71 matches found
CVE-2022-28893
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state...
[SECURITY] Fedora 35 Update: pgbouncer-1.16.1-1.fc35
pgbouncer is a lightweight connection pooler for PostgreSQL and uses libevent for low-level socket handling...
OESA-2021-1437 trafficserver security update
Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache. Security Fixes: Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server...
The vulnerability in the socket implementation with address mapping AF_VSOCK in Linux kernel allows attackers to escalate their privileges.
The vulnerability in the socket implementation with AFVSOCK addressing net/vmwvsock/afvsock.c in the Linux kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to gain increased privileges...
FreeBSD ip6_setpktopt Use-After-Free Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FreeBSD ip6setpktopt Use-After-Free Privilege Escalation', 'Description' = %q This module exploits a race and use-after-free vulnerability in the...
SUSE-SU-2020:0231-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update java-180-openjdk to version jdk8u242 icedtea 3.15.0 January 2020 CPU, bsc1160968: - CVE-2020-2583: Unlink Set of LinkedHashSets - CVE-2020-2590: Improve Kerberos interop capabilities - CVE-2020-2593: Normalize normalization for a...
[SECURITY] Fedora 30 Update: python-slixmpp-1.4.2-1.fc30
Slixmpp is an MIT licensed XMPP library for Python 3.5+. It is a fork of SleekXMPP. Goals is to only rewrite the core of the library the low level socket handling, the timers, the events dispatching in order to remove all threads...
CVE-2018-12232
In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sockclose and sockfssetattr functions. fchownat does not increment the file descriptor reference count, which allows...
CVE-2018-12232
In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sockclose and sockfssetattr functions. fchownat does not increment the file descriptor reference count, which allows...
Linux Kernel AF_LLC Double Free
define GNUSOURCE include include include include include include include include include include include include include include include include include include include struct sockaddrllc short sllcfamily; short sllcarphrd; unsigned char sllctest; unsigned char sllcxid; unsigned char sllcua;...
Linux Kernel < 4.17-rc1 - 'AF_LLC' Double Free
define GNUSOURCE include include include include include include include include include include include include include include include include include include include struct sockaddrllc short sllcfamily; short sllcarphrd; unsigned char sllctest; unsigned char sllcxid; unsigned char sllcua;...
QEMU: Slirp: use-after-free when sending response
A use-after-free issue was found in the Slirp networking implementation of the Quick emulator QEMU. It occurs when a Socket referenced from multiple packets is freed while responding to a message. A user/process could use this flaw to crash the QEMU process on the host resulting in denial of...
USN-3586-1 isc-dhcp vulnerabilities
Konstantin Orekhov discovered that the DHCP server incorrectly handled a large number of concurrent TCP sessions. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-2774 It was discovered that the...
DarkComet (C2 Server) - File Upload Exploit
Exploit for multiple platform in category web applications !/usr/bin/env python3 EDB Note: Source https://gist.github.com/PseudoLaboratories/260b6f24844785aacc1e2fb61dd05c01/259944bd94a0d289ef80b9138c1e3f97a97aa9cd from time import sleep from socket import socket, AFINET, SOCKSTREAM, error from r...
DarkComet (C2 Server) - File Upload
DarkComet C2 Server - File Upload !/usr/bin/env python3 EDB Note: Source https://gist.github.com/PseudoLaboratories/260b6f24844785aacc1e2fb61dd05c01/259944bd94a0d289ef80b9138c1e3f97a97aa9cd from time import sleep from socket import socket, AFINET, SOCKSTREAM, error from re import search from...
CVE-2017-13711
Use-after-free vulnerability in the sofree function in slirp/socket.c in QEMU aka Quick Emulator allows attackers to cause a denial of service QEMU instance crash by leveraging failure to properly clear ifqso from pending packets...
The vulnerability of the Android operating system, which allows a hacker to increase their privileges
The vulnerability of the drivers/char/diag/diagcharcore.c file in Qualcomm’s Android operating system is related to incorrect socket processes. Exploiting this vulnerability can allow a remote attacker to increase their privileges through a specially created application...
Linux Kernel 3.15.6 - PPP-over-L2TP Socket Level Handling Crash (PoC)
/ ---------------------------------------------------------------------------------------------------- cve-2014-4943poc.c The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp...
kernel: net: pppol2tp: level handling in pppol2tp_[s,g]etsockopt()
A flaw was found in the way the pppol2tpsetsockopt and pppol2tpgetsockopt functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOLPPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system...
Kernel: net: oops from tcp_collapse() when using splice(2)
The tcpreadsock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service system crash via a crafted splice system call for a TCP socket...