1146 matches found
Code injection
The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv119, does not properly implement the nfsportmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors...
MDKA-2007:124 : openafs
This update addresses the following bugs in the openafs package: The openafs kernel module does not work on the x8664 platform, triggering a kernel oops as soon as it is loaded. The openafs package was compiled with wrong gcc 4.2 compiler optimisations which prevented it from listing directory...
[SECURITY] [DSA 1768-1] New openafs packages potential code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1768-1 [email protected] http://www.debian.org/security/ Florian Weimer April 10, 2009 http://www.debian.org/security/faq -...
Debian DSA-1768-1 : openafs - several vulnerabilities
Two vulnerabilities were discovered in the client part of OpenAFS, a distributed file system. - CVE-2009-1251 An attacker with control of a file server or the ability to forge RX packets may be able to execute arbitrary code in kernel mode on an OpenAFS client, due to a vulnerability in XDR array...
[Backports-security-announce] Security Update for openafs
Russ Allbery uploaded new packages for openafs a distributed file system which fixed the following security problems: CVE-2009-1251 An attacker with control of a file server or the ability to forge RX packets may be able to execute arbitrary code in kernel mode on an OpenAFS client, due to a...
[SECURITY] [DSA 1768-1] New openafs packages potential code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1768-1 [email protected] http://www.debian.org/security/ Florian Weimer April 10, 2009 http://www.debian.org/security/faq -...
DSA-1768-1 openafs - potential code execution
Bulletin has no description...
[SECURITY] Fedora 9 Update: device-mapper-multipath-0.4.7-17.fc9
device-mapper-multipath provides tools to manage multipath devices by instr ucting the device-mapper multipath kernel module what to do. The tools are : multipath : Scan the system for multipath devices and assemble them. multipathd : Detects when paths fail and execs multipath to update thing s...
[SECURITY] Fedora 10 Update: device-mapper-multipath-0.4.8-9.fc10
device-mapper-multipath provides tools to manage multipath devices by instructing the device-mapper multipath kernel module what to do. The tools are : multipath : Scan the system for multipath devices and assemble them. multipathd : Detects when paths fail and execs multipath to update thing s...
Mandriva Update for openafs MDKA-2007:124 (openafs)
Check for the Version of openafs OpenVAS Vulnerability Test Mandriva Update for openafs MDKA-2007:124 openafs Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
RHEL 4 / 5 : device-mapper-multipath (RHSA-2009:0411)
Updated device-mapper-multipath packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The device-mapper multipath packages provide tools to manage multipath...
CVE-2009-0784
Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors...
CVE-2009-0913
Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv01 through snv108 allows local users to cause a denial of service system panic via unknown vectors related to PFKEY socket, probably related to setting socket options...
Code injection
Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv01 through snv108 allows local users to cause a denial of service system panic via unknown vectors related to PFKEY socket, probably related to setting socket options...
CVE-2009-0913
CVE-2009-0913 affects Solaris 10 and OpenSolaris builds snv_01 through snv_108, with an unspecified vulnerability in the keysock kernel module that can cause a local denial of service (system panic) via PF_KEY socket handling/option setting. The issue is evidenced by patched Solaris updates: 1410...
NDISwrapper: Arbitrary remote code execution
Background NDISwrapper is a Linux kernel module that enables the use of Microsoft Windows drivers for wireless network devices. Description Anders Kaseorg reported multiple buffer overflows related to long ESSIDs. Impact A physically proximate attacker could send packets over a wireless network...
Linux/x86 - setuid(0) + Load Kernel Module (/tmp/o.o) Shellcode (67 bytes)
Linux/x86 - setuid0 + Load Kernel Module /tmp/o.o Shellcode 67 bytes. Shellcode exploit for Linuxx86 platform / The shellcode sets uid == 0 and loads the kernel module from /tmp/o.o size = 67 bytes OS = Linux i386 written by /rootteam/dev0id rootteam.void.ru [email protected] BITS 32 jmp shor...
OpenBSD/x86 - setuid(0) + Load Kernel Module (/tmp/o.o) Shellcode (74 bytes)
OpenBSD/x86 - setuid0 + Load Kernel Module /tmp/o.o Shellcode 74 bytes. Shellcode exploit for OpenBSDx86 platform / The modload shellcode setuid0 loads /tmp/o.o module very usefull if you have rootkit as kernel module in the /tmp dir Size 74 bytes OS OpenBSD /rootteam/dev0id rootteam.void.ru...
OpenBSD/x86 - Load Kernel Module (/tmp/o.o) Shellcode (66 bytes)
OpenBSD/x86 - Load Kernel Module /tmp/o.o Shellcode 66 bytes. Shellcode exploit for OpenBSDx86 platform / The modload shellcode loads /tmp/o.o module very usefull if you have rootkit as kernel module in the /tmp dir and you can easily change the path directly in the code Size 66 bytes OS OpenBSD...
Race condition
Race condition in the sxout kernel module in Sun Solstice X.25 9.2, when running on a multiple CPU machine, allows local users to cause a denial of service panic via vectors involving reading the /dev/xty file...