126 matches found
openSUSE 15 Security Update : permissions (openSUSE-SU-2021:1520-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1520-1 advisory. - The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the easy permission profile and sniff...
Red Hat Enterprise Linux 安全漏洞
Red Hat Enterprise Linux is a Linux operating system for business users from Red Hat, Inc. A security vulnerability exists in Red Hat Enterprise Linux, which stems from a /sbin/kexec binary file that helps to boot a new kernel using the kernel's kexec functionality during a normal or emergency...
Null pointer dereference
Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695 1.17.RC063, DAP-3320 1.01.RC014 and DAP-3662 1.01.RC022 in the uploadcertificate function of sbin/httpd...
Null pointer dereference
Null pointer dereference vulnerability in D-Link DAP-2310 2,10RC039, DAP-2330 1.10RC036 BETA, DAP-2360 2.10RC055, DAP-2553 3.10rc039 BETA, DAP-2660 1.15rc131b, DAP-2690 3.20RC115 BETA, DAP-2695 1.20RC093, DAP-3320 1.05RC027 BETA and DAP-3662 1.05rc069 in the sbin/httpd binary. The crash happens a...
CVE-2021-28840
CVE-2021-28840 targets multiple D-Link DAP access points (DAP-2310, -2330, -2360, -2553, -2660, -2690, -2695, -3320, -3662). The root cause is a NULL pointer dereference in the upload_config function of sbin/httpd: when handling a specific HTTP GET, upload_file is NULL and strncasecmp is called w...
CVE-2021-28838
CVE-2021-28838 describes a null pointer dereference in the sbin/httpd binary affecting multiple D-Link devices (DAP-2310, DAP-2330, DAP-2360, DAP-2553, DAP-2660, DAP-2690, DAP-2695, DAP-3320, DAP-3662). The crash is triggered when a specific network packet is sent to httpd, occurring at an atoi o...
CVE-2021-28838
Null pointer dereference vulnerability in D-Link DAP-2310 2,10RC039, DAP-2330 1.10RC036 BETA, DAP-2360 2.10RC055, DAP-2553 3.10rc039 BETA, DAP-2660 1.15rc131b, DAP-2690 3.20RC115 BETA, DAP-2695 1.20RC093, DAP-3320 1.05RC027 BETA and DAP-3662 1.05rc069 in the sbin/httpd binary. The crash happens a...
Amazon Linux 2 : setup (ALAS-2019-1158)
Setup in Amazon Linux 2 added /sbin/nologin and /usr/sbin/nologin to /etc/shells. This violates security assumptions made by pamshells and some daemons which allow access based on a user's shell being listed in /etc/shells. Under some circumstances, users which had their shell changed to...
Chrome OS /sbin/crash_reporter Symlink Traversal Vulnerability
Exploit for windows platform in category dos / poc Chrome OS: symlink traversal issue in /sbin/crashreporter Tested on: Version 69.0.3473.0 Official Build dev 64-bit CreateDirectoryWithSettings in https://chromium.googlesource.com/chromiumos/platform2/+/master/crash-reporter/crashcollector.cc107 ...
Chrome OS /sbin/crash_reporter Symlink Traversal
Chrome OS: symlink traversal issue in /sbin/crashreporter Tested on: Version 69.0.3473.0 Official Build dev 64-bit CreateDirectoryWithSettings in https://chromium.googlesource.com/chromiumos/platform2/+/master/crash-reporter/crashcollector.cc107 is executed by /sbin/crashreporter every time a...
CVE-2018-1113
setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and /usr/sbin/nologin to /etc/shells. This violates security assumptions made by pamshells and some daemons which allow access based on a user's shell being listed in /etc/shells. Under some circumstance...
CVE-2018-1113
setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and /usr/sbin/nologin to /etc/shells. This violates security assumptions made by pamshells and some daemons which allow access based on a user's shell being listed in /etc/shells. Under some circumstance...
Linux/x86 - execve(/sbin/ipchains -F) Shellcode (70 bytes)
Author: zillion Email: email protected Homepage: http://www.safemode.org Linux x86 shell code that does an execve of /sbin/ipchains -F File name: flush-ipchains-shellcode.c / This shellcode will do /sbin/ipchains -F Written by email protected / char shellcode=...
Linux/x86 - execve(/sbin/shutdown,/sbin/shutdown 0) Shellcode (36 bytes)
include const char shellcode= "\x6a\x0b" // push $0xb "\x58" // pop %eax "\x99" // cltd "\x52" // push %edx "\x68\x64\x6f\x77\x6e" // push $0x6e776f64 "\x68\x73\x68\x75\x74" // push $0x74756873 "\x68\x69\x6e\x2f\x2f" // push $0x2f2f6e69 "\x68\x2f\x2f\x73\x62" // push $0x62732f2f "\x89\xe3" // mov...
Linux/x86 - execve(/sbin/reboot,/sbin/reboot) Shellcode (28 bytes)
include const char shellcode= "\x6a\x0b" // push $0xb "\x58" // pop %eax "\x99" // cltd "\x52" // push %edx "\x68\x62\x6f\x6f\x74" // push $0x746f6f62 "\x68\x6e\x2f\x72\x65" // push $0x65722f6e "\x68\x2f\x73\x62\x69" // push $0x6962732f "\x89\xe3" // mov %esp,%ebx "\x52" // push %edx "\x53" // pu...
Linux/x86-64 - shutdown -h now Shellcode (65 bytes)
/ ; Title: shutdown -h now x8664 Shellcode - 65 bytes ; Platform: linux/x8664 ; Date: 2014-06-27 ; Author: Osanda Malith Jayathissa @OsandaMalith section .text global start start: xor rax, rax xor rdx, rdx push rax push byte 0x77 push word 0x6f6e ; now mov rbx, rsp push rax push word 0x682d ;-h m...
SUSE SLED12 / SLES12 Security Update : dracut (SUSE-SU-2017:0951-1)
This update for dracut fixes the following issues: Security issues fixed : - CVE-2016-8637: When the early microcode loading was enabled during initrd creation, the initrd would be read-only available for all users, allowing local users to retrieve secrets stored in the initial ramdisk. bsc100834...
openSUSE Security Update : dhcp (openSUSE-2016-279)
This update for dhcp fixes the following issues : - CVE-2015-8605: A remote attacker could have used badly formed packets with an invalid IPv4 UDP length field to cause a DHCP server, client, or relay program to terminate abnormally boo961305 The following bugs were fixed : - boo936923: Improper...
Brocade Fabric OS 6.3.1b Weak System Configuration
Title: Brocade Fabric OS v6.3.1b - Multiple vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: www.brocade.com Versions Reported: Kernel 2.6.14.2 + FabOS v6.3.1b + BootProm 1.0.9 version Kernel: 2.6.14.2 Fabric OS: v6.3.1b BootProm: 1.0.9 1 Default diagnostic accounts root and factory...
linux/x86 setreuid0, 0 + execve"/sbin/halt" + exit0 49 bytes
linux/x86 setreuid0, 0 + execve"/sbin/halt" + exit0 49 bytes. Shellcode exploit for linx86-64 platform / +======================================================================================== | Exploit Title : linux/x86 setreuid0, 0 + execve"/sbin/halt" + exit0 - 49 bytes | Exploit Author :...