Fedora 31 : sudo (2020-8b563bc5f4)

update to latest development version 1.9.0b1 - added sudologsrvd and sudosendlog to files and their appropriate man pages Resolves: rhbz1787823 - Stack based buffer overflow in when pwfeedback is enabled Resolves: rhbz1796945 - fixes: CVE-2019-18634 - By using ! character in the shadow file...

CVE-2017-1085

In FreeBSD before 11.2-RELEASE, an application which calls setrlimit to increase RLIMITSTACK may turn a read-only memory region below the stack into a read-write region. A specially crafted executable could be exploited to execute arbitrary code in the user context...

Design/Logic Flaw

In FreeBSD before 11.2-RELEASE, an application which calls setrlimit to increase RLIMITSTACK may turn a read-only memory region below the stack into a read-write region. A specially crafted executable could be exploited to execute arbitrary code in the user context...

CVE-2017-1085

CVE-2017-1085 affects FreeBSD prior to 11.2-RELEASE: when an application calls setrlimit() to raise RLIMIT_STACK, a read-only memory region below the stack can be turned into read-write, enabling a specially crafted executable to execute arbitrary code in the user context. A PoC exists (Exploit-D...

CVE-2017-1085

In FreeBSD before 11.2-RELEASE, an application which calls setrlimit to increase RLIMITSTACK may turn a read-only memory region below the stack into a read-write region. A specially crafted executable could be exploited to execute arbitrary code in the user context...

CVE-2017-1085

Removed by vendor...

FreeBSD - setrlimit Stack Clash (PoC) Exploit

Exploit for freebsd/x86 platform in category dos / poc / FreeBSDCVE-2017-1085.c Copyright C 2017 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of...

FreeBSD - FGPU Stack Clash (PoC) Exploit

Exploit for freebsd/x86 platform in category dos / poc / FreeBSDCVE-2017-FGPU.c for CVE-2017-1084 please compile with -O0 Copyright C 2017 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Fre...

FreeBSD - FGPE Stack Clash (PoC)

FreeBSD - FGPE Stack Clash PoC / FreeBSDCVE-2017-FGPE.c for CVE-2017-1084 please compile with -O0 Copyright C 2017 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation,...

FreeBSD - FGPU Stack Clash (PoC)

FreeBSD - FGPU Stack Clash PoC / FreeBSDCVE-2017-FGPU.c for CVE-2017-1084 please compile with -O0 Copyright C 2017 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation,...

FreeBSD - 'setrlimit' Stack Clash (PoC)

/ FreeBSDCVE-2017-1085.c Copyright C 2017 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at your option any later version. This...

FreeBSD - setrlimit Stack Clash (PoC)

FreeBSD - setrlimit Stack Clash PoC / FreeBSDCVE-2017-1085.c Copyright C 2017 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at...

HP-UX Update for setrlimit(1M) HPSBUX00156

Check for the Version of setrlimit1M OpenVAS Vulnerability Test HP-UX Update for setrlimit1M HPSBUX00156 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

HP-UX Update for setrlimit(1M) HPSBUX00156

Check for the Version of setrlimit1M OpenVAS Vulnerability Test HP-UX Update for setrlimit1M HPSBUX00156 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

CVE-2001-1564

setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space...

CVE-2001-1564

CVE-2001-1564 affects HP-UX kernels prior to some later patch levels (versions 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11). The issue is that setrlimit does not correctly enforce core file size after the process drops setuid/setgid privileges, which could allow a local user to cause a den...

HP-UX Security patch : PHKL_24249

The remote host is missing HP-UX Security Patch number PHKL24249 . Sec. Vulnerability in setrlimit1M rev. 1 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid16996; scriptversion"1.7"...

HP-UX Security patch : PHKL_25243

The remote host is missing HP-UX Security Patch number PHKL25243 . Sec. Vulnerability in setrlimit1M rev. 1 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid16618; scriptversion"1.7"...

HP-UX PHKL_23886 : HP-UX Running setrlimit(1M), Denial of Service (DoS) (HPSBUX00156 SSRT071363 rev.3)

s700800 11.04 VVOS probe,sysproc,shmem,thread cuml patch : The setrlimit allows incorrect core files Rev.1 . %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHKL23886. The text itself is copyright C...