349 matches found
Input validation
The memwrite function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc//mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper...
CVE-2012-0056
The memwrite function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc//mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper...
CVE-2012-0056
No public technical details about CVE-2012-0056 are present in the connected documents; the Fedora announcements do not expose affected products, versions, or fixes. Monitor for updates.
VulnCheck KEV: CVE-2012-0056
The memwrite function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc//mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper...
Linux Kernel local privilege escalation via SUID /proc/pid/mem write
Overview Linux kernel = 2.6.39 incorrectly handles the permissions for /proc//mem. A local, authenticated attacker could exploit this vulnerability to escalate to root privileges. Exploit code is available in the wild and there have been reports of active exploitation. Description /proc//mem is a...
USN-1342-1: Linux kernel (Oneiric backport) vulnerability
Jüri Aedla discovered that the kernel incorrectly handled /proc//mem permissions. A local attacker could exploit this and gain root privileges...
Linux kernels >=2.6.39 local root exploit 0day-vulnerability warning-the black bar safety net
This is absolutely awesome, and 2.6.39 on top of the kernel all the presence of this vulnerability. Original source http://blog. zx2c4. com/7 4 9, The 利用 代码 可 在 这里 找到 http://www.dis9.com/code/mempodipper-CVE-2012-0056.c.html the. The use of the/proc/pid/mem write,/poc file system is a virtual fil...
Ubuntu 11.10 : linux vulnerability (USN-1336-1)
Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. CVE-2011-2203 A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain ro...
kernel: proc: /proc/<pid>/mem mem_write insufficient permission checking
The memwrite function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc//mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper...
USN-1336-1: Linux kernel vulnerability
Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. CVE-2011-2203 A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain ro...
Mempodipper - Linux Local Root for >=2.6.39, 32-bit and 64-bit
No description provided by source. Exploit code is here: http://git.zx2c4.com/CVE-2012-0056/plain/mempodipper.c Blog post about it is here: http://blog.zx2c4.com/749 Exploit Title: Mempodipper - Linux Local Root for =2.6.39, 32-bit and 64-bit Date: Jan 21, 2012 Author: zx2c4 Tested on: Gentoo,...
UBUNTU-CVE-2012-0056
The memwrite function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc//mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper...
6-year FreeBSD-SA-05:02.sendfile exploit
Hi, This is almost 0-day. In a sense. I wrote this for a pentesting company. I found it ethically OK to do since the FreeBSD advisory was already out for a couple of weeks. It turns out I was not alone to write an exploit for this bug, and to publish the exploit this year. Timeline: 2005/04/04 -...
FreeBSD 5.4-RELEASE ftpd 6.00LS - 'sendfile' Memory Leak
/FreeBSD include include include include include include include include include int createconnectionchar target, char targetport; void getlineint s; void putlineint s, char out; void usagechar exe; char in8096; char out8096; char out28096; int mainint argc, char argv extern int optind; extern ch...
FreeBSD <= 5.4-RELEASE ftpd (Version 6.00LS) sendfile kernel mem-leak
Exploit for freebsd platform in category local exploits /FreeBSD include include include include include include include include include int createconnectionchar target, char targetport; void getlineint s; void putlineint s, char out; void usagechar exe; char in8096; char out8096; char out28096;...
Moderate: Red Hat Security Advisory: kernel-rt security and bug fix update
Updated kernel-rt packages that fix multiple security issues and upgrade the kernel-rt kernel to version 2.6.33.7-rt29 are now available for Red Hat Enterprise MRG 1.3. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System...
JITed egg-hunter stage-0 shellcode
No description provided by source. // JITed egg-hunter stage-0 shellcode // Permanent DEP bypass // // By Alexey Sintsov // [email protected] // [email protected] // // DSecRG - Digital Security Research Group dsecrg.com// // // TAG=3135330731353307 // its mean 0x07333531 twice! // // // This versi...
Online Community CMS by I-net - SQL Injection
Exploit Title: Online Community CMS by I-net SQL Injection Vulnerability Date: 16-03-2010 Author: Th3 RDX Software Link: www.i-netsolution.com/online-community-php-scripts.html Version: Tested on: Projects Made By Them category: webapp Code :...
JITed stage-0 shellcode
Exploit for win32 platform in category shellcode ======================= JITed stage-0 shellcode ======================= Title: JITed stage-0 shellcode Author: Alexey Sintsov Download N/A // JITS0.AS // // VirtualProtect stage-0 shellcode // // how to use stack // // 0000: 0x11111111 -- ret addr ...
apache mod-mem-cache 2.2.4 recall-headers 信息泄漏漏洞
No description provided by source...