17 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: smm: the number of GPRs in the SMRAM image depends on the image format. On 64-bit hosts, if the guest does not have X86FEATURELM, KVM will access 16 GPRs for a 32-bit SMMR image, resulting in an out-of-bound RAM access...
EUVD-2008-6751
Malware in sbrugna...
UBUNTU-CVE-2022-49883
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: smm: number of GPRs in the SMRAM image depends on the image format On 64 bit host, if the guest doesn't have X86FEATURELM, KVM will access 16 gprs to 32-bit smram image, causing out-ouf-bound ram access. On 32 bit host,...
Denial Of Service (DoS)
Linux kernel is vulnerable to denial of service DoS attacks. This occurs while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resulting in DoS or potentially escalate their privileges inside the guest...
Kernel: Kvm: vmx/svm potential privilege escalation inside guest
Linux kernel built with the Kernel-based Virtual Machine CONFIGKVM support was vulnerable to an incorrect segment selectorSS value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resultin...
Kernel: Kvm: vmx/svm potential privilege escalation inside guest
Linux kernel built with the Kernel-based Virtual Machine CONFIGKVM support was vulnerable to an incorrect segment selectorSS value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resultin...
Latest EMET Bypass Targets WoW64 Windows Subsystem
Backwards compatibility, a necessary evil for Microsoft in its need to support so many legacy applications on Windows, may be its undoing as researchers have found a way to exploit this layer in the operating system to bypass existing mitigations against memory-based exploits. Specifically in thi...
3CTftpSvc TFTP Long Mode Buffer Overflow
No description provided by source. $Id: threectftpsvclongmode.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and ter...
CVE-2008-6791
PumpKIN TFTP Server 2.7.2.0 allows remote attackers to cause a denial of service via a write request with a long mode field...
CVE-2009-1242
The vmxsetmsr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel before 2.6.29.1 on the i386 platform allows guest OS users to cause a denial of service OOPS by setting the EFERLME aka "Long mode enable" bit in the Extended Feature Enable Register EF...
PumpKIN Mode字段拒绝服务漏洞
BUGTRAQ ID: 31922 CNCAN ID:CNCAN-2008102805 PumpKIN是一款TFTP服务器和客户端集成。 PumpKIN不正确处理mode命令,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 当提交超长mode值时可导致应用程序崩溃,服务程序停止响应。 Klever Group PumpKIN 2.7.2 0 目前没有解决方案提供: http://kin.klever.net/pumpkin/ require 'msf/core' class Metasploit3 Msf::Auxiliary include...
PumpKIN TFTP Server 2.7.2.0 Denial of Service Exploit (meta)
No description provided by source. require 'msf/core' class Metasploit3 Msf::Auxiliary include Msf::Exploit::Remote::Udp def initializeinfo = superupdateinfoinfo, 'Name' = 'PumpKIN TFTP Server DoS', 'Description' = %q PumpKIN TFTP Server 2.7.2.0 eventually reaches a DoS condition when provided wi...
pumpkin-dos.txt
require 'msf/core' class Metasploit3 'PumpKIN TFTP Server DoS', 'Description' = %q PumpKIN TFTP Server 2.7.2.0 eventually reaches a DoS condition when provided with an overly long mode value. It'll take a minute. This condition is reached quicker when hammered repeatedly. , 'Author' = 'Saint...
PumpKIN TFTP Server 2.7.2.0 - Denial of Service (Metasploit)
require 'msf/core' class Metasploit3 'PumpKIN TFTP Server DoS', 'Description' = %q PumpKIN TFTP Server 2.7.2.0 eventually reaches a DoS condition when provided with an overly long mode value. It'll take a minute. This condition is reached quicker when hammered repeatedly. , 'Author' = 'Saint...
CVE-2006-6183
Multiple stack-based buffer overflows in 3Com 3CTftpSvc 2.0.1, and possibly earlier, allow remote attackers to cause a denial of service crash or execute arbitrary code via a long mode field aka transporting mode in a 1 GET or 2 PUT command...
3CTftpSvc TFTP Long Mode Buffer Overflow
This module exploits a stack buffer overflow in 3CTftpSvc 2.0.1. By sending a specially crafted packet with an overly long mode field, a remote attacker could overflow a buffer and execute arbitrary code on the system. This module requires Metasploit: https://metasploit.com/download Current sourc...
CVE-2000-0455
Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option...