CVE-2015-4535

CVE-2015-4535 affects EMC Documentum Content Server where Java Method Server (JMS) can be exploited when debug_trace is enabled to let remote authenticated users gain super-user privileges by reading a log containing a login ticket. This is part of a set of vulnerabilities in the ESA-2015-131 adv...

Linux Kernel KVM 'KVM_MAX_MCE_BANKS'内存破坏漏洞

Bugraq ID: 37035 Linux是一款开放源代码的操作系统。 Linux内核KVM中存在一个内存破坏问题，本地攻击者可以利用漏洞以超级用户特权执行任意指令。 系统只对32 MCE banksKVMMAXMCEBANKS分配了相应的内存，但是存在漏洞允许用户空间在setupmcgcap & 0xff上填充255，可破坏内核内存。 Linux kernel 2.6.31 .2 Linux kernel 2.6.31 -rc7 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix...

Security Update: ld.so unsetenv problem

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Caldera Systems, Inc. Security Advisory Subject: ld.so unsetenv problem Advisory number: CSSA-2000-028.0 Issue date: 2000 August, 24 Cross reference: 1. Problem Description A bug has been discovered in ld.so that could allow local users to obtain supe...