RHEL 5 : kernel (RHSA-2009:1222)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1222 advisory. - kernel: uninit op in SOCKOPSWRAP leads to privesc CVE-2009-2692 - kernel: udp socket NULL ptr dereference CVE-2009-2698 Note that Nessus h...

Linux 2.6.30+/SELinux/RHEL5 Test Kernel Local Root Exploit 0day

No description provided by source. / super fun 2.6.30+/RHEL5 2.6.18 local kernel exploit in /dev/net/tun A vulnerability which, when viewed at the source level, is unexploitable! But which, thanks to gcc optimizations, becomes exploitable : Also, bypass of mmapminaddr via SELinux vulnerability!...

Linux Kernel 2.6.30 < 2.6.30.1 / SELinux (RHEL 5) - Local Privilege Escalation

/ super fun 2.6.30+/RHEL5 2.6.18 local kernel exploit in /dev/net/tun A vulnerability which, when viewed at the source level, is unexploitable! But which, thanks to gcc optimizations, becomes exploitable : Also, bypass of mmapminaddr via SELinux vulnerability! where having SELinux enabled actuall...

openSUSE 10 Security Update : kernel (kernel-5751)

This kernel update fixes various bugs and also several security issues : CVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between SCTP AUTH availability. This might be exploited remotely for a denial of service crash attack. CVE-2008-3833: The genericfilesplicewrite function in...

openSUSE 10 Security Update : kernel (kernel-5700)

The openSUSE 10.3 kernel was update to 2.6.22.19. This includes bugs and security fixes. CVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between SCTP AUTH availability. This might be exploited remotely for a denial of service crash attack. CVE-2008-3528: The ext234 filesystem code fail...

SuSE 10 Security Update : the Linux Kernel (x86) (ZYPP Patch Number 5566)

This update of the SUSE Linux Enterprise 10 Service Pack 1 kernel contains lots of bugfixes and several security fixes : - Added missing capability checks in sbniioctl. CVE-2008-3525 - On AMD64 some string operations could leak kernel information into userspace. CVE-2008-0598 - Added range checki...

Sasser Worm ftpd Remote Buffer Overflow Exploit (port 5554)

No description provided by source. / / // / / / / \ / / / / / / / // // / // / // //// - ROMANIAN SECURITY RESEARCH 2004 - sasser va-e exploit of its ftpd server exploit version 1.4, public author: mandragore date: Mon May 10 16:13:31 2004 vuln type: SEH ptr overwriting greets: rosecurity team...

MS Windows Messenger Service Remote Exploit FR (MS03-043)

No description provided by source. // / Crpt MS03-043 - Messenger exploit by MrNice Crpt / / --------------------------------------------------------------- / / / / &nbsp...

CVE-2008-2357

Stack-based buffer overflow in the splitredraw function in split.c in mtr before 0.73, when invoked with the -p aka --split option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the nsnamentop function in...

Stack overflow

Stack-based buffer overflow in the splitredraw function in split.c in mtr before 0.73, when invoked with the -p aka --split option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the nsnamentop function in...

CVE-2008-2357

CVE-2008-2357 affects mtr prior to version 0.73, where a stack-based buffer overflow in split_redraw (split.c) can be triggered by a crafted DNS PTR record when using -p. Several OpenVAS/Nessus entries link this to multiple distributions (e.g., SUSE/OpenSUSE, Gentoo GLSA, Slackware SSA) and refer...

CVE-2008-2357

Stack-based buffer overflow in the splitredraw function in split.c in mtr before 0.73, when invoked with the -p aka --split option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the nsnamentop function in...

CVE-2008-2357

Stack-based buffer overflow in the splitredraw function in split.c in mtr before 0.73, when invoked with the -p aka --split option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the nsnamentop function in...

MS Windows (.doc File) Malformed Pointers Denial of Service Exploit

No description provided by source. / Microsoft Windows .doc File Malformed Pointers DoS &...

Linux Kernel 2.6.17 - 'Sys_Tee' Local Privilege Escalation

source: https://www.securityfocus.com/bid/22823/info The Linux kernel is prone to a local privilege-escalation vulnerability. Exploiting this issue allows local attackers to gain superuser privileges, facilitating the complete compromise of affected computers. Linux 2.6.16 - 2.6.17.6 local root...

Sasser Worm ftpd Remote Buffer Overflow Exploit (port 5554)

Exploit for unknown platform in category remote exploits =========================================================== Sasser Worm ftpd Remote Buffer Overflow Exploit port 5554 =========================================================== / / // / / / / \ / / / / / / / // // / // / // //// -...

CVE-2005-0021

Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via 1 an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the hostaton function, or 2 the -bh command line option or dnsdb PTR...

CVE-2005-0021

Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via 1 an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the hostaton function, or 2 the -bh command line option or dnsdb PTR...

CVE-2002-0511

The CVE concerns the default nscd configuration in Caldera OpenLinux 3.1/3.1.1, where PTR records are cached instead of querying the authoritative DNS for the A record. This may let remote attackers bypass host-name based access controls. No explicit remediation is described in the provided docum...

CVE-2001-1033

Compaq TruCluster 1.5 allows remote attackers to cause a denial of service via a port scan from a system that does not have a DNS PTR record, which causes the cluster to enter a "split-brain" state...