Solaris/x86 - SystemV killall command - 39 bytes

No description provided by source. / Title: Solaris/x86 - SystemV killall command - 39 bytes Author: Jonathan Salwan submit AT shell-storm.org Web: http://www.shell-storm.org Twitter: http://twitter.com/jonathansalwan ! Database of shellcodes: http://www.shell-storm.org/shellcode/ Date: 2010-06-0...

ml2 - local users can crash processes

No description provided by source. include stdio.h include unistd.h include stdlib.h include syslog.h error int mainint argc, char argv char foo1000; char bigmsg10000; char s, holds; int i = 0; memsetbigmsg, 'X', sizeofbigmsg-1; if argc 2 printfusage: %s pid to kill\n, argv0; exit1; // fork;...

Libsafe 2.0 Multi-threaded Process Race Condition Security Bypass Weakness

No description provided by source. source: http://www.securityfocus.com/bid/13190/info Libsafe will normally kill an application when certain types of memory corruption are detected, preventing exploitation of some buffer overflow and format string vulnerabilities. A weakness has been reported th...

KLA10342 OSI vulnerability in Stunnel

Improper work with OpenSSL was found in Stunnel. By exploiting this vulnerability malicious users can obtain private keys or certificates. This vulnerability can be exploited remotely at a point related to children’s processes. Original advisories Stunnel Changelog Related products Stunnel CVE li...

Updated dbus packages fix security vulnerability

Updated dbus packages fix security vulnerability: A denial of service vulnerability in D-Bus before 1.6.20 allows a local attacker to cause a bus-activated service that is not currently running to attempt to start, and fail, denying other users access to this service Additionally, in highly unusu...

Apache Httpd < 2.2.29 : mod_cgid denial of service

A flaw was found in modcgid. If a server using modcgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service...

CVE-2013-6825

1 movescu.cc and 2 storescp.cc in dcmnet/apps/, 3 dcmnet/libsrc/scp.cc, 4 dcmwlm/libsrc/wlmactmg.cc, 5 dcmprscp.cc and 6 dcmpsrcv.cc in dcmpstat/apps/, 7 dcmpstat/tests/msgserv.cc, and 8 dcmqrdb/apps/dcmqrscp.cc in DCMTK 3.6.1 and earlier does not check the return value of the setuid system call,...

Code injection

1 movescu.cc and 2 storescp.cc in dcmnet/apps/, 3 dcmnet/libsrc/scp.cc, 4 dcmwlm/libsrc/wlmactmg.cc, 5 dcmprscp.cc and 6 dcmpsrcv.cc in dcmpstat/apps/, 7 dcmpstat/tests/msgserv.cc, and 8 dcmqrdb/apps/dcmqrscp.cc in DCMTK 3.6.1 and earlier does not check the return value of the setuid system call,...

CVE-2013-6825

1 movescu.cc and 2 storescp.cc in dcmnet/apps/, 3 dcmnet/libsrc/scp.cc, 4 dcmwlm/libsrc/wlmactmg.cc, 5 dcmprscp.cc and 6 dcmpsrcv.cc in dcmpstat/apps/, 7 dcmpstat/tests/msgserv.cc, and 8 dcmqrdb/apps/dcmqrscp.cc in DCMTK 3.6.1 and earlier does not check the return value of the setuid system call,...

CVE-2014-0240

The modwsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes...

CVE-2014-0240

The modwsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes...

Apache/NGINX 下 PHP-FPM 或者 PHP-CGI 拒绝服务漏洞

使用标准cable/DSL连接，这种攻击可以使用标准的HTTP请求占满一台Linux web服务器的CPU和内存。这种攻击影响使用PHP-CGI或PHP-FPM（包含WordPress站点在内）解析PHP动态内容的Apache或者NGINX web服务器。另外，这种攻击制造的请求将会在攻击后的较长时间内继续占用服务器资源。 0 全版本 暂无 ?php !/usr/bin/php / File: phpstress.php Written by: d4rk0 / @d4rk0s Concept by: Vinny Troia / @VinnyTroia Night Lion Securit...

[SECURITY] Fedora 20 Update: qemu-1.6.2-4.fc20

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

FreeBSD devfs protection bypass

Jailed processes are not restricted in devfs access...

Hardware timer context is not properly context switched on ARM

ISSUE DESCRIPTION When running on an ARM platform Xen was not context switching the CNTKCTLEL1 register, which is used by the guest kernel to control access by userspace processes to the hardware timers. This meant that any guest can reconfigure these settings for the entire system. IMPACT A...

CVE-2013-7111

The putcall function in the API client api/apiclient.rb in the BaseSpace Ruby SDK aka bio-basespace-sdk gem 0.1.7 for Ruby uses the APIKEY on the command line, which allows remote attackers to obtain sensitive information by listing the processes...

CVE-2013-7111

The putcall function in the API client api/apiclient.rb in the BaseSpace Ruby SDK aka bio-basespace-sdk gem 0.1.7 for Ruby uses the APIKEY on the command line, which allows remote attackers to obtain sensitive information by listing the processes...

OpenSSH rootkit backdoor tool with ssh sniffer

This is a private version of OpenSSH backdoor rootkit tool wih ssh sniffer. If u want to have a hidden acces to a unix server on ssh conexion you can us this tool safetly. Also this rootkit can catch all ssh conexiones from the server where install this tool. If a email protected or email protect...

Full Disclosure Security Mailing List Shuts Down

The Full Disclosure security mailing list, which has been one of the main discussion forums for vulnerability and exploit information for 12 years, is shutting down because “‘one of our own’ would undermine the efforts of the last 12 years”, one of the creators said. John Cartwright, one of the...

HP Data Protector Backup Client Service Remote Code Execution Exploit

Exploit for windows platform in category remote exploits require 'msf/core' class Metasploit3 'HP Data Protector Backup Client Service Remote Code Execution', 'Description' = %q This module abuses the Backup Client Service OmniInet.exe to achieve remote code execution. The vulnerability exists in...