Lucene search
K

113 matches found

CNVD
CNVD
added 2015/06/01 12:0 a.m.2 views

PHP Multiple Function Security Bypass Vulnerabilities

PHP is a general-purpose web programming language. A security bypass vulnerability exists in the PHP setincludepath, tempnam, rmdir, and readlink functions, where by accepting null values in a path, a remote attacker can submit special values to bypass security controls on the path values...

7.5CVSS7AI score0.20233EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2012/06/15 12:0 a.m.36 views

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 8162)

This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. The following security issues have been fixed : - A memory corruption when mounting a hfsplus filesystem was fixed that could be used by local attackers able to mount filesystem to crash th...

7.2CVSS7.9AI score0.00556EPSS
Exploits6References12
RedHat Linux
RedHat Linux
added 2012/03/06 6:34 p.m.4 views

kernel: xfs: potential buffer overflow in xfs_readlink()

Buffer overflow in the xfsreadlink function in fs/xfs/xfsvnodeops.c in XFS in the Linux kernel 2.6, when CONFIGXFSDEBUG is disabled, allows local users to cause a denial of service memory corruption and crash and possibly execute arbitrary code via an XFS image containing a symbolic link with a...

6.9CVSS6.2AI score0.00556EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/02/23 8:18 p.m.5 views

kernel: xfs: potential buffer overflow in xfs_readlink()

Buffer overflow in the xfsreadlink function in fs/xfs/xfsvnodeops.c in XFS in the Linux kernel 2.6, when CONFIGXFSDEBUG is disabled, allows local users to cause a denial of service memory corruption and crash and possibly execute arbitrary code via an XFS image containing a symbolic link with a...

6.9CVSS6.2AI score0.00556EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2011/10/29 12:0 a.m.4 views

PT-2011-4840 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel version 2.6 Description: The issue is related to a buffer overflow in the xfs readlink function, which can cause memory corruption and a crash, potentially allowing the execution of arbitrary code. This occurs when CONFIG XFS DEB...

7.8CVSS7.2AI score0.20492EPSS
Exploits19References88
Tenable Nessus
Tenable Nessus
added 2011/08/04 12:0 a.m.21 views

SuSE 10 Security Update : coreutils (ZYPP Patch Number 7655)

This update of coreutils fixes the following security issue : - 697897: coreutils: when running 'su -c' to execute commands as different user the target user could inject command back into the calling users terminal via the TIOCSTI ioctl. This update also fixes the following non-security issues :...

5.6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2009/04/01 8:23 a.m.5 views

kernel: ecryptfs readlink flaw

fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service fault or memory corruption, or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array...

4.9CVSS6.2AI score0.00502EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/03/27 12:12 a.m.5 views

kernel: ecryptfs readlink flaw

fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service fault or memory corruption, or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array...

4.9CVSS6.2AI score0.00502EPSS
Exploits1References4
seebug.org
seebug.org
added 2009/02/27 12:0 a.m.67 views

Linux Kernel readlink本地权限提升漏洞

BUGTRAQ ID: 33412 CVECAN ID: CVE-2009-0269 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的eCryptfs子系统的fs/ecryptfs/inode.c文件没有正确地检查readlink调用的返回结果。如果readlink调用生成的错误导致将-1返回值用作了数组索引,本地用户就可以导致拒绝服务或获得权限提升。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

4.9CVSS0.4AI score0.00502EPSS
Exploits1
Prion
Prion
added 2009/01/26 3:30 p.m.23 views

Memory corruption

fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service fault or memory corruption, or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array...

4.9CVSS7.1AI score0.00502EPSS
Exploits1References27Affected Software4
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.30 views

Debian: Security Advisory (DSA-1183-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.6AI score0.20561EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.63 views

Debian DSA-1183-1 : kernel-source-2.4.27 - several vulnerabilities

Several security related problems have been discovered in the Linux kernel which may lead to a denial of service or even the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-4798 A buffer overflow in NFS readlink handling...

7.8CVSS6.2AI score0.20561EPSS
Exploits5References16
RedHat Linux
RedHat Linux
added 2006/03/15 2:5 p.m.6 views

security flaw

Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service crash via a long symlink, which is not properly handled in 1 nfs2xdr.c or 2 nfs3xdr.c and causes a crash in the NFS client...

5CVSS5.9AI score0.02954EPSS
Exploits0References4
Rows per page
Query Builder