1039 matches found
CVE-2015-0378
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Libc...
Oracle Solaris has a local vulnerability
Oracle Solaris is a unix-based operating system. A local vulnerability exists in Oracle Solaris that could be exploited by an attacker to compromise a 'Libc' subcomponent...
CentOS 6 : glibc (CESA-2015:0016)
Updated glibc packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
FreeBSD Security Advisory FreeBSD-SA-14:27.stdio
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:27.stdio Security Advisory The FreeBSD Project Topic: Buffer overflow in stdio Category: core Module: libc Announced: 2014-12-10 Credits: Adrian Chadd and...
GNU libc 2.12.1 LD_AUDIT libmemusage.so Local Root
!/bin/sh Exploit Title: GNU libc /tmp/libxpl.c /dev/null cat /tmp/libxpl.so /lib/libxpl.so rm -rf /tmp/libxpl.c /tmp/libxpl.so LDAUDIT="libxpl.so" ping...
GNU libc 2.12.1 LD_AUDIT libpcprofile.so Local Root
!/bin/sh Exploit Title: GNU libc /tmp/libxpl.c /dev/null cat /tmp/libxpl.so /lib/libxpl.so rm -rf /tmp/libxpl.c /tmp/libxpl.so LDAUDIT="libxpl.so" ping...
Oracle Linux 6 : glibc (ELSA-2014-1391)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1391 advisory. - Remove gconv transliteration loadable modules support CVE-2014-5119, - nlfindlocale: Improve handling of crafted locale names CVE-2014-0475, - Fix...
RHEL 6 : glibc (RHSA-2014:1391)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1391 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the Name Serv...
DNS Reverse Lookup Shellshock
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Advisory DNS Reverse Lookup as a vector for the Bash vulnerability CVE-2014-6271 et.al. CVE-2014-3671 references: CVE-2014-6271, CVE-2014-7169, CVE-2014-6277, CVE-2014-6278 CVE-2014-7186 and, CVE-2014-7187 Summary: Above CVEs detail a number ...
Oracle Solaris Critical Patch Update : apr2013_SRU4a
This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Utility. Supported versions that are affected are 8, 9, 10 and 11. Difficult to exploit vulnerability requiring...
wu-ftpd 2.6.2, 2.6.0, 2.6.1 realpath() Off-By-One Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8315/info The 'realpath' function is a C-library procedure to resolve the canonical, absolute pathname of a file based on a path that may contain values such as '/', './', '../', or symbolic links. A vulnerability that wa...
QNX 6.5.0 x86 io-graphics - Local root Exploit
No description provided by source. / QNX 6.5.0 x86 io-graphics local root exploit by cenobyte 2013 [email protected] - vulnerability description: Setuid root /usr/photon/bin/io-graphics on QNX is prone to a buffer overflow. The vulnerability is due to insufficent bounds checking of the...
Bomberclone 0.11.6 - Buffer Overflow
No description provided by source. $Id: bombercloneoverflow.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...
Python <= 2.4.2 realpath() Local Stack Overflow Exploit
No description provided by source. !/usr/bin/python gexp-python.py Python = 2.4.2 realpath Local Stack Overflow ----------------------------------------------- Against VA Space Randomization. Copyright c 2006 Gotfault Security Bug found and developed by: dx/vaxen Gotfault Security, posidron Tripb...
Musicqueue 0.9/1.0/1.1 - Multiple Buffer Overrun Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/8903/info Multiple buffer overrun vulnerabilities have been discovered in Musicqueue. Both issues stem from the lack of bounds checking when passing user-supplied input to the sprintf libc function. As a result, it may be...
IBM AIX <= 4.2.1, Sun Solaris <= 7.0 LC_MESSAGES libc Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/268/info A buffer overflow in libc's handling of the LCMESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM...
IBM AIX <= 4.2.1, Sun Solaris <= 7.0 LC_MESSAGES libc Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/268/info A buffer overflow in libc's handling of the LCMESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM...
IBM AIX <= 4.2.1, Sun Solaris <= 7.0 LC_MESSAGES libc Buffer Overflow Vulnerability (3)
No description provided by source. source: http://www.securityfocus.com/bid/268/info A buffer overflow in libc's handling of the LCMESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM...
IBM AIX <= 4.2.1, Sun Solaris <= 7.0 LC_MESSAGES libc Buffer Overflow Vulnerability (5)
No description provided by source. source: http://www.securityfocus.com/bid/268/info A buffer overflow in libc's handling of the LCMESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM...
Supermicro Onboard IPMI close_window.cgi Buffer Overflow
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::Remote::HttpClient def initializeinfo...