13 matches found
VENOM venom vulnerability analysis qemu kvm CVE‐2 0 1 5‐3 4 5 6-the vulnerability warning-the black bar safety net
Vulnerability description CrowdStrike, Jason Geffner found open source computer emulator QEMU in the presence of a and a virtual floppy disk controller associated with the security vulnerability, code-named VENOM, the CVE number for CVE-2 0 1 5-3 4 5 6 The. Using this vulnerability an attacker ca...
Linux Kernel 2.6.18 - 'move_pages()' Information Leak
/ sieve because the Linux kernel leaks like one, get it? Bug NOT discovered by Marcus Meissner of SuSE security This bug was discovered by Ramon de Carvalho Valle in September of 2009 The bug was found via fuzzing, and on Sept 24th I was sent a POC DoS for the bug but had forgotten about it until...
Linux Kernel 2.6.18 - move_pages() Information Leak
Linux Kernel 2.6.18 - movepages Information Leak / sieve because the Linux kernel leaks like one, get it? Bug NOT discovered by Marcus Meissner of SuSE security This bug was discovered by Ramon de Carvalho Valle in September of 2009 The bug was found via fuzzing, and on Sept 24th I was sent a POC...
Debian DSA-975-1 : nfs-user-server - buffer overflow
Marcus Meissner discovered that attackers can trigger a buffer overflow in the path handling code by creating or abusing existing symlinks, which may lead to the execution of arbitrary code. This vulnerability isn't present in the kernel NFS server. This update includes a bugfix for attribute...
[SECURITY] [DSA 1106-1] New ppp packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 1106-1 [email protected] http://www.debian.org/security/ Martin Schulze July 10th, 2006 http://www.debian.org/security/faq -...
DSA-1106 ppp - programming error
Bulletin has no description...
USN-278-1: gdm vulnerability
Marcus Meissner discovered a race condition in gdm's handling of the /.ICEauthority file permissions. A local attacker could exploit this to become the owner of an arbitrary file in the system. When getting control over automatically executed scripts like cron jobs, the attacker could eventually...
DSA-1023-1 kaffeine - buffer overflow
Bulletin has no description...
DSA-975-1 nfs-user-server - buffer overflow
Bulletin has no description...
DSA-806-1 gcvs - insecure temporary files
Bulletin has no description...
DSA-802-1 cvs - insecure temporary files
Bulletin has no description...
imlib2 -- BMP decoder buffer overflow
Marcus Meissner discovered that imlib2's BMP decoder would crash when loading the test BMP file created by Chris Evans for testing the previous Qt vulnerability. There appears to be both a stack-based and a heap-based buffer overflow that are believed to be exploitable for arbitrary code executio...
imlib -- BMP decoder heap buffer overflow
Marcus Meissner discovered that imlib's BMP decoder would crash when loading the test BMP file created by Chris Evans for testing the previous Qt vulnerability. It is believed that this bug could be exploited for arbitrary code execution...