113 matches found
PHP Multiple Function Security Bypass Vulnerabilities
PHP is a general-purpose web programming language. A security bypass vulnerability exists in the PHP setincludepath, tempnam, rmdir, and readlink functions, where by accepting null values in a path, a remote attacker can submit special values to bypass security controls on the path values...
SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 8162)
This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. The following security issues have been fixed : - A memory corruption when mounting a hfsplus filesystem was fixed that could be used by local attackers able to mount filesystem to crash th...
kernel: xfs: potential buffer overflow in xfs_readlink()
Buffer overflow in the xfsreadlink function in fs/xfs/xfsvnodeops.c in XFS in the Linux kernel 2.6, when CONFIGXFSDEBUG is disabled, allows local users to cause a denial of service memory corruption and crash and possibly execute arbitrary code via an XFS image containing a symbolic link with a...
kernel: xfs: potential buffer overflow in xfs_readlink()
Buffer overflow in the xfsreadlink function in fs/xfs/xfsvnodeops.c in XFS in the Linux kernel 2.6, when CONFIGXFSDEBUG is disabled, allows local users to cause a denial of service memory corruption and crash and possibly execute arbitrary code via an XFS image containing a symbolic link with a...
PT-2011-4840 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel version 2.6 Description: The issue is related to a buffer overflow in the xfs readlink function, which can cause memory corruption and a crash, potentially allowing the execution of arbitrary code. This occurs when CONFIG XFS DEB...
SuSE 10 Security Update : coreutils (ZYPP Patch Number 7655)
This update of coreutils fixes the following security issue : - 697897: coreutils: when running 'su -c' to execute commands as different user the target user could inject command back into the calling users terminal via the TIOCSTI ioctl. This update also fixes the following non-security issues :...
kernel: ecryptfs readlink flaw
fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service fault or memory corruption, or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array...
kernel: ecryptfs readlink flaw
fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service fault or memory corruption, or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array...
Linux Kernel readlink本地权限提升漏洞
BUGTRAQ ID: 33412 CVECAN ID: CVE-2009-0269 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的eCryptfs子系统的fs/ecryptfs/inode.c文件没有正确地检查readlink调用的返回结果。如果readlink调用生成的错误导致将-1返回值用作了数组索引,本地用户就可以导致拒绝服务或获得权限提升。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Memory corruption
fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service fault or memory corruption, or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array...
Debian: Security Advisory (DSA-1183-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1183-1 : kernel-source-2.4.27 - several vulnerabilities
Several security related problems have been discovered in the Linux kernel which may lead to a denial of service or even the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-4798 A buffer overflow in NFS readlink handling...
security flaw
Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service crash via a long symlink, which is not properly handled in 1 nfs2xdr.c or 2 nfs3xdr.c and causes a crash in the NFS client...