Lucene search
K

128 matches found

RedHat Linux
RedHat Linux
added 2017/08/01 2:13 p.m.6 views

kernel: Stack corruption while reading /proc/keys when gcc stack protector is enabled

It was found that when the gcc stack protector was enabled, reading the /proc/keys file could cause a panic in the Linux kernel due to stack corruption. This happened because an incorrect buffer size was used to hold a 64-bit timeout value rendered as weeks...

6.2CVSS6.9AI score0.00395EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2017/07/06 12:0 a.m.4 views

The vulnerability of the patch offset2lib in the Linux operating system’s kernel allows a hacker to gain access to the stack protection mechanism.

The vulnerability of patch offset2lib in Linux operating systems arises from the minimal memory range between the upper boundary of the stack and the PIE binary code segment, which is located in memory starting at 0x80000000. This occurs when the RLIMITSTACK parameter is set to RLIMINFINITY, and ...

7.8CVSS6.5AI score0.02428EPSS
Exploits6References15Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/07/06 12:0 a.m.4 views

The vulnerability in the implementation of the operating system NetBSD’s stack protection mechanism allows a hacker to execute arbitrary code.

The vulnerability of the Linux kernel’s stack protection mechanism is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, using specially crafted binary files with setuid permissions...

7.5CVSS8.2AI score0.03432EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/07/06 12:0 a.m.5 views

The vulnerability in the implementation of the operating system NetBSD’s stack protection mechanism allows a hacker to execute arbitrary code.

The vulnerability of the Linux kernel’s stack protection mechanism is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, using specially crafted binary files with setuid attributes as,usr,bin,at...

7.5CVSS8.2AI score0.03955EPSS
Exploits3References4Affected Software1
Virtuozzo
Virtuozzo
added 2017/06/26 12:0 a.m.37 views

Important kernel security update: CVE-2017-1000364; Virtuozzo 7.0 Update 4 Hotfix 3 (7.0.4-1107)

The new update for Virtuozzo 7.0.4 provides a security fix. Vulnerability id: CVE-2017-1000364, PSBM-67428 A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an...

7.4CVSS1.8AI score0.05186EPSS
Exploits3References1
Positive Technologies
Positive Technologies
added 2017/06/18 12:0 a.m.2 views

PT-2017-2391 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 4.11.5 Description: The issue is caused by a minimal memory range between the upper boundary of the stack and the PIE binary segment in memory, starting at 0x40000000. This can be exploited by a local attacker t...

8.8CVSS7.2AI score0.20797EPSS
Exploits51References77
NVD
NVD
added 2017/06/13 8:29 p.m.18 views

CVE-2016-10332

In all Android releases from CAF using the Linux kernel, stack protection was not enabled for secure applications...

5.5CVSS5.4AI score0.00485EPSS
Exploits0References3
Prion
Prion
added 2017/06/13 8:29 p.m.15 views

Stack overflow

In all Android releases from CAF using the Linux kernel, stack protection was not enabled for secure applications...

4.3CVSS7.1AI score0.00485EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/06/13 8:0 p.m.26 views

CVE-2016-10332

In all Android releases from CAF using the Linux kernel, stack protection was not enabled for secure applications...

6.1AI score0.00485EPSS
Exploits0References3
CVE
CVE
added 2017/06/13 8:0 p.m.50 views

CVE-2016-10332

CVE-2016-10332 : Affects Android builds from CAF using the Linux kernel where stack protection was not enabled for secure applications. The available description specifies the missing stack-protection bit but provides no details on affected products/versions beyond “Android releases from CAF usin...

5.5CVSS5.9AI score0.00485EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/06/07 8:29 p.m.5 views

UBUNTU-CVE-2016-4973

Binaries compiled against targets that use the libssp library in GCC for stack smashing protection SSP might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature...

7.8CVSS7.3AI score0.00428EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/03/30 12:0 a.m.19 views

Oracle Linux 6 : ocaml (ELSA-2017-0565)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-0565 advisory. 3.11.2-5 - Enable execshield stack protection on ppc/ppc64 572826 related: rhbz1343082 - Fix strict-aliasing warnings in build 990540. 3.11.2-3 - Fix buffer...

9.1CVSS8.4AI score0.05267EPSS
Exploits0References2
n0where
n0where
added 2017/03/09 6:12 a.m.27 views

Windows PE Binary Static Analysis Tool : BinSkim

Windows PE Binary Static Analysis Tool BinSkim is a binary static analysis tool that scans Windows Portable Executable PE files for security and correctness. Among the verifications performed by BinSkim are validations that the PE file has opted into all of the binary mitigations offered by the...

Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/08/12 12:0 a.m.18 views

FreeBSD : FreeBSD -- rtsold(8) remote buffer overflow vulnerability (72ee7111-6007-11e6-a6c3-14dae9d210b8)

Due to a missing length check in the code that handles DNS parameters, a malformed router advertisement message can result in a stack buffer overflow in rtsold8. Impact : Receipt of a router advertisement message with a malformed DNSSL option, for instance from a compromised host on the same...

10CVSS6AI score0.0394EPSS
Exploits0References2
0day.today
0day.today
added 2016/01/29 12:0 a.m.36 views

Linux/x86-64 - shell_reverse_tcp with Password Polymorphic Shellcode (1) (122 bytes)

/--------------------------------------------------------------------------------------------------------------------- / Title: tcp reverse shell with password polymorphic version 122 bytes Author: Sathish kumar Contact: https://www.linkedin.com/in/sathish94 Copyright: c 2016 iQube. http://iQube....

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2016/01/04 12:0 a.m.90 views

Linux/x86 execve "/bin/sh" - shellcode 24 byte

Linux/x86 execve "/bin/sh" - shellcode 24 byte. Shellcode exploit for linx86 platform / ; Title: Linux/x86 execve "/bin/sh" - shellcode 24 byte ; Platform: linux/x86 ; Date: 2015-01-03 ; Author: Dennis 'dhn' Herrmann ; Website: https://zer0-day.pw BITS 32 global start section .text ; syscalls...

7.4AI score
Exploits0
myhack58
myhack58
added 2015/12/17 12:0 a.m.18 views

A step-by-step learn the ROP of the Android ARM 3 2-vulnerability warning-the black bar safety net

ROP stands for Return-oriented programming return-oriented programming this is an advanced memory attack techniques that can be used to bypass the modernoperating systema variety of common defenses such as the memory is not performed and code signing. Before we mainly discussed on linux in this...

8.1AI score
Exploits0
GoogleProjectZero
GoogleProjectZero
added 2015/06/26 12:0 a.m.34 views

What is a "good" memory corruption vulnerability?

Posted by Chris Evans, register whisperer. Part 1 of 4. There are a lot of memory corruption vulnerabilities in software, but not all are created equal. To a certain degree, the “usefulness” of a given memory corruption vulnerability is determined by how reliably it might be exploited. In some...

10CVSS9.5AI score0.96079EPSS
Exploits15
exploitpack
exploitpack
added 2015/01/12 11:29 a.m.12 views

Exploit-Tutorial-1

This is a module that will help you learn the basics of exploit development, the focus on this one is a stack-buffer type of overflow and the platform used is GNU/Linux. Basic Buffer Overflow for Linux - Part of the Exploit Pack Tutorials The following exploit code has been written in Python and...

7.6AI score
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2014/10/21 12:0 a.m.12 views

FreeBSD-SA-14:20.rtsold

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-14:20.rtsold Security Advisory The FreeBSD Project Topic: rtsold8 remote buffer overflow vulnerability Category: core Module: rtsold Announced: 2014-10-21 Credits...

10CVSS6AI score0.0394EPSS
Exploits0
Rows per page
Query Builder