EUVD-2005-0181

Malware in sbrugna...

Linux lp.c Out-of-Bounds Write via Kernel Command-line

Vulnerable Versions Linux 4.12-rc1 and below Linux 3.x Linux 2.6.x Linux 2.4.x Linux 2.2.x Mitigation Patch has been committed to the mainline tree, available in the 4.12-rc2 release. 3.18 / 4.4 stable releases with the patch are also avaialble see timeline. Technical Details Due to a missing...

Linux Kernel 2.4.x/2.6.x Bluetooth Signed Buffer Index Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/12911/info A local signed-buffer-index vulnerability affects the Linux kernel because it fails to securely handle signed values when validating memory indexes. A local attacker may leverage this issue to gain escalated...

[SECURITY] Fedora 15 Update: iproute-2.6.38.1-6.fc15

The iproute package contains networking utilities ip and rtmon, for exampl e which are designed to use the advanced networking capabilities of the Linux 2.4.x and 2.6.x kernel...

Linux Kernel drivers/char/tpm/tpm.c信息泄露漏洞

BUGTRAQ ID: 46866 CVE ID: CVE-2011-1160 Linux Kernel是Linux操作系统的内核。 Linux Kernel在drivers/char/tpm/tpm.c的实现上存在信息泄露漏洞，本地攻击者可利用此漏洞从栈中获取敏感信息 Linux kernel 2.6.x OpenVZ Project OpenVZ 028stab091.1 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.kernel.org/...

Linux Kernel TCP_MAXSEG本地拒绝服务漏洞

BUGTRAQ ID: 44830 CVE ID: CVE-2010-4165 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel在处理某些TCP最大分段值时存在错误，意外触发的将0用作除数错误可能导致内核崩溃。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.spinics.net/lists/netdev/msg146495.html...

Linux 2.6.x fs/pipe.c local root exploit

No description provided by source. For those who were not yet aware, there is at least 3 public exploits since 11/05/2009 for CVE-2009-3547 targeting all linux kernels from 2.6.0 to 2.6.31 included. Since spender and fotis have already release their own, there is not need for us to keep this on o...

Linux Kernel r8169驱动Out-of-IOMMU错误本地拒绝服务漏洞

BUGTRAQ ID: 36706 CVECAN ID: CVE-2009-3613 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的Realtek r8169以太网驱动中存在漏洞，pciunmapsingle中的内存泄露可能导致耗尽IOMMU空间和系统崩溃。本地网络中的攻击者可以通过ping操作发送巨型帧触发out-of-IOMMU错误，导致拒绝服务的情况。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Overflow vulnerability:linux, each version corresponding overflow vulnerability finishing summary(overflow code)-vulnerability warning-the black bar safety net

2.4.17 local kmod 2.4.18 brk brk2 local kmod km. 2 2.4.19 brk brk2 local kmod km. 2 2.4.20 ptrace kmod ptrace-kmod km. 2 brk brk2 2.4.21 km. 2 brk brk2 ptrace ptrace-kmod 2.4.22 km. 2 brk2 brk ptrace ptrace-kmod 2.4.22-1 0 loginx ./ loginx 2.4.23 mremappte 2.4.24 mremappte Uselib24 2.4.25-1...

Linux Kernel /proc/net/rt_cache远程拒绝服务漏洞

BUGTRAQ ID: 34084 CVECAN ID: CVE-2009-0778 Linux Kernel是开放源码操作系统Linux所使用的内核。 即使缓存的路由表保持不变，/proc/slabinfo中的ipdstcache值也会一直递增，这会导致ipdstcache最终会到达 /proc/sys/net/ipv4/route/maxsize的值。当到达该值的时候，内核就会报告“dst cache overflow”，之后服务器不再响应任何网络活动。 Linux kernel 2.6.x 临时解决方法： 删除REJECT路由，或用ip route add 10.10.0.0/16...

Linux Kernel SysKonnect FDDI驱动非授权重置统计漏洞

CVECAN ID: CVE-2009-0675 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的drivers/net/skfp/skfddi.c文件中的skfpioctl函数中存在错误的逻辑，本地用户在缺少CAPNETADMIN权限而不是拥有这个权限的时候才可以执行SKFPCLRSTATS请求，因此无需授权便可以重置驱动统计。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit

No description provided by source. / $Id: raptorchown.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorchown.c - syschown missing DAC controls on Linux Copyright c 2004 Marco Ivaldi [email protected] Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of file...

CVE-2006-3745

Unspecified vulnerability in the sctpmakeabortuser function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service panic and possibly gain root privileges via unknown attack vectors...

[slackware-security] x11

New x11 packages are available for Slackware 10.2 and -current to fix security issues. In addition, fontconfig and freetype have been split out from the x11 packages in -current, so if you run -current you'll also need to install those new packages. More details about the issues may be found here...

CVE-2006-1242

The ippushpendingframes function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan nmap -sI attack, which bypasses intended protections against such attacks...

CVE-2005-1369

CVE-2005-1369 affects the it87 and via686a I2C drivers; prior to fixes in 2.6.11.8 and 2.6.12-rc2, these drivers created a writable sysfs file alarms, enabling a local attacker to cause CPU DoS by writing to it. Connected advisories indicate the issue is resolved by upgrading the kernel to a vers...

CVE-2005-1369

The 1 it87 and 2 via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write permissions, which allows local users to cause a denial of service CPU consumption by attempting to write to the file, which does not have an associated...

CVE-2005-0180

CVE-2005-0180 involves multiple signedness errors in sg_scsi_ioctl (scsi_ioctl.c) of Linux 2.6.x. The flaw lets a local user read or modify kernel memory by passing negative integers to the ioctl, bypassing a maximum-length check before copy_from_user/copy_to_user. Connected advisories (e.g., Man...

CVE-2004-1151

Multiple buffer overflows in the 1 sys32nisyscall and 2 sys32vm86warning functions in sysia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges...