210 matches found
CVE-2015-3282
vos in OpenAFS before 1.6.13, when updating VLDB entries, allows remote attackers to obtain stack data by sniffing the network...
CVE-2015-3282
vos in OpenAFS before 1.6.13, when updating VLDB entries, allows remote attackers to obtain stack data by sniffing the network...
Binary loopholes-the evil of the printf-bug warning-the black bar safety net
This article is binary vulnerabilities related series of articles. printf some of the lesser-known characteristics, for coding convenience, but also introduces security problems. This paper focus on the description of printf in the exploits of some of the usage, in the normal programming is not...
Linux Kernel (Ubuntu 11.10/12.04) - binfmt_script Stack Data Disclosure
Source: http://www.halfdog.net/Security/2012/LinuxKernelBinfmtScriptStackDataDisclosure/ Introduction Problem description: Linux kernel binfmtscript handling in combination with CONFIGMODULES can lead to disclosure of kernel stack data during execve via copy of data from dangling pointer to stack...
Linux Kernel (Ubuntu 11.1012.04) - binfmt_script Stack Data Disclosure
Linux Kernel Ubuntu 11.1012.04 - binfmtscript Stack Data Disclosure Source: http://www.halfdog.net/Security/2012/LinuxKernelBinfmtScriptStackDataDisclosure/ Introduction Problem description: Linux kernel binfmtscript handling in combination with CONFIGMODULES can lead to disclosure of kernel stac...
DEBIAN-CVE-2013-3231
The llcuirecvmsg function in net/llc/afllc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...
Timbuktu <= 8.6.6 PlughNTCommand Named Pipe Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Timbuktu %q This...
MOPB-11-2007:PHP WDDX Session Deserialization Information Leak Vulnerability
Summary The PHP WDDX extension comes with a serialization handler that adds support for the WDDX data format to PHP's session handling. When this data contains a numerical key the keylength variable is not properly initialized which will leak an arbitrary amount of stack data into the session arr...
SuSE-SA:2003:049: Linux Kernel
The remote host is missing the patch for the advisory SuSE-SA:2003:049 Linux Kernel. This security update fixes a serious vulnerability in the Linux kernel. A missing bounds check in the brk system call allowed processes to request memory beyond the maximum size allowed for tasks, causing kernel...
CVE-2002-0385
Vignette Story Server 4.1 and 6.0 allows remote attackers to obtain sensitive information via a request that contains a large number of '"' double quote and and '' characters, which causes the TCL interpreter to crash and include stack data in the output...