Lucene search
K

824 matches found

OSV
OSV
added 2012/07/19 7:55 p.m.4 views

DEBIAN-CVE-2012-4025

Integer overflow in the queueinit function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted blocklog field in the superblock of a .sqsh file, leading to a heap-based buffer overflow...

6.8CVSS7.9AI score0.03898EPSS
Exploits0References1
OSV
OSV
added 2012/07/19 7:55 p.m.3 views

CVE-2012-4024

Stack-based buffer overflow in the getcomponent function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted list file aka a crafted file for the -ef option. NOTE: probably in most cases, the list file is a trusted file...

7.8AI score
Exploits0References8
UbuntuCve
UbuntuCve
added 2012/07/19 7:55 p.m.17 views

CVE-2012-4024

Stack-based buffer overflow in the getcomponent function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted list file aka a crafted file for the -ef option. NOTE: probably in most cases, the list file is a trusted file...

6.8CVSS7.5AI score0.04047EPSS
Exploits0References3
Prion
Prion
added 2012/07/19 7:55 p.m.13 views

Stack overflow

Stack-based buffer overflow in the getcomponent function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted list file aka a crafted file for the -ef option. NOTE: probably in most cases, the list file is a trusted file...

6.8CVSS8.5AI score0.04047EPSS
Exploits0References8Affected Software1
UbuntuCve
UbuntuCve
added 2012/07/19 7:55 p.m.28 views

CVE-2012-4025

Integer overflow in the queueinit function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted blocklog field in the superblock of a .sqsh file, leading to a heap-based buffer overflow...

6.8CVSS7.5AI score0.03898EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2012/07/19 7:0 p.m.36 views

CVE-2012-4024

Stack-based buffer overflow in the getcomponent function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted list file aka a crafted file for the -ef option. NOTE: probably in most cases, the list file is a trusted file...

6.8CVSS6.1AI score0.04047EPSS
Exploits0
CVE
CVE
added 2012/07/19 7:0 p.m.58 views

CVE-2012-4024

CVE-2012-4024 concerns a stack-based buffer overflow in the get_component function of unsquashfs.c in Squashfs tooling (unsquashfs) up to version 4.2. Exploitation via a crafted list file for the -ef option could allow remote arbitrary code execution. Connected advisories confirm the flaw affects...

6.8CVSS7.9AI score0.04047EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2012/07/19 7:0 p.m.21 views

CVE-2012-4025

Integer overflow in the queueinit function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted blocklog field in the superblock of a .sqsh file, leading to a heap-based buffer overflow...

7.6AI score0.03898EPSS
Exploits0References7
Cvelist
Cvelist
added 2012/07/19 7:0 p.m.25 views

CVE-2012-4024

Stack-based buffer overflow in the getcomponent function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted list file aka a crafted file for the -ef option. NOTE: probably in most cases, the list file is a trusted file...

7.7AI score0.04047EPSS
Exploits0References8
CVE
CVE
added 2012/07/19 7:0 p.m.61 views

CVE-2012-4025

CVE-2012-4025 affects Squashfs-tools (squashfs) up to version 4.2. The issue is an integer overflow in queue_init() inside unsquashfs.c, which can allow a remote attacker to cause a heap-based buffer overflow by supplying a crafted block_log in the superblock of a .sqsh file, enabling arbitrary c...

6.8CVSS7.8AI score0.03898EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2012/07/19 7:0 p.m.33 views

CVE-2012-4025

Integer overflow in the queueinit function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted blocklog field in the superblock of a .sqsh file, leading to a heap-based buffer overflow...

6.8CVSS7.7AI score0.03898EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/03/31 12:0 a.m.33 views

SuSE 11.1 Security Update : FUSE (SAT Patch Number 4095)

The following security issues were fixed : - FUSE allowed local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem. CVE-2010-3879 - Avoid mounting a directory including...

5.8CVSS5.6AI score0.09848EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.44 views

Ubuntu 5.10 / 6.06 LTS / 6.10 : linux-source-2.6.12/-2.6.15/-2.6.17 vulnerabilities (USN-395-1)

Mark Dowd discovered that the netfilter iptables module did not correcly handle fragmented packets. By sending specially crafted packets, a remote attacker could exploit this to bypass firewall rules. This has only be fixed for Ubuntu 6.10; the corresponding fix for Ubuntu 5.10 and 6.06 will foll...

7.5CVSS6.2AI score0.04722EPSS
Exploits2References13
Tenable Nessus
Tenable Nessus
added 2007/02/22 12:0 a.m.44 views

Mandrake Linux Security Advisory : kernel (MDKSA-2007:047)

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel : A double free vulnerability in the squashfs module could allow a local user to cause a Denial of Service by mounting a crafted squashfs filesystem CVE-2006-5701. The zlibinflate function allows local users to cause a cra...

4.9CVSS5.5AI score0.00852EPSS
Exploits1References3
seebug.org
seebug.org
added 2006/12/20 12:0 a.m.26 views

Linux Kernel SquashFS双重释放拒绝服务漏洞

Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux kernel的squashfs模块没有正确地处理被破坏的fs结构,如果用户受骗加载了特制的squashfs镜像并对文件系统执行了读操作的话,就会导致内核双重释放缓冲区,造成拒绝服务。 Linux kernel 2.6.x 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.kernel.org/ http://projects.info-pull.com/mokb/bug-files/MOKB-02-11-2006.img.gz...

6.9AI score
Exploits0
Ubuntu
Ubuntu
added 2006/12/14 12:46 a.m.76 views

USN-395-1: Linux kernel vulnerabilities

Mark Dowd discovered that the netfilter iptables module did not correcly handle fragmented packets. By sending specially crafted packets, a remote attacker could exploit this to bypass firewall rules. This has only be fixed for Ubuntu 6.10; the corresponding fix for Ubuntu 5.10 and 6.06 will foll...

7.5CVSS6AI score0.04722EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2006/11/03 11:7 p.m.28 views

CVE-2006-5701

Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem...

4.9CVSS5.9AI score0.00852EPSS
Exploits1References2
NVD
NVD
added 2006/11/03 11:7 p.m.24 views

CVE-2006-5701

Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem...

4.9CVSS7.1AI score0.00852EPSS
Exploits1References9
CVE
CVE
added 2006/11/03 11:0 p.m.71 views

CVE-2006-5701

CVE-2006-5701 is a real issue in the Linux kernel 2.6.x squashfs module where mounting a crafted squashfs filesystem can cause a local denial of service due to a double-free condition. Affected by this vulnerability are systems using the squashfs implementation in 2.6.x kernels (as referenced by ...

4.9CVSS7.1AI score0.00852EPSS
Exploits1References9Affected Software2
Cvelist
Cvelist
added 2006/11/03 11:0 p.m.34 views

CVE-2006-5701

Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem...

7.1AI score0.00852EPSS
Exploits1References9
Rows per page
Query Builder