218 matches found
CVE-2005-0708
The sendfile system call in FreeBSD 4.8 through 4.11 and 5 through 5.4 can transfer portions of kernel memory if a file is truncated while it is being sent, which could allow remote attackers to obtain sensitive information...
CVE-2005-0708
The sendfile system call in FreeBSD 4.8 through 4.11 and 5 through 5.4 can transfer portions of kernel memory if a file is truncated while it is being sent, which could allow remote attackers to obtain sensitive information...
sendfile() system call may leak sections of kernel memory
Overview The sendfile system call does not handle specially crafted files properly. Exploitation of this vulnerability may leak sensitive information to a local attacker. Description The sendfile system call is used to send a file through a socket without copying the file data into memory. A...
FreeBSD : SA-05:02.sendfile
The remote host is running a version of FreeBSD which contains a flaw in the sendfile API. There is an error in the sendfile API which may allow a local user to disclose parts of the contents of the kernel memory. C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...
FreeBSD Security Advisory FreeBSD-SA-05:02.sendfile
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:02.sendfile Security Advisory The FreeBSD Project Topic: sendfile kernel memory disclosure Category: core Module: syskern Announced: 2005-04-04 Credits: Sven...
CVE-2005-0708
CVE-2005-0708 affects FreeBSD 4.8–4.11 and 5–5.4. The flaw lies in the sendfile(2) system call: if the file being transmitted is truncated after transmission has started, sendfile may expose portions of kernel memory to remote observers, enabling disclosure of sensitive information. According to ...
CVE-2005-0708
The sendfile system call in FreeBSD 4.8 through 4.11 and 5 through 5.4 can transfer portions of kernel memory if a file is truncated while it is being sent, which could allow remote attackers to obtain sensitive information...
FreeBSD-SA-05:02.sendfile
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:02.sendfile Security Advisory The FreeBSD Project Topic: sendfile kernel memory disclosure Category: core Module: syskern Announced: 2005-04-04 Credits: Sven...
Debian DSA-052-1 : sendfile - broken dropping of privileges
Daniel Kobras has discovered and fixed a problem in sendfiled which caused the daemon not to drop privileges as expected when sending notification mails. Exploiting this, a local user can easily make it execute arbitrary code under root privileges. %NASLMINLEVEL 70300 C Tenable Network Security,...
Debian DSA-050-1 : sendfile - broken privileges dropping, broken tempfile
Colin Phipps and Daniel Kobras discovered and fixed several serious bugs in the saft daemon sendfiled' which caused it to drop privileges incorrectly. Exploiting this a local user can easily make it execute arbitrary code under root privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Sendfile 1.x2.1 - Local Privileged Arbitrary Command Execution
Sendfile 1.x2.1 - Local Privileged Arbitrary Command Execution source: https://www.securityfocus.com/bid/2645/info Sendfile is an implementation of the SAFT simple asynchronous file transfer protocol for UNIX systems. Due to a problem dropping privileges completely before running user-specified...
Sendfile 1.x2.1 - Forced Privilege Lowering Failure
Sendfile 1.x2.1 - Forced Privilege Lowering Failure source: https://www.securityfocus.com/bid/2652/info Sendfile is an implementation of the SAFT simple asynchronous file transfer protocol for UNIX systems. A serialization error exists in the Sendfile daemon, sendfiled. When used in conjunction...
Sendfile 1.x/2.1 - Forced Privilege Lowering Failure
source: https://www.securityfocus.com/bid/2652/info Sendfile is an implementation of the SAFT simple asynchronous file transfer protocol for UNIX systems. A serialization error exists in the Sendfile daemon, sendfiled. When used in conjunction with other problems found in the daemon, it may be...
Sendfile 1.x/2.1 - Local Privileged Arbitrary Command Execution
source: https://www.securityfocus.com/bid/2645/info Sendfile is an implementation of the SAFT simple asynchronous file transfer protocol for UNIX systems. Due to a problem dropping privileges completely before running user-specified post-processing commands in the Sendfile daemon, it may be...
[SECURITY] [DSA 052-1] New sendfile packages fix root exploit
---------------------------------------------------------------------------- Debian Security Advisory DSA 052-1 [email protected] http://www.debian.org/security/ Martin Schulze April 23, 2001 - ---------------------------------------------------------------------------- Package : sendfile...
[SECURITY] [DSA 050-1] New version sendfile fix local root exploit
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------------- Debian Security Advisory DSA 050-1 [email protected] http://www.debian.org/security/ Martin Schulze April 20, 2001 -...
Дырка в sendfile (privelege drop)
Не сбрасываются повышенные привилегии...
[SECURITY] [DSA 050-1] New version sendfile fix local root exploit
---------------------------------------------------------------------------- Debian Security Advisory DSA 050-1 [email protected] http://www.debian.org/security/ Martin Schulze April 20, 2001 - ---------------------------------------------------------------------------- Package : sendfile...