Linux Kernel < 2.6.22 ftruncate()/open() Local Exploit

No description provided by source. / gw-ftrex.c: Linux kernel 2.6.22 open/ftruncate local exploit by gat3way at gat3way dot eu bug information: http://osvdb.org/49081 !!!This is for educational purposes only!!! To use it, you've got to find a sgid directory you've got permissions to write into...

Linux Kernel <= 2.6.37 - Local Privilege Escalation

No description provided by source. / Linux Kernel = 2.6.37 local privilege escalation by Dan Rosenberg @djrbliss on twitter Usage: gcc full-nelson.c -o full-nelson ./full-nelson This exploit leverages three vulnerabilities to get root, all of which were discovered by Nelson Elhage: CVE-2010-4258...

Linux Kernel <= 2.4.29-rc2 uselib() Privilege Elevation

No description provided by source. / binfmtelf uselib VMA insert race vulnerability v1.08 gcc -O2 -fomit-frame-pointer elflbl.c -o elflbl Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED AS IS AND WITHOUT ANY WARRANTY...

OSX/Intel - setuid shell x86_64 - 51 bytes

No description provided by source. / Title: OSX/Intel - setuid shell x8664 - 51 bytes Date: 2010-11-25 Tested on: Mac OS X 10.6.5 - Darwin Kernel Version 10.5.0 Author: Dustin Schultz - twitter: @thexploit http://thexploit.com BITS 64 section .text global start start: a: mov r8b, 0x02 ; Unix clas...

DEBIAN-CVE-2014-3153

The futexrequeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEXREQUEUE command that facilitates unsafe waiter modification...

UBUNTU-CVE-2013-7348

Double free vulnerability in the ioctxalloc function in fs/aio.c in the Linux kernel before 3.12.4 allows local users to cause a denial of service system crash or possibly have unspecified other impact via vectors involving an error condition in the aiosetupring function...

Quantum DXi V1000 2.2.1 - Static SSH Key

Quantum DXi® V-Series is a virtual deduplication backup appliance that protects physical and virtual data across remote sites, the datacenter and cloud deployments. Details: ---------- 0x01 - Default root user The root user has a hardcoded password that is unknown and not changeable. Normally...

Linux Kernel 3.4 &lt; 3.13.2 (Ubuntu 13.04/13.10 x64) - &#039;CONFIG_X86_X32=y&#039; Local Privilege Escalation (3)

/ ============================== recvmmsg.c - linux 3.4+ local root CONFIGX86X32=y CVE-2014-0038 / x32 ABI with recvmmsg by rebel @ irc.smashthestack.org ----------------------------------- takes about 13 minutes to run because timeout-tvsec is decremented once per second and 0xff3 is 765. some...

The header file linux/version.h is empty from MRG version 2 realtime kernel

No description provided...

PT-2013-6014 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.12.6 Description: The issue allows local users to gain privileges or cause a denial of service, resulting in a system crash, via a VAPIC synchronization operation involving a page-end address. Recommendations:...

kernel security and bug fix update

kernel 2.6.18-371.3.1 - net be2net: don't use GRO for packets w/ re-inserted VLAN tags Ivan Vecera 1023348 1008691 - net tg3: call pcienablewake to set power state John Feeney 1014973 996331 - misc backport fixes for percpu-rw-semaphore Mikulas Patocka 1014715 867997 - xen information leak via I/...

PT-2013-4862 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.10.3 Description: The issue is related to the bridge multicast implementation in the Linux kernel, which does not properly check if a certain timer is armed before modifying its timeout value. This can be...

kernel: Information leak in the RTNETLINK component

The rtnlfillifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

Oracle Linux 5 : Important: / kernel (ELSA-2008-0129)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2008-0129 advisory. 2.6.18-53.1.13.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki orabug 6045759 - NET Fix msi issue with kexec/kdump Michael Chan orabug 6219364 ...

PT-2013-3481 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.0 Description: The issue concerns a lack of checks in the KVM subsystem for kernel addresses during memory slot allocation for a guest's physical address space. This allows local users to potentially gain...

UBUNTU-CVE-2013-2852

Format string vulnerability in the b43requestfirmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe...

1

kernel 2.6.18-348.6.1.0.1 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe callgraph support orabug 14277030 - oprofile oprofile: use KMNMI slot for kmapatomic orabug 14277030 - oprofile...

AZL-34322 CVE-2013-2094 affecting package kernel for versions less than 5.15.153.1-1

The perfsweventinit function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perfeventopen system call...

hypervkvpd: Netlink source address validation allows denial of service

The main function in tools/hv/hvkvpdaemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service daemon exit via a crafted application that sends a Netlink message. NOTE: this vulnerability exists because of an incorrect fix for...

PT-2013-3491 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.8.6 Description: The issue allows local users to bypass intended access restrictions by leveraging a time interval during which a user namespace has been created but a PID namespace has not been created. This ...