Microsoft Windows Event Tracing 代码注入漏洞

Windows Event Tracing ETW is an efficient kernel-level tracing tool that allows you to log kernel- or application-defined events to a log file.Microsoft Windows Event Tracing is vulnerable to remote code execution. An attacker could exploit this vulnerability to execute code on the target host...

Sun Solaris DTrace动态追踪框架信息泄露漏洞

BUGTRAQ ID: 27942 Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。 Solaris 10 DTrace（请见dtrace1M）动态追踪框架中的安全漏洞可能允许给予了PRIVDTRACEUSER或PRIVDTRACEPROC权限（请见privileges5）的本地用户或非全局区执行一些内核级追踪，然后这些用户就可以访问敏感信息。 Sun Solaris 10x86 Sun Solaris 10.0 临时解决方法：...