79 matches found
Linux Kernel 2.6.x - driversnetr8169.c Out-of-IOMMU Error Local Denial of Service
Linux Kernel 2.6.x - driversnetr8169.c Out-of-IOMMU Error Local Denial of Service source: https://www.securityfocus.com/bid/36706/info The Linux kernel is prone to a local denial-of-service vulnerability that attackers can exploit to cause an affected computer to panic. Versions prior to the Linu...
Linux Kernel 2.6.x - 'drivers/char/tty_ldisc.c' Null Pointer Dereference Denial of Service
/ source: https://www.securityfocus.com/bid/36191/info The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to crash the affected kernel, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute...
Linux Kernel PER_CLEAR_ON_SETID绕过安全限制漏洞
BUGTRAQ ID: 35647 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的PERCLEARONSETID mask没有包含有MMAPPAGEZERO和ADDRCOMPATLAYOUT,这可能允许本地用户绕过mmapminaddr保护,或禁用某些ASLR(地址空间布局随机化)功能。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Linux Kernel 2.6.x ptrace_attach Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits =================================================================== Linux Kernel 2.6.x ptraceattach Local Privilege Escalation Exploit =================================================================== / ptraceattach privilege escalation...
Linux Kernel 2.6.x SCTP FWD Memory Corruption Remote Exploit
No description provided by source. / CVE-2009-0065 SCTP FWD Chunk Memory Corruption Linux Kernel 2.6.x SCTP FWD Memory COrruption Remote Exploit coded by: sgrakkyu at antifork.org http://kernelbof.blogspot.com NOTE: you need at least one sctp application bound on the target box Supported target:...
Linux Kernel readlink本地权限提升漏洞
BUGTRAQ ID: 33412 CVECAN ID: CVE-2009-0269 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的eCryptfs子系统的fs/ecryptfs/inode.c文件没有正确地检查readlink调用的返回结果。如果readlink调用生成的错误导致将-1返回值用作了数组索引,本地用户就可以导致拒绝服务或获得权限提升。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Linux Kernel 2.6.x - qdisc_run() Local Denial of Service
Linux Kernel 2.6.x - qdiscrun Local Denial of Service / source: https://www.securityfocus.com/bid/32985/info The Linux kernel is prone to a local denial-of-service vulnerability. Local attackers can exploit this issue to cause a soft lockup, denying service to legitimate users. Versions prior to...
Linux Kernel 2.6.x - 'qdisc_run()' Local Denial of Service
/ source: https://www.securityfocus.com/bid/32985/info The Linux kernel is prone to a local denial-of-service vulnerability. Local attackers can exploit this issue to cause a soft lockup, denying service to legitimate users. Versions prior to Linux kernel 2.6.25 are vulnerable. / include include...
Linux Kernel 2.6.x - netipv6ip6_output.c Null Pointer Dereference Denial of Service
Linux Kernel 2.6.x - netipv6ip6output.c Null Pointer Dereference Denial of Service / source: https://www.securityfocus.com/bid/38185/info The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to crash the affected kernel, denying service to...
Linux Kernel 2.6.x - 'net/ipv6/ip6_output.c' Null Pointer Dereference Denial of Service
/ source: https://www.securityfocus.com/bid/38185/info The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to crash the affected kernel, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute...
Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit
No description provided by source. / $Id: raptorchown.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorchown.c - syschown missing DAC controls on Linux Copyright c 2004 Marco Ivaldi [email protected] Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of file...
Linux内核Ext3无效索引节点序号拒绝服务攻击漏洞
Secunia Advisory:SA21369 Linux内核被报告一个漏洞,该漏洞可被恶意用户操作进行拒绝服务攻击Denial of Service。 该漏洞是由处理一个无效索引节点序号(inode number)时ext3内的一个错误引起的。盖漏洞可被操作发送一个特殊处理的带有V2程序例如 V2LOOKUP的NFS请求使其列入无效索引节点序号。 成功操作会致使输出目录被重置为只读。 该漏洞已经在版本2.6.14.4、2.6.17.6和2.6.17.7中被证实。其他版本可能同样被影响。 Linux Kernel 2.6.x 仅同意信任用户访问受影响系统。...
Linux Kernel 2.6.x sys_timer_create() Local Denial of Service Exploit
No description provided by source. ;nasm -f elf noHeaven.asm ;ld -s -o noHeaven noHeaven.o section .text global start count equ 8 ; threads count - do it quicker start: mov ebx, count call createthreads jmp done pause: mov eax,29 int 0x80 ret createthreads: mov eax,2 int 0x80 test eax,eax jz...
Integer overflow
Integer underflow in the ieee80211rx function in net/ieee80211/ieee80211rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service crash via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211STYPEQOSDATA flag is set, aka an "off-by-two...
CVE-2007-4997
Integer underflow in the ieee80211rx function in net/ieee80211/ieee80211rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service crash via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211STYPEQOSDATA flag is set, aka an "off-by-two...
CVE-2007-5093
The disconnect method in the Philips USB Webcam pwc driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service USB subsystem hang and CPU consumption in khubd by not closing the device after the...
Linux Kernel 2.6.x - NETLINK_FIB_LOOKUP Local Denial of Service
/ source: https://www.securityfocus.com/bid/23677/info The Linux kernel is prone to a denial-of-service vulnerability. This issue presents itself when a NETLINK message is misrouted. A local attacker may exploit this issue to trigger an infinite-recursion stack-based overflow in the kernel. This...
security flaw
The blockpreparewrite function in fs/buffer.c for Linux kernel 2.6.x before 2.6.13 does not properly clear buffers during certain error conditions, which allows local users to read portions of files that have been unlinked...
CVE-2006-5823
The zlibinflate function in Linux kernel 2.6.x allows local users to cause a denial of service crash via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs...
Linux Kernel 2.6.x - SquashFS Double-Free Denial of Service
Linux Kernel 2.6.x - SquashFS Double-Free Denial of Service source: https://www.securityfocus.com/bid/20870/info The Linux kernel is prone to a local denial-of-service vulnerability. An attacker can exploit this issue to crash the affected computer, denying service to legitimate users...