6 matches found
Linux Kernel nfsd CAP_MKNOD Security Bypass - Ver2 (CVE-2009-1072)
Linux is a popular open-source operating system in which the kernel and other programs related to the operating systems are developed by a group of volunteers. The Linux kernel supports a great number of features, including networking, file system, graphics protocols and standards. A security...
Novell Netware "XNFS.NLM"组件"xdrDecodeString()"远程缓冲区溢出漏洞
BUGTRAQ ID: 50804 CVE ID: CVE-2011-4191 Novell Netware是一款商业性质的网络操作系统。 Novell Netware在处理某些NFS请求时,XNFS.NLM中的"xdrDecodeString"函数在实现上存在错误,可被恶意用户通过发送特制的数据报造成栈缓冲区溢出,执行任意代码,控制受影响系统。 Novell Netware 6.5.0 SP8 厂商补丁: Novell ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://support.novell.com/security-alerts...
Linux内核Ext3无效索引节点序号拒绝服务攻击漏洞
Secunia Advisory:SA21369 Linux内核被报告一个漏洞,该漏洞可被恶意用户操作进行拒绝服务攻击Denial of Service。 该漏洞是由处理一个无效索引节点序号(inode number)时ext3内的一个错误引起的。盖漏洞可被操作发送一个特殊处理的带有V2程序例如 V2LOOKUP的NFS请求使其列入无效索引节点序号。 成功操作会致使输出目录被重置为只读。 该漏洞已经在版本2.6.14.4、2.6.17.6和2.6.17.7中被证实。其他版本可能同样被影响。 Linux Kernel 2.6.x 仅同意信任用户访问受影响系统。...
CVE-2004-0946
rquotad in nfs-utils rquotaserver.c before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request...
CVE-2004-0946
rquotad in nfs-utils rquotaserver.c before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request...
CVE-2004-0946
rquotad in nfs-utils rquotaserver.c before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request...