kernel: flood ping cause out-of-iommu error and panic when mtu larger than 1500

The swiotlb functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel before 2.6.27.22 allows remote attackers to cause a denial of service IOMMU space exhaustion and system crash by using jumbo frames for a large amount of network traffic, as demonstrated by a flood ping...

Debian Security Advisory DSA 1949-1 (php-net-ping)

The remote host is missing an update to php-net-ping announced via advisory DSA 1949-1. OpenVAS Vulnerability Test $Id: deb19491.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1949-1 php-net-ping Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...

Debian: Security Advisory (DSA-1949-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 1949-1] New php-net-ping packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1949-1 [email protected] http://www.debian.org/security/ Raphael Geissert December 12, 2009 http://www.debian.org/security/faq -...

DSA-1949-1 php-net-ping - arbitrary code execution

Bulletin has no description...

FreeBSD ld-elf本地权限提升漏洞

FreeBSD是一款开放源代码的基于BSD的操作系统。 在ld-elf对环境变量处理存在本地权限提升漏洞 FreeBSD包含的Run-Time Link-Editor rtld存在问题，本地攻击者可以利用漏洞获得root特权。 一般情况下，在执行类似"ping"或"su" setugid的程序时，RTLD不允许设置类似LDPRELOAD这类的危险环境变量，不过存在漏洞可让rtld被诱使在setugid程序上接收LD变量，导致特权提升。 FreeBSD 8.0-RELEASE FreeBSD 7.1-RELEASE 厂商解决方案 目前没有解决方案提供：...

Fedora 11 : php-pear-Net-Ping-2.4.5-1.fc11 (2009-11613)

Upstream Changelog Version 2.4.5 - QA Release: Prevent command injection saltybeagle CVE-2009-4024 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

Fedora 10 : php-pear-Net-Ping-2.4.5-1.fc10 (2009-12156)

Upstream Changelog Version 2.4.5 - QA Release: Prevent command injection saltybeagle CVE-2009-4024 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

Fedora 12 : php-pear-Net-Ping-2.4.5-1.fc12 (2009-11523)

Upstream Changelog Version 2.4.5 - QA Release: Prevent command injection saltybeagle CVE-2009-4024 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

CVE-2009-4024

Argument injection vulnerability in the ping function in Ping.php in the NetPing package before 2.4.5 for PEAR allows remote attackers to execute arbitrary shell commands via the host parameter. NOTE: this has also been reported as a shell metacharacter problem...

[SECURITY] Fedora 11 Update: php-pear-Net-Ping-2.4.5-1.fc11

OS independent wrapper class for executing ping calls...

[SECURITY] Fedora 10 Update: php-pear-Net-Ping-2.4.5-1.fc10

OS independent wrapper class for executing ping calls...

[SECURITY] Fedora 12 Update: php-pear-Net-Ping-2.4.5-1.fc12

OS independent wrapper class for executing ping calls...

PEAR Net_Ping 'ping()'函数任意变量注入漏洞

Bugraq ID: 37093 PEAR NetPing是一款基于PHP的执行ping操作的OS独立封装类。 当表单输入直接使用时，攻击者可以传递变量允许执行远程任意命令注入攻击。 PEAR NetPing 2.4.4 PEAR NetPing 2.4.5已经修复此漏洞，建议用户下载使用： http://download.pear.php.net/package/NetPing-2.4.5.tgz pear upgrade NetPing-2.4.5...

Penetration in the end we should scan what is useful information-vulnerability warning-the black bar safety net

"T． S． T"the Information Security Team'blog If the penetration we need to scan what information? Then the statement could be more, but the routine will scan the following information: 1. The target on the network host IP address 2. The host system can access the UDP or TCP port 3. On the target...

kernel: flood ping cause out-of-iommu error and panic when mtu larger than 1500

The swiotlb functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel before 2.6.27.22 allows remote attackers to cause a denial of service IOMMU space exhaustion and system crash by using jumbo frames for a large amount of network traffic, as demonstrated by a flood ping...

Nagios3 statuswml.cgi Command Injection

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...

Nagios3 - statuswml.cgi Command Injection (Metasploit)

Nagios3 - statuswml.cgi Command Injection Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

Nagios3 - 'statuswml.cgi' Command Injection (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Nagios3...

Nagios3 statuswml.cgi Command Injection

Exploit for unknown platform in category web applications ======================================= Nagios3 statuswml.cgi Command Injection ======================================= $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions...