CVE-2016-5050

Unrestricted file upload vulnerability in chat/sendfile.aspx in ReadyDesk 9.1 allows remote attackers to execute arbitrary code by uploading and requesting a .aspx file...

Linux 3.17 noexec Bypass with Python ctypes and memfd_create Vulnerability

Exploit for linux platform in category local exploits Exploit Title: Linux = 3.17 noexec bypass with python ctypes and memfdcreate Date: 2015.10.14 Exploit Author: soyer Version: linux = 3.17 Tested on: Ubuntu 15.04 x8664 usage: $ ls -la execfile -rwxr-xr-x 1 soyer soyer 8600 Oct 14 15:04 execfil...

Yahoo! Messenger 5.6 File Transfer Buffer Overrun Vulnerability

No description provided by source. source: Yahoo! Messenger File Transfer Buffer Overrun Vulnerability Yahoo! Messenger is prone to a remotely exploitable buffer overrun vulnerability. An attacker may trigger this condition by initiating a malformed 'sendfile' request, which the victim user must...

FreeBSD <= 5.4-RELEASE ftpd 6.00LS - sendfile kernel mem-leak Exploit

No description provided by source. /FreeBSD = 5.4-RELEASE ftpd Version 6.00LS sendfile kernel mem-leak by Kingcope February 2011 -- kernel memory file may contain secret hashes and more.. tested on FreeBSD 5.3-RELEASE reference: FreeBSD-SA-05:02.sendfile / include stdio.h include stdlib.h include...

Sendfile 1.x/2.1 Forced Privilege Lowering Failure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2652/info Sendfile is an implementation of the SAFT simple asynchronous file transfer protocol for UNIX systems. A serialization error exists in the Sendfile daemon, sendfiled. When used in conjunction with other problems...

Sendfile 1.x/2.1 - Local Privileged Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2645/info Sendfile is an implementation of the SAFT simple asynchronous file transfer protocol for UNIX systems. Due to a problem dropping privileges completely before running user-specified post-processing commands in th...

FreeBSD mbufs() sendfile Cache Poisoning Privilege Escalation

No description provided by source. / freebsd x86/x64 sendfile cache local root xpl v2 by Kingcope 2010 -- should h4x any freebsd 8. and 7. prior to 12Jul2010 tampers /bin/sh to contain a shellcode which does ' chmod a+s /tmp/sh chown root /tmp/sh execve /tmp/sh2 ' how to use: terminal 1: $ cp...

FreeBSD (4.x , < 5.4) master.passwd Disclosure Exploit

No description provided by source. / FreeBSD master.passwd disclosure exploit by kcope in 2005, kingcopeatgmx.net thanks to revoguard just compile and execute .. look into the kmem file it contains the master.passwd tested on unpatched FreeBSD 4.11-RELEASE advisory:...

Linux Kernel 2.4/2.6 - sock_sendpage() ring0 Root Exploit (Simple Version)

No description provided by source. / 0x82-CVE-2009-2692 Linux kernel 2.4/2.6 32bit socksendpage local ring0 root exploit simple ver Tested RedHat Linux 9.0, Fedora core 411, Whitebox 4, CentOS 4.x. -- Discovered by Tavis Ormandy and Julien Tinnes of the Google Security Team. spender and venglin's...

CVE-2013-5666

The sendfile system-call implementation in sys/kern/uipcsyscalls.c in the kernel in FreeBSD 9.2-RC1 and 9.2-RC2 does not properly pad transmissions, which allows local users to obtain sensitive information kernel memory via a length greater than the length of the file...

Design/Logic Flaw

The sendfile system-call implementation in sys/kern/uipcsyscalls.c in the kernel in FreeBSD 9.2-RC1 and 9.2-RC2 does not properly pad transmissions, which allows local users to obtain sensitive information kernel memory via a length greater than the length of the file...

CVE-2013-5666

The CVE-2013-5666 entry is about a kernel memory disclosure in FreeBSD 9.2-RC1/RC2 caused by the sendfile(2) padding behavior when the length is greater than the file length. Affected component: FreeBSD kernel sendfile. Impact: an unprivileged user could obtain arbitrary kernel memory contents. M...

FreeBSD Security Advisory FreeBSD-SA-13:11.sendfile

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:11.sendfile Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in sendfile2 Category: core Module: sendfile Announced: 2013-09-10 Credits: E...

FreeBSD multiple security vulnerabilities

ifioctls privilege escalation, nullfs privilege escalation, sendfile information leakage...

FreeBSD-SA-13:11.sendfile

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:11.sendfile Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in sendfile2 Category: core Module: sendfile Announced: 2013-09-10 Credits: E...

Tomcat - Denial Of Service when using NIO+SSL+sendfile

org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service infinite loop by terminating the connection during the reading of a...

Tomcat - Denial Of Service when using NIO+SSL+sendfile

org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service infinite loop by terminating the connection during the reading of a...

Tomcat - Denial Of Service when using NIO+SSL+sendfile

org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service infinite loop by terminating the connection during the reading of a...

Ubuntu Update for tomcat7 USN-1685-1

Check for the Version of tomcat7 OpenVAS Vulnerability Test $Id: gbubuntuUSN16851.nasl 8526 2018-01-25 06:57:37Z teissa $ Ubuntu Update for tomcat7 USN-1685-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free softwar...

CVE-2012-4534

org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service infinite loop by terminating the connection during the reading of a...