Lucene search
K

1583 matches found

securityvulns
securityvulns
added 2006/11/11 12:0 a.m.36 views

MOKB-09-11-2006

Title: Mac OS X fpathconf syscall denial of service Warning - wet floor! Description: Failure to handle unknown file types by the Mac OS X kernel XNU fpathconf syscall causes a kernel panic, leading to an exploitable local denial of service by non-privileged users. The bug was fixed by FreeBSD on...

0.2AI score
Exploits0
NVD
NVD
added 2006/11/10 1:7 a.m.30 views

CVE-2006-5836

The fpathconf syscall function in bsd/kern/kerndescrip.c in the Darwin kernel XNU 8.8.1 in Apple Mac OS X allows local users to cause a denial of service kernel panic and possibly execute arbitrary code via a file descriptor with an unrecognized file type...

7.2CVSS7AI score0.01262EPSS
Exploits1References12
CVE
CVE
added 2006/11/10 1:0 a.m.51 views

CVE-2006-5836

The CVE-2006-5836 entry concerns the Mac OS X kernel (Darwin/XNU) fpathconf() syscall in kern_descrip.c, affecting Darwin 8.8.1. The vulnerability allows an authenticated local attacker to trigger a kernel panic (DoS) via a file descriptor associated with an unrecognized file type (e.g., semaphor...

7.2CVSS7.6AI score0.01262EPSS
Exploits1References12Affected Software1
Cvelist
Cvelist
added 2006/11/10 1:0 a.m.32 views

CVE-2006-5836

The fpathconf syscall function in bsd/kern/kerndescrip.c in the Darwin kernel XNU 8.8.1 in Apple Mac OS X allows local users to cause a denial of service kernel panic and possibly execute arbitrary code via a file descriptor with an unrecognized file type...

7.6AI score0.01262EPSS
Exploits1References12
seebug.org
seebug.org
added 2006/10/28 12:0 a.m.14 views

Linux Kernel 2.4.x mremap() bound checking Root Exploit

No description provided by source. / Linux kernel mremap bound checking bug exploit. Bug found by Paul Starzetz paul isec pl Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY. COPYING,...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.111 views

Debian DSA-1017-1 : kernel-source-2.6.8 - several vulnerabilities

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2004-1017 Multiple overflows exist in the ioedgepor...

10CVSS6.6AI score0.05357EPSS
Exploits20References69
myhack58
myhack58
added 2006/08/27 12:0 a.m.16 views

Brief analysis of the Linux and FreeBSD syscall with the shellcode-exploit warning-the black bar safety net

Article author: 7all Information source: evil octal information security team www.eviloctal.com) ==www.cciss.cn.== ==the bbs. cciss. cn.== Brief analysis of the Linux and FreeBSD syscall with the shellcode |=---------------= Brief analysis of the Linux and FreeBSD syscall with the...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2006/07/24 12:0 a.m.16 views

Solaris 10 - sysinfo() Local Kernel Memory Disclosure (1)

Solaris 10 - sysinfo Local Kernel Memory Disclosure 1 / Sun Microsystems Solaris sysinfo Kernel Memory Disclosure exploit =================================================================== Local exploitation of an integer overflow vulnerability in Sun Microsystems Inc. Solaris allows attackers t...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/07/05 12:0 a.m.65 views

CentOS 3 : kernel (CESA-2005:293)

Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 3 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating syste...

7.2CVSS6AI score0.04638EPSS
Exploits3References17
seebug.org
seebug.org
added 2006/06/02 12:0 a.m.38 views

iShopCart vGetPost() Remote Buffer Overflow Exploit (cgi)

No description provided by source. / Creator: K-sPecial xzziroz.net of .aware awarenetwork.org Name: ishopcart-cgi-bof.c = easy-scart6.c Date: 5/25/2006 Version: 1.00 5/25/2006 - ishopcart-cgi-bof.c created Description: there is an overflow in the vGetPost function, it does not do any size checki...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/04/21 12:0 a.m.23 views

linux/amd64 - connect-back semi-stealth shellcode 88+ bytes

linux/amd64 connect-back semi-stealth shellcode 88+ bytes. Shellcode exploit for linamd64 platform include include include include include include include / usual rant here.. this is just a doodle.. i was curious about the amd64 and since i dont think a simple exec /bin/sh is worth releasing i gi...

Exploits0
0day.today
0day.today
added 2006/04/21 12:0 a.m.15 views

linux/amd64 connect-back semi-stealth shellcode 88+ bytes

Exploit for linux/amd64 platform in category shellcode ========================================================= linux/amd64 connect-back semi-stealth shellcode 88+ bytes ========================================================= include include include include include include include / usual rant...

7AI score
Exploits0
seebug.org
seebug.org
added 2006/04/16 12:0 a.m.17 views

linux/x86 SWAP restore shellcode 109 bytes

No description provided by source. / linux-x86-swap-restore.c - SWAP restore shellcode 109 bytes for Linux/x86 Copyright c 2006 Gotfault Security & rfdslabs Authors: dx [email protected] spud [email protected] This shellcode reads the swap device at offset 31337. After it searchs by NULL byt...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.39 views

Ubuntu 4.10 / 5.04 : linux-source-2.6.10, linux-source-2.6.8.1 vulnerabilities (USN-143-1)

A Denial of Service vulnerability has been discovered in the ptrace call on the amd64 platform. By calling ptrace with specially crafted 'non-canonical' addresses, a local attacker could cause the kernel to crash. This only affects the amd64 platform. CAN-2005-1762 ZouNanHai discovered that a loc...

2.1CVSS5.3AI score0.00437EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2005/11/09 12:0 a.m.34 views

linux/x86 dup20,0; dup20,1; dup20,2; 15 bytes

linux/x86 dup20,0; dup20,1; dup20,2; 15 bytes. Shellcode exploit for linx86 platform / dup2loop-core.c by Charles Stevenson I made this as a chunk you can paste in to make modular remote exploits. I usually combine this with an execve as the second stage of a read jmp %esp / char hellcode = /...

0.1AI score
Exploits0
Cent OS
Cent OS
added 2005/10/05 4:21 p.m.100 views

kernel security update

CentOS Errata and Security Advisory CESA-2005:514 Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 4. This is the second regular update. This update has been rated as having important security impact by the Red Hat Security...

7.8CVSS5.9AI score0.03906EPSS
Exploits3References8
RedHat Linux
RedHat Linux
added 2005/09/28 2:17 p.m.73 views

Important: Red Hat Security Advisory: Updated kernel packages available for Red Hat Enterprise Linux 3 Update 6

Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the sixth regular update. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles t...

6.4CVSS6.7AI score0.13429EPSS
Exploits3References146
seebug.org
seebug.org
added 2005/09/04 12:0 a.m.18 views

linux/x86 /bin/sh sysenter Opcode Array Payload 23 Bytes

No description provided by source. / lnxbinsh4.c - v1 - 23 Byte /bin/sh sysenter Opcode Array Payload Copyrightc 2005 c0ntex [email protected] Copyrightc 2005 BaCkSpAcE [email protected] This program is free software; you can redistribute it and/or modify it under the terms of the GNU...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2005/08/25 12:0 a.m.41 views

linux/x86 /bin/sh sysenter Opcode Array Payload 27 Bytes

linux/x86 /bin/sh sysenter Opcode Array Payload 27 Bytes. Shellcode exploit for linx86 platform / lnxbinsh3.c - v1 - 27 Byte /bin/sh sysenter Opcode Array Payload Copyrightc 2005 c0ntex Copyrightc 2005 amnesia This program is free software; you can redistribute it and/or modify it under the terms...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/07/12 12:0 a.m.24 views

Linux kernel ia32 compatibility for 64 bit platforms race condtions

Race conditions with heap memory corruption in execve syscall...

2.1AI score
Exploits0References1Affected Software1
Rows per page
Query Builder