PHP MultiPart Form-Data Denial of Service PoC

Exploit for unknown platform in category web applications ============================================= PHP MultiPart Form-Data Denial of Service PoC ============================================= !/usr/bin/python PHP MultiPart Form-Data Denial of Service proof of concept, 23-10-2009 Bogdan Calin...

kernel security and bug fix update

2.6.18-164.6.1.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina yang orabug 69930...

mDNSResponder 10.4.0/10.4.8 (OSX) - UPnP Location Overflow (Metasploit)

require 'msf/core' class Metasploit3 'Mac OS X mDNSResponder UPnP Location Overflow', 'Platform' = 'osx', 'DefaultOptions' = 'SRVPORT' = 1900, 'RPORT' = 0 , 'Targets' = '10.4.8 x86', mDNSResponder-108.2 'Arch' = ARCHX86, Offset to mDNSStorage structure 'Offset' = 21000, 'Magic' = 0x8fe510a0,...

MySQL COM_TABLE_DUMP Information Leakage and Arbitrary Command Execution

No description provided by source. / April 21.st 2006 myexploit.c MySql COMTABLEDUMP Memory Leak & MySql remote B0f MySql = 5.0.20 MySql COMTABLEDUMP Memory Leak MySql = 4.x.x copyright 2006 Stefano Di Paola stefano.dipaolaatwisec.it GPL 2.0 Disclaimer: In no event shall the author be liable for...

kernel: execve: must clear current->clear_child_tid

The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current-clearchildtid pointer, which allows local users to cause a denial of service memory corruption or possibly gain privileges via a clone system call with CLONECHILDSETTID or...

FreeBSD <= 6.1 kqueue() NULL pointer Dereference Local Root Exploit

No description provided by source. FreeBSD = 6.1 suffers from classical check/use race condition on SMP systems in kevent syscall, leading to kernel mode NULL pointer dereference. It can be triggered by spawning two threads: 1st thread looping on open and close syscalls, and the 2nd thread loopin...

CVE-2009-2848

The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current-clearchildtid pointer, which allows local users to cause a denial of service memory corruption or possibly gain privileges via a clone system call with CLONECHILDSETTID or...

CVE-2009-2848

The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current-clearchildtid pointer, which allows local users to cause a denial of service memory corruption or possibly gain privileges via a clone system call with CLONECHILDSETTID or...

RedHat Security Advisory RHSA-2009:1190

The remote host is missing updates announced in advisory RHSA-2009:1190. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing, calendar time,...

Design/Logic Flaw

The ptracestart function in kernel/ptrace.c in the Linux kernel 2.6.18 does not properly handle simultaneous execution of the docoredump function, which allows local users to cause a denial of service deadlock via vectors involving the ptrace system call and a coredumping thread...

PT-2009-3904 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel version 2.6.18 Description: The issue arises from the ptrace start function in kernel/ptrace.c, which does not properly handle simultaneous execution of the do coredump function. This allows local users to cause a denial of servi...

kernel security and bug fix update

2.6.9-89.0.3.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - backout patch sysrq-b that queues upto keventd thread Guru Anbalagane orabug 6125546 - netrx/netpoll race avoidanc...

telnet-brute NSE Script

Performs brute-force password auditing against telnet servers. Script Arguments telnet-brute.autosize Whether to automatically reduce the thread count based on the behavior of the target default: "true" telnet-brute.timeout Connection time-out timespec default: "5s" passdb, unpwdb.passlimit,...

Solaris Update for thread 126126-01

Check for the Version of thread OpenVAS Vulnerability Test Solaris Update for thread 126126-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

Solaris Update for thread 126126-01

Check for the Version of thread OpenVAS Vulnerability Test Solaris Update for thread 126126-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

Solaris Update for thread 126125-01

Check for the Version of thread OpenVAS Vulnerability Test Solaris Update for thread 126125-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

Race condition

win32k.sys in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service system crash via vectors related to CreateWindow, TranslateMessage, and DispatchMessage, possibly a race condition between threads, a different vulnerability than CVE-2008-1084. NOTE: some of the...

CVE-2008-6819

win32k.sys in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service system crash via vectors related to CreateWindow, TranslateMessage, and DispatchMessage, possibly a race condition between threads, a different vulnerability than CVE-2008-1084. NOTE: some of the...

CVE-2008-6754

The Personal Sticky Threads addon 1.0.3c for vBulletin allows remote authenticated users to read the title, author, and pages of an arbitrary thread by toggling a personal sticky...

Microsoft Windows线程池ACL本地权限提升漏洞（MS09-012）

BUGTRAQ ID: 34444 CVECAN ID: CVE-2009-0080 Microsoft Windows是微软发布的非常流行的操作系统。 Windows对当前ThreadPool中的线程设置了错误的ACL，本地攻击者可以利用令牌劫持的方式获得权限提升。成功利用此漏洞的攻击者可以完全控制受影响的系统，攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。 Microsoft Windows Vista SP1 Microsoft Windows Vista Microsoft Windows Server 2008 临时解决方法： IIS 6.0 -...