MDVA-2009:045 : dhcp

dhclient-script, in dhcp-client package as released with Mandriva Linux 2009, would put the network interface down on some circumstances, as part of it's workings. Coupled with a bug in the kernel wireless stack, when done on wireless interfaces this could cause the wireless association to be los...

kernel: open() call allows setgid bit when user is not in new file's group

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable...

CIFS signing sec= mount options don't work correctly

The Linux kernel before 2.6.23-rc1 checks the wrong global variable for the CIFS sec mount option, which might allow remote attackers to spoof CIFS network traffic that the client configured for security signatures, as demonstrated by lack of signing despite sec=ntlmv2i in a SetupAndX request...

Tracing execution of a threaded executable causes kernel BUG report

The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service system hang related to "MT exec + utraceattach spin failure mode," as demonstrated by ptrace-thrash.c...

NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure

NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure 11/15/2006 Notice =================== This bug has been specially discovered for the Month of Kernel Bugs and to the Hackers to Hackers Conference III http://www.h2hc.org.br/en/. Summary =================== Firewir...

CVE-2005-3053

The syssetmempolicy function in mempolicy.c in Linux kernel 2.6.x allows local users to cause a denial of service kernel BUG via a negative first argument...

CVE-2005-0090

A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch omits an "access check," which allows local users to cause a denial of service crash...

FreeBSD : SA-04:12.jailroute

The remote host is running a version of the FreeBSD kernel which contains a bug which may allow a jailed process to modify the host routing tables of the whole system. C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include"compat.inc"; ifdescription scriptid12555;...

Bug in IO bitmap handling? Probably exploitable (2.6.5)

Hello. The attached is the small program that tries to write 0x20 to port 0x20. Normally this should cause SIGSEGV, so the program should crash. I think there is a bug in the 2.6 kernels though, which makes it to not crash if some trivial conditions are met. Basically it seems that if any process...

Linux Kernel ""do_mremap"" Local Proof of Concept II

No description provided by source. / Proof of concept code for testing domremap Linux kernel bug. It is based on the code by Christophe Devine and Julien Tinnes posted on Bugtraq mailing list on 5 Jan 2004 but it's safer since it avoids any kernel data corruption. The following test was done...

Linux kernel signed/unsigned conversion bug

Signed/unsigned conversion bug during processing of NFSv3 XDR data leads to buffer overflow...

CVE-2002-0499

The CVE relates to the Linux kernel vulnerability where the d_path function truncates long pathnames without error in Linux kernel versions 2.2.20 and earlier, and 2.4.18 and earlier. This behavior can cause local users to cause programs to operate on incorrect directories, potentially enabling i...

Sendmail Workaround for Linux Capabilities Bug

-----BEGIN PGP SIGNED MESSAGE----- SENDMAIL SECURITY TEAM ADVISORY Sendmail Workaround for Linux Capabilities Bug The Sendmail Consortium and Sendmail, Inc. has been informed of a serious problem in the Linux kernel that can be used to get root access. This is not a sendmail security problem,...

linux-2.2.0-DoS.txt

Date: Wed, 27 Jan 1999 03:14:29 -0500 From: //Stany To: [email protected] Subject: Re: 2.2.0 SECURITY fwd Later on down the thread there are other people then Dan Burcaw who say that the bug crashes their boxes too. I suggest reading the thread on Linux Kernel archives for more information. Se...

macos.x.server.cgi.txt

Date: Thu, 3 Jun 1999 19:35:58 +0200 From: Juergen Schmidt To: [email protected] Subject: MacOS X system panic with CGI Hello all, when doing performance tests with different web servers, I found, that MacOS X Server running apache crashed under medium load, when I was calling CGI-scripts. It...