GNU glibc Local Elevation of Privilege Vulnerability

GNU glibc a.k.a. GNU C Library, libc6 is an open-source, free C compiler released under the LGPL license. A local elevation of privilege vulnerability exists in GNU glibc. A local attacker can exploit this vulnerability to gain elevated privileges...

D-Link soap.cgi Stack Buffer Overflow(CVE-2018-5318)

作者：Chu 1. 前言 老板前一段给买了几款路由把玩，研究了下 D-Link DIR 629、DIR 823 这两款板子。 发现在 soap.cgi 中存在几处栈溢出，均可以远程利用，并且其他型号的路由也有对 soap 这一部分代码的复用。 2. 逆向分析与漏洞挖掘 因为是想挖几个能远程利用的洞，首先去看了 HTTP 服务，也就是 /htdocs/cgibin。 D-Link HTTP 服务由cgibin提供，并通过软链接的文件名进入到不同的处理分支： 在各个 cgi 处理函数中，会通过 cgibinparserequest 来解析用户输入，其函数原型大致如下： 参数...

BlueBorne RCE on Android 6.0.1 (CVE-2017-0781)

A few days ago, the company Armis published a proof of concept PoC of a remote code execution vulnerability in Android via Bluetooth CVE-2017-0781, known as BlueBorne. Although BlueBorne refers to a set of 8 vulnerabilities, this PoC uses only 2 of them to achieve its goal. The exploitation proce...

GraphicsMagick - Memory Disclosure / Heap Overflow Exploit

Exploit for multiple platform in category dos / poc '''Vulnerabilities summary The following advisory describes two 2 vulnerabilities found in GraphicsMagick. GraphicsMagick is “The swiss army knife of image processing. Comprised of 267K physical lines according to David A. Wheeler’s SLOCCount of...

CVE-2017-7086

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "libc" component. It allows remote attackers to cause a denial of service resource consumption via a craft...

Code injection

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "libc" component. It allows remote attackers to cause a denial of service resource consumption via a craft...

CVE-2017-7086

Summary (CVE-2017-7086): An issue in the libc glob() implementation affects Apple OSes (iOS prior to 11, macOS prior to 10.13, tvOS prior to 11, watchOS prior to 4). The vulnerability allows a remote attacker to cause a denial of service via a crafted string mishandled by glob(), leading to resou...

musl libc buffer overflow vulnerability

musl libc is the new standard library for a new generation of Linux-based devices. A buffer overflow vulnerability exists in musl libc prior to version 1.1.17. The vulnerability arises because dnsparsecallback in network/lookupname.c does not limit the number of addresses, and an attacker can cau...

ALPINE-CVE-2017-15650

musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dnsparsecallback in network/lookupname.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query...

CVE-2017-15650

musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dnsparsecallback in network/lookupname.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query...

CVE-2017-15650

musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dnsparsecallback in network/lookupname.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query...

Buffer overflow

musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dnsparsecallback in network/lookupname.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query...

CVE-2017-15650

musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dnsparsecallback in network/lookupname.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query...

DEBIAN-CVE-2017-15650

musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dnsparsecallback in network/lookupname.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query...

CVE-2017-15650

musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dnsparsecallback in network/lookupname.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query...

CVE-2017-15650

Summary (CVE-2017-15650) : musl libc prior to 1.1.17 is vulnerable to a buffer overflow in DNS response handling. The root cause is dns_parse_callback in network/lookup_name.c not limiting the number of addresses returned, so an attacker can supply an excessive number of A records in response to ...

CVE-2017-15650

musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dnsparsecallback in network/lookupname.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query...

CVE-2017-15650

musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dnsparsecallback in network/lookupname.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query...

PT-2017-4088 · Musl +2 · Musl Libc +2

Name of the Vulnerable Software and Affected Versions: musl libc versions prior to 1.1.17 Description: The issue is related to a buffer overflow in the dns parse callback function in network/lookup name.c, which does not restrict the number of addresses. This allows an attacker to provide an...

Multiple Apple products libc denial of service vulnerability

Apple iOS, macOS High Sierra, tvOS, and watchOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. macOS High Sierra is a specialized operating system developed for Mac computers. tvOS is a smart TV operating system. watchOS is a smart watch operating system...