying service to legitimate users. Versions prior to Linux kernel 2.6.33-rc6 are vulnerable. NOTE:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2009/11/09 12:0 a.m.12 views

Linux Kernel 2.6.x - Ext4 move extents ioctl Privilege Escalation

Linux Kernel 2.6.x - Ext4 move extents ioctl Privilege Escalation source: https://www.securityfocus.com/bid/37277/info Linux kernel is prone to a local privilege-escalation vulnerability because the software fails to verify access permissions. Exploits may allow attackers to execute arbitrary cod...

1.2AI score
Exploits0
Exploit DB
Exploit DB
added 2009/11/09 12:0 a.m.89 views

Linux Kernel 2.6.x - Ext4 'move extents' ioctl Privilege Escalation

source: https://www.securityfocus.com/bid/37277/info Linux kernel is prone to a local privilege-escalation vulnerability because the software fails to verify access permissions. Exploits may allow attackers to execute arbitrary code with kernel-level privileges and launch other attacks. Successfu...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2009/11/03 12:0 a.m.20 views

Linux Kernel 2.6.x - pipe.c Local Privilege Escalation (2)

Linux Kernel 2.6.x - pipe.c Local Privilege Escalation 2 / source: https://www.securityfocus.com/bid/36901/info Linux kernel is prone to a local privilege-escalation vulnerability that is caused by a NULL-pointer dereference. Local attackers can exploit this issue to execute arbitrary code with...

0.8AI score
Exploits0
Prion
Prion
added 2009/10/19 8:0 p.m.29 views

Code injection

The tcffillnode function in net/sched/clsapi.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcmpad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified...

2.1CVSS5.7AI score0.00399EPSS
Exploits1References24Affected Software7
UbuntuCve
UbuntuCve
added 2009/10/19 12:0 a.m.27 views

CVE-2009-3612

The tcffillnode function in net/sched/clsapi.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcmpad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified...

2.1CVSS7AI score0.00399EPSS
Exploits1References2
seebug.org
seebug.org
added 2009/09/22 12:0 a.m.65 views

Linux Kernel get_random_int函数不充分随机数漏洞

Linux kernel 2.6.x CVE ID: CVE-2009-3238 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的drivers/char/random.c文件中的getrandomint函数所生成的随机数随机性不够,攻击者可以相对容易的预测返回值,绕过基于随机化的保护机制。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

7.8CVSS0.1AI score0.01632EPSS
Exploits2
seebug.org
seebug.org
added 2009/09/11 12:0 a.m.20 views

Linux Kernel tc_fill_tclass()函数本地信息泄露漏洞

BUGTRAQ ID: 36304 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的net/sched/schapi.c文件中的tcfilltclass函数没有清除某些结构成员便将其返回给了用户空间,这可能导致泄漏3个字节的未初始化内核内存。 Linux kernel 2.6.x Linux kernel 2.4.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

6.8AI score
Exploits0
Rows per page
Query Builder