Lucene search
K

36 matches found

Prion
Prion
added 2018/12/04 4:29 p.m.21 views

Design/Logic Flaw

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

5CVSS7.2AI score0.05532EPSS
Exploits1References11Affected Software2
UbuntuCve
UbuntuCve
added 2018/12/04 4:29 p.m.37 views

CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

7.5CVSS7AI score0.05532EPSS
Exploits1References2
OSV
OSV
added 2018/12/04 4:29 p.m.31 views

CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

7.5CVSS6.5AI score
Exploits0References11
OSV
OSV
added 2018/12/04 4:29 p.m.6 views

DEBIAN-CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

7.5CVSS7.4AI score0.05532EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/12/04 4:0 p.m.28 views

CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

6.3AI score0.05532EPSS
Exploits1References11
Debian CVE
Debian CVE
added 2018/12/04 4:0 p.m.27 views

CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

7.5CVSS7.2AI score0.05532EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2018/11/27 8:19 p.m.30 views

CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

7.5CVSS1.8AI score0.05532EPSS
Exploits1References2
OSV
OSV
added 2018/06/12 12:29 p.m.4 views

DEBIAN-CVE-2018-12232

In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sockclose and sockfssetattr functions. fchownat does not increment the file descriptor reference count, which allows...

5.9CVSS7.3AI score0.06609EPSS
Exploits0References1
0day.today
0day.today
added 2018/05/31 12:0 a.m.26 views

Linux/x86 - Bind (4444/TCP) Shell Shellcode (105 bytes)

/ ; Filename: tcpbindshellcodelight.nasm ; Author: Paolo Perego ; Website: https://codiceinsicuro.it ; Twitter: @thesp0nge ; SLAE-ID: 1217 ; Purpose: binds on TCP port 4444 and spawn a shell on incoming connections. global start section .text start: ; Creating the socket. ; ; int socketint domain...

7.4AI score
Exploits0
OSV
OSV
added 2017/12/31 12:0 a.m.4 views

UBUNTU-CVE-2017-3144

A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond...

7.5CVSS6.3AI score0.72724EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2016/06/28 12:0 a.m.26 views

Linux x86_64 /etc/passwd File Sender Shellcode

Linux x8664 /etc/passwd File Sender Shellcode. Shellcode exploit for linx86-64 platform / Title : Linux x8664 /etc/passwd file sender shellcode Date : 28-06-2016 Author : Roziul Hasan Khan Shifat Tested On : Ubuntu 14.04 LTS x8664 / / Disassembly of section .text: 0000000000400080 : 400080: 48 31...

7.4AI score
Exploits0
OSV
OSV
added 2016/04/06 6:38 a.m.3 views

USN-2946-1 linux vulnerabilities

Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2015-8812 Xiaofei Rex Guo discovered a timing side channel vulnerability in the Linux...

10CVSS7.2AI score0.14546EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2014/09/03 12:0 a.m.19 views

Linux/x86-64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (hell) Shellcode (147 bytes)

Linux/x86-64 - Bind TCP 4444/TCP Shell /bin/sh + Password hell Shellcode 147 bytes. Shellcode exploit for Linuxx86-64 platform ; =================================================================== ; Password Protected Bind Shell ; Author: SLAE64-1351 Keyman ; Date: 03/09/2014 ; ; Shellcode length...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

Solaris <= 2.5.1 rsh socket descriptor Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/453/info A vulnerability in rsh exists that can allow a regular user to modify a root owned socket descriptor. The consequences of this are a possible denial of service due to interfaces being manipulated by malicious...

7.1AI score
Exploits0
exploitpack
exploitpack
added 1997/06/19 12:0 a.m.11 views

Solaris 2.5.1 - rsh socket Descriptor

Solaris 2.5.1 - rsh socket Descriptor // source: https://www.securityfocus.com/bid/453/info A vulnerability in rsh exists that can allow a regular user to modify a root owned socket descriptor. The consequences of this are a possible denial of service due to interfaces being manipulated by...

Exploits0
Exploit DB
Exploit DB
added 1997/06/19 12:0 a.m.24 views

Solaris 2.5.1 - rsh socket Descriptor

// source: https://www.securityfocus.com/bid/453/info A vulnerability in rsh exists that can allow a regular user to modify a root owned socket descriptor. The consequences of this are a possible denial of service due to interfaces being manipulated by malicious users. cc solarisuck.c -o solarisu...

7.4AI score
Exploits0
Rows per page
Query Builder