Linux Kernel 2.0.x2.2.x2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure

Linux Kernel 2.0.x2.2.x2.4.x FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure source: https://www.securityfocus.com/bid/6535/info Network device drivers for several vendors have been reported to disclose potentially sensitive information to attackers. Frames that are small...

CVE-2007-1258

Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service software reload via a certain MPLS...

Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability

Cisco Catalyst 6500 series systems that are running certain versions of Cisco Internetwork Operating System IOS are vulnerable to an attack from a Multi Protocol Label Switching MPLS packet. Only the systems that are running in Hybrid Mode Catalyst OS CatOS software on the Supervisor Engine and I...

MOAB-28-01-2007.rb.txt

!/usr/bin/ruby Copyright c 2007 Kevin Finisterre Lance M. Havok All pwnage reserved. 1 Stop crashdump from writing to /Library/Logs via chmod 000 /Library/Logs/CrashReporter 2 Make symlink to /Library/Logs/CrashReporter/knownprog.crash.log 3 Create a program with a modified LINKEDIT segment that...

Opera 9.10 - .jpg Image DHT Marker Heap Corruption

Opera 9.10 - .jpg Image DHT Marker Heap Corruption Opera JPEG processing - Heap corruption vulnerabilities ======================================================= Date..: 8th September 2006 31th October 2006 update 3rd November 2006 update 5th January 2007 public release...

Cisco IOS VTP Malformed Version Denial of Service Vulnerability

Cisco IOS contains a vulnerability in the VLAN Trunking Protocol VTP that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability exists because the VTP feature in several versions of Cisco IOS software does not properly handle malformed packe...

phpLocal.txt

Affected versions: php 5.1.4 and older, 4.4.3 and possibly older Cause: when php-s sscanf functions format argument contains argument swap and extra arguments are given like. sscanf'foo ','$1s',$bar then it reads an pointer to pointer to zval structure past the end of argument array by one. Php...

php local buffer underflow could lead to arbitary code execution

Affected versions: php 5.1.4 and older, 4.4.3 and possibly older Cause: when php-s sscanf functions format argument contains argument swap and extra arguments are given like. sscanf'foo ','$1s',$bar then it reads an pointer to pointer to zval structure past the end of argument array by one. Php...

security flaw

Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS...

DSA-922-1 kernel-source-2.6.8 - several

Bulletin has no description...

Linux Kernel 2.4/2.6 bluez Local Root Privilege Escalation Exploit (update)

Exploit for linux platform in category local exploits =========================================================================== Linux Kernel 2.4/2.6 bluez Local Root Privilege Escalation Exploit update =========================================================================== / Due to many...

USN-187-1: Linux kernel vulnerabilities

A Denial of Service vulnerability was detected in the stack segment fault handler. A local attacker could exploit this by causing stack fault exceptions under special circumstances scheduling, which lead to a kernel crash. CAN-2005-1767 Vasiliy Averin discovered a Denial of Service vulnerability ...

BID 14355, VERITAS NetBackup 5.1 Time Stamp Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: BID 14355, http://www.securityfocus.com/bid/14355, Risk: Very Low to minimal Affected product: Veritas NetBackup minimal impact only This issue does NOT affect Veritas Backup Exec Symantec engineers have thoroughly reviewed the issue as...

CVE-2001-1578

Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors...

CVE-2005-1767

CVE-2005-1767 affects Linux kernels 2.4.x and 2.6.x; the vulnerability exists in traps.c stack fault handler, allowing a local user to cause a kernel crash (Denial of Service) via stack exceptions. Public advisories (Debian, Red Hat/CentOS, Ubuntu) indicate updated kernel packages mitigate the is...

IBM Access information leak

Critical data is stored in shared memory segment, open for reading and writing...

TCP implementations do not adequately validate segments before updating timers (TCP PAWS vulnerability)

...

QuickTime malformed JPEG buffer overflow

When fuzzing some application with malformed input files, if we want to discover some vulnerability we have to create input file which is very close to valid file but yet malformed in some way. In that way chances for discovery are greater. Now let's play with JPEG format. We concentrate on Huffm...

CVE-2004-0002

The TCP MSS maximum segment size functionality in netinet allows remote attackers to cause a denial of service resource exhaustion via 1 a low MTU, which causes a large number of small packets to be produced, or 2 via a large number of packets with a small TCP payload, which cause a large number ...

FreeBSD-SA-04:02.shmat

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:02.shmat Security Advisory The FreeBSD Project Topic: shmat reference counting bug Category: core Module: kernel Announced: 2004-02-05 Credits: Joost Pol...