USN-1186-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. CVE-2010-4073 Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker cou...

Ubuntu Update for linux USN-1167-1

Ubuntu Update for Linux kernel vulnerabilities USN-1167-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11671.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux USN-1167-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

Linux Kernel <= 2.6.37 Local Kernel Denial of Service

No description provided by source. / Linux Kernel = 2.6.37 local kernel DoS CVE-2010-4165 ======================================================= A divide by 0 error occurs in tcpselectinitialwindow when processing user supplied TCPMAXSEG facilitating a local denial-of-service condition kernel...

Linux Kernel 2.6.37 - Local Kernel Denial of Service (1)

/ Linux Kernel include include include include include int main int optval, optlen, ret, sd, sd2, pid; char host = "localhost"; struct sockaddrin locAddr; struct sockaddrin servAddr; struct sockaddrin dstAddr; printf" Linux Kernel tcpselectinitialwindow divide by 0 DoS\n"; sd = socketAFINET,...

Linux Kernel 2.6.37 - Local Kernel Denial of Service (1)

Linux Kernel 2.6.37 - Local Kernel Denial of Service 1 / Linux Kernel include include include include include int main int optval, optlen, ret, sd, sd2, pid; char host = "localhost"; struct sockaddrin locAddr; struct sockaddrin servAddr; struct sockaddrin dstAddr; printf" Linux Kernel...

kernel: possible kernel oops from user MSS

The dotcpsetsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCPMAXSEG aka MSS values, which allows local users to cause a denial of service OOPS via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect u...

Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1054-1

Ubuntu Update for Linux kernel vulnerabilities USN-1054-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10541.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1054-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

Linux kernel multiple security vulnerabilities

DoS via sendmsg, mprotect, setsockopt, Hypervisor/KVM etc, information leaks, privilege escalation...

[USN-1054-1] Linux kernel vulnerabilities

=========================================================== Ubuntu Security Notice USN-1054-1 February 01, 2011 linux, linux-ec2 vulnerabilities CVE-2010-0435, CVE-2010-4165, CVE-2010-4169, CVE-2010-4249 =========================================================== A security issue affects the...

CVE-2010-4165

The dotcpsetsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCPMAXSEG aka MSS values, which allows local users to cause a denial of service OOPS via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect u...

Design/Logic Flaw

The dotcpsetsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCPMAXSEG aka MSS values, which allows local users to cause a denial of service OOPS via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect u...

CVE-2010-4165

CVE-2010-4165 affects the Linux kernel prior to 2.6.37-rc2. The do_tcp_setsockopt function does not properly constrain TCP_MAXSEG (MSS) values, allowing a local user to trigger a denial of service via a setsockopt with a small value, leading to a divide-by-zero or signed-integer misuse. Evidence ...

Linux Kernel 2.6.27+ x86-64 compat exploit

Exploit for linux platform in category local exploits ========================================== Linux Kernel 2.6.27+ x86-64 compat exploit ========================================== / Ac1dB1tch3z Vs Linux Kernel x8664 0day Today is a sad day.. R.I.P. Tue, 29 Apr 2008 / Tue, 7 Sep 2010 a bit of...

PT-2009-5259 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.31.2 Description: The issue is related to an integer signedness error in the ax25 setsockopt function, which is part of the ax25 subsystem. This error can be triggered by a local user who provides a crafted...

ShellCode writing example-break through the firewall to the ShellCode-exploit warning-the black bar safety net

Text/figure ww0830 Now on the network to get the console ShellCode either on the target machine to open a port, wait for the attacker is connected; either let the target machine actively connected to the attacker's host, commonly known as a reverse connection. But the former method will generally...

Mandriva Update for kernel MDKSA-2007:078 (kernel)

Check for the Version of kernel OpenVAS Vulnerability Test Mandriva Update for kernel MDKSA-2007:078 kernel Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Ubuntu Update for linux-source-2.6.15 vulnerability USN-489-1

Ubuntu Update for Linux kernel vulnerabilities USN-489-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4891.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for linux-source-2.6.15 vulnerability USN-489-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Linux Kernel <= 2.6.3 (setsockopt) Local Denial of Service Exploit

No description provided by source. / setsockopt proof of concept code by Julien TINNES julien a.t cr0.org vulnerability found as always by Paul Starzetz This is only a lame POC which will crash the machine, no root shell here. Maybe later, when everybody will have an updated box. It should work o...

Ubuntu 6.10 : linux-source-2.6.17 vulnerabilities (USN-486-1)

The compatsysmount function allowed local users to cause a denial of service when mounting a smbfs filesystem in compatibility mode. CVE-2006-7203 The Omnikey CardMan 4040 driver cm4040cs did not limit the size of buffers passed to read and write. A local attacker could exploit this to execute...

Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerability (USN-489-1)

A flaw was discovered in dvb ULE decapsulation. A remote attacker could send a specially crafted message and cause a denial of service. CVE-2006-4623 The compatsysmount function allowed local users to cause a denial of service when mounting a smbfs filesystem in compatibility mode. CVE-2006-7203...