2612 matches found
Windows NT - Windows 8 EPATHOBJ Local Ring 0 Exploit
Exploit for windows platform in category local exploits ifndef WIN32NOSTATUS define WIN32NOSTATUS endif include include include include include ifdef WIN32NOSTATUS undef WIN32NOSTATUS endif include pragma commentlib, "gdi32" pragma commentlib, "kernel32" pragma commentlib, "user32" pragma...
kernel: xen: Linux netback DoS via malicious guest ring.
The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service loop by triggering ring pointer corruption...
[Converter v0.7] Analyzing and Deobfuscating Malicious Scripts
Malicious Java applets have been making news for awhile so I thought I would update Converter to include some new features to help with deobfuscating them. This is a list of changes made to this version: + Replaced Binary-to/from-Text with Binary-to/from-Hex to make it more useful + Added Filter...
CVE-2013-0215
oxenstored in Xen 4.1.x, Xen 4.2.x, and xen-unstable does not properly consider the state of the Xenstore ring during read operations, which allows guest OS users to cause a denial of service daemon crash and host-control outage, or memory consumption or obtain sensitive control-plane data by...
CVE-2013-0215
oxenstored in Xen 4.1.x, Xen 4.2.x, and xen-unstable does not properly consider the state of the Xenstore ring during read operations, which allows guest OS users to cause a denial of service daemon crash and host-control outage, or memory consumption or obtain sensitive control-plane data by...
PT-2013-2161 · Xen · Xen
Name of the Vulnerable Software and Affected Versions: Xen versions 4.1.x through 4.2.x Xen version xen-unstable Description: The issue allows guest OS users with administrative access to cause a denial of service, resulting in a daemon crash and host-control outage, or memory consumption. It als...
Oracle Linux 6 kernel security and bugfix update
2.6.32-358.el6 - fs Fix sget race with failing mount Eric Sandeen 883276 2.6.32-357.el6 - virt xen: Fix stack corruption in xenfailsafecallback for 32bit PVOPS guests Andrew Jones 896050 CVE-2013-0190 - block sgio: use different default filters for each device class Paolo Bonzini 875361...
CVE-2013-0216
The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service loop by triggering ring pointer corruption...
DEBIAN-CVE-2013-0216
The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service loop by triggering ring pointer corruption...
CVE-2013-0216
The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service loop by triggering ring pointer corruption...
CVE-2013-0216
The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service loop by triggering ring pointer corruption...
UBUNTU-CVE-2013-0216
The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service loop by triggering ring pointer corruption...
oxenstored incorrect handling of certain Xenbus ring states
ISSUE DESCRIPTION The oxenstored daemon the ocaml version of the xenstore daemon does not correctly handle unusual or malicious contents in the xenstore ring. A malicious guest can exploit this to cause oxenstored to read past the end of the ring and very likely crash or to allocate large amounts...
Google Looking Into Hardware to Help Kill the Password
Google is looking at a number of hardware-based authentication mechanisms to bypass one of security’s biggest vulnerabilities: the written password. Wired Magazine got an advanced look at a report submitted by a Google security team for IEEE Security & Privacy Magazine that discusses alternatives...
Operation High Roller Banked on Fast-Flux Botnet to Steal Millions
A fraud ring that attacked financial transfer systems in an attempt to get at wealthy high-end banking customers used a complicated web of malware and compromised servers in several countries to walk off with an estimated $78 million earlier this year. While the attacks targeted financial systems...
Vm86 - Syscall Task Switch Kernel Panic (Denial of Service) Privilege Escalation
Vm86 - Syscall Task Switch Kernel Panic Denial of Service Privilege Escalation Source: http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/ Introduction Problem description: The initial observation was, that the linux vm86 syscall, which allows to use the virtual-8086 mode from...
New Fraud Ring 'Operation High Roller' Targets the Rich
A recent fraud ring through which attackers raided high-value bank accounts, nicknamed Operation High Roller .PDF, employed attacks that were quick, required no human interaction and have already affected several tiers of credit unions, regional banks and large global banks, over the last several...
CVE-2011-4080
The sysrqsysctlhandler function in kernel/sysctl.c in the Linux kernel before 2.6.39 does not require the CAPSYSADMIN capability to modify the dmesgrestrict value, which allows local users to bypass intended access restrictions and read the kernel ring buffer by leveraging root privileges, as...
SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7811)
This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. The following security issues have been fixed : - A USB string descriptor overflow in the auerwald USB driver was fixed, which could be used by physically proximate attackers to cause a...
kernel: sysctl: restrict write access to dmesg_restrict
The sysrqsysctlhandler function in kernel/sysctl.c in the Linux kernel before 2.6.39 does not require the CAPSYSADMIN capability to modify the dmesgrestrict value, which allows local users to bypass intended access restrictions and read the kernel ring buffer by leveraging root privileges, as...