Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ksmbd module’s handling of the QUERYINFOSecurity composite request. This vulnerability may le...

ALPINE-CVE-2026-40706

In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfsbuildpermissionsposix in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered on the READ path stat, readdir, open when...

USN-8192-1 ntfs-3g vulnerabilities

Jeffrey Bencteux discovered that NTFS-3G incorrectly handled certain UTF-8 sequences. An attacker could use this issue to cause NTFS-3G to crash, resulting in a denial of service, or to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2023-52890 Andrea...

EUVD-2005-3176

Malware in sbrugna...

CVE-2005-3177

CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions,...

SUSE CVE-2004-1154

Integer overflow in the Samba daemon smbd in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service application crash and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer...

Microsoft ACL Shortcomings

Hi @ll, the following is a substantially shortened version of and Windows NT supports access control for almost all its objects, "How Security Descriptors and Access Control Lists Work" and "How Permissions Work" provide a comprehensive and exhaustive explanation. "Access Control Lists" provides ...

FF Sandbox Escape (CVE-2020-12388)

By James Forshaw, Project Zero In my previous blog post I discussed an issue with the Windows Kernel’s handling of Restricted Tokens which allowed me to escape the Chrome GPU sandbox. Originally I’d planned to use Firefox for the proof-of-concept as Firefox uses the same effective sandbox level a...

South River Technologies WebDrive Local Privilege Escalation Vulnerability

South River Technologies WebDrive is prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

South River Technologies WebDrive Local Privilege Escalation Vulnerability

This host is installed with South River Technologies WebDrive and is prone to Local Privilege Escalation Vulnerability. OpenVAS Vulnerability Test $Id: gbsouthriverwebdrivelocprivescvuln.nasl 5373 2017-02-20 16:27:48Z teissa $ South River Technologies WebDrive Local Privilege Escalation...

FreeBSD Ports: samba, ja-samba

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2005-3177

CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions,...

CVE-2005-3177

CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions,...

CVE-2005-3177

Affected software : Microsoft Windows 2000 (before Update Rollup 1 for SP4), Windows XP, and Windows Server 2003. Vulnerable component : CHKDSK running in fix mode. Root cause : CHKDSK does not properly handle security descriptors when the master file table contains a large number of files or whe...

CVE-2004-1154

Integer overflow in the Samba daemon smbd in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service application crash and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer...

DEBIAN-CVE-2004-1154

Integer overflow in the Samba daemon smbd in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service application crash and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer...

CVE-2004-1154

Integer overflow in the Samba daemon smbd in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service application crash and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer...

Samba vulnerable to integer overflow processing file security descriptors

Overview Samba contains an integer overflow vulnerability in code that processes file security descriptors. This could allow an authenticated, remote attacker to execute arbitrary code or cause a denial of service on a vulnerable system. Description Samba is an open-source implementation of...

security flaw

Integer overflow in the Samba daemon smbd in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service application crash and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer...