7 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-53135
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - riscv: Use READONCENOCHECK in imprecise unwinding stack mode When CONFIGFRAMEPOINTER is unset, the stack unwinding function walkstackframe randomly reads the...
Axessh 4.2 - Denial Of Service
Axessh是一款windows下的ssh工具,使用后会开启ssh 22端口,并开启wsshed.exe服务,当wsshed.exe在接收字符串时,会调用BIGNUM相关函数进行处理,但对于BIGNUM的结构体没有进行赋初值,导致空指针引用引发拒绝服务漏洞,下面对此漏洞进行详细分析。 这里要提的一点是,Exploit-db给的PoC可以触发漏洞,但实际上,只要连接22端口,都会引发这个漏洞的发生,哪怕只发送一字节的内容。 附加wsshed.exe,执行PoC,引发中断,这边捕获到漏洞触发位置。 0:000 g f74.a68: Access violation - code c00000...
Avast! - Authenticode Parsing Memory Corruption
Avast! - Authenticode Parsing Memory Corruption Source: https://code.google.com/p/google-security-research/issues/detail?id=668 The attached PE file causes memory corruption in Avast, it looks related to authenticode parsing. 474.c0c: Access violation - code c0000005 first chance First chance...
jetAudio 8.1.3.2200 Crash Proof Of Concept
Exploit Title : jetAudio 8.1.3.2200 Basic m3u Crash POC Product : jetAudio Basic Date : 27.12.2014 Exploit Author : Hadji Samir [email protected] Software Link : http://www.jetaudio.com/download/ Vulnerable version : 8.1.3.2200 Basic Vendor Homepage : http://www.jetaudio.com/ Tested on : Windows 7...
jetAudio 8.1.3 Basic (mp3) - Crash POC
Exploit for windows platform in category dos / poc Exploit Title : jetAudio 8.1.3 Basic Corrupted mp3 Crash POC Product : jetAudio Basic Date : 8.12.2014 Exploit Author : ITDefensor Vulnerability Research Team http://itdefensor.ru/ Software Link : http://www.jetaudio.com/download/ Vulnerable...
SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 5219 / 5222 / 5223)
The SUSE Linux Enterprise 11 Service Pack 1 kernel was updated to 2.6.32.46 and fixes various bugs and security issues. The following security issues have been fixed : - A signedness issue in CIFS could possibly have lead to to memory corruption, if a malicious server could send crafted replies t...
Design/Logic Flaw
The pariscshowstack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service system crash via vectors associated with an attempt to unwind a stack that contains userspace addresses...