15 matches found
EUVD-2013-5505
Malware in sbrugna...
EUVD-2008-0787
Malware in sbrugna...
EUVD-2005-0709
Malware in sbrugna...
EUVD-2008-3652
Malware in sbrugna...
CVE-2010-2693
FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag when creating a duplicate mbuf buffer reference, which allows local users to cause a denial of service system file corruption and gain privileges via the sendfile system call...
K5835: Security Advisory: Possible kernel memory vulnerability in the sendfile() system call - CVE-2005-0708
Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about F5 Networks' security policy regarding evaluating older and unsupported versions of F5 Networks products, refer to K4602:...
CVE-2013-5666
The CVE-2013-5666 entry is about a kernel memory disclosure in FreeBSD 9.2-RC1/RC2 caused by the sendfile(2) padding behavior when the length is greater than the file length. Affected component: FreeBSD kernel sendfile. Impact: an unprivileged user could obtain arbitrary kernel memory contents. M...
FreeBSD mbuf本地权限提升漏洞
BUGTRAQ ID: 41577 CVE ID: CVE-2010-2693 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 mbuf是FreeBSD内核进程间通讯和联网子系统中的基础内存管理单元。网络报文和套接字缓冲区依赖于mbuf进行存储。 在复制mbuf缓冲区引用时没有正确地拷贝只读标志,如果使用sendfile2系统调用在回环接口上传输数据,就可能导致修改所传送数据的后端内存页,造成数据破坏。本地攻击者可以通过精心控制系统文件的破坏情况来利用这种数据破坏提升权限。请注意攻击者可以破坏任意可读访问的文件。 FreeBSD FreeBSD 8....
Memory corruption
FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag when creating a duplicate mbuf buffer reference, which allows local users to cause a denial of service system file corruption and gain privileges via the sendfile system call...
CVE-2010-2693
CVE-2010-2693 affects FreeBSD 7.1–8.1-PRERELEASE where the read-only flag is not copied when duplicating an mbuf buffer reference. This can allow a local attacker to cause data corruption via sendfile(2) on the loopback path and potentially escalate privileges by corrupting system files. The issu...
FreeBSD Security Advisory (FreeBSD-SA-05:02.sendfile.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:02.sendfile.asc ADV FreeBSD-SA-05:02.sendfile.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008...
CVE-2008-3666
Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv96 allows 1 context-dependent attackers to cause a denial of service panic via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server wi...
CVE-2008-3666
Technical details about CVE-2008-3666 are not publicly disclosed in the provided connected documents; monitor for updates.
sendfile() system call may leak sections of kernel memory
Overview The sendfile system call does not handle specially crafted files properly. Exploitation of this vulnerability may leak sensitive information to a local attacker. Description The sendfile system call is used to send a file through a socket without copying the file data into memory. A...
CVE-2005-0708
The sendfile system call in FreeBSD 4.8 through 4.11 and 5 through 5.4 can transfer portions of kernel memory if a file is truncated while it is being sent, which could allow remote attackers to obtain sensitive information...