138 matches found
CVE-2011-3263
zabbixagentd in Zabbix before 1.8.6 and 1.9.x before 1.9.4 allows context-dependent attackers to cause a denial of service CPU consumption by executing the vfs.file.cksum command for a special device, as demonstrated by the /dev/urandom device...
[SECURITY] Fedora 14 Update: libHX-3.6-1.fc14
A library for: - rbtree with key-value pair extension - deques double-ended queues Stacks LIFO / Queues FIFOs - platform independent opendir-style directory access - platform independent dlopen-style shared library access - auto-storage strings with direct access - command line option argv parser...
FreeBSD Security Advisory (FreeBSD-SA-07:09.random.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-07:09.random.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
DEBIAN-CVE-2008-1353
zabbixagentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service CPU and connection consumption via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero...
linux/x86 cat /dev/urandom > /dev/console, just for kicks - 63 bytes
No description provided by source. / linux/x86 cat /dev/urandom /dev/console, no real profit just for kicks - 63 bytes - izik [email protected] / char shellcode = "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\x68\x6e\x64\x6f\x6d" // push $0x6d6f646e "\x68\x2f\x75\x72\x61" // push $0x6172752f...
Design/Logic Flaw
The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that rely on secrecy of those values...
CVE-2007-6150
CVE-2007-6150 concerns a bug in FreeBSD where the internal state tracking for the random(4) and urandom(4) devices can be exploited to replay data distributed during subsequent reads. Affected: FreeBSD 5.5, 6.1–6.3, and 7.0 beta4. Impact: local adversaries could deduce fragments of previously rea...
FreeBSD-SA-07:09.random
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:09.random Security Advisory The FreeBSD Project Topic: Random value disclosure Category: core Module: sysdevrandom Announced: 2007-11-29 Credits: Robert Woolle...
CentOS 4 : cyrus-sasl (CESA-2007:0795)
An updated cyrus-sasl package that addresses a security issue and fixes various other bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The cyrus-sasl package contains the Cyrus implementation...
cyrus security update
CentOS Errata and Security Advisory CESA-2007:0795 An updated cyrus-sasl package that addresses a security issue and fixes various other bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The...
Moderate: Red Hat Security Advisory: cyrus-sasl security and bug fix update
An updated cyrus-sasl package that addresses a security issue and fixes various other bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The cyrus-sasl package contains the Cyrus implementation...
linux/x86 cat /dev/urandom > /dev/console 63 bytes
linux/x86 cat /dev/urandom /dev/console, just for kicks - 63 bytes. Shellcode exploit for linx86 platform / linux/x86 cat /dev/urandom /dev/console, no real profit just for kicks - 63 bytes - izik / char shellcode = "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\x68\x6e\x64\x6f\x6d" // push...
linux/x86 cat /dev/urandom > /dev/console just for kicks - 63 bytes
No description provided by source. / linux/x86 cat /dev/urandom /dev/console, no real profit just for kicks - 63 bytes - izik [email protected] / char shellcode = "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\x68\x6e\x64\x6f\x6d" // push $0x6d6f646e "\x68\x2f\x75\x72\x61" // push $0x6172752f...
linux/x86 cat /dev/urandom > /dev/console, just for kicks - 63 bytes
Exploit for linux/x86 platform in category shellcode ==================================================================== linux/x86 cat /dev/urandom /dev/console, just for kicks - 63 bytes ==================================================================== / linux/x86 cat /dev/urandom...
CVE-2003-0094
CVE-2003-0094 affects Mandrake Linux 8.2/9.0 util-linux mcookie. The patch changed the entropy source from /dev/random to /dev/urandom, making mcookie output more predictable and potentially aiding certain attacks. The Nessus advisory notes the patch was removed in these updates, restoring a bett...
CVE-1999-1285
CVE-1999-1285 affects Linux kernels 2.1.132 and earlier. A local attacker can cause a denial of service by reading a large buffer from a random device (e.g., /dev/urandom) that cannot be interrupted until the read completes. The provided documents specify the vulnerability and impact (resource ex...
Security Advisory 2000-007
-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2000-007 ================================= Topic: bad key generation in libdes if no /dev/urandom Version: Domestic US NetBSD-current between 19990624 and 20000622. No formal releases of NetBSD are vulnerable. Severity: high only if...
Проблемы с libdes в NetBSD
Если отсутствует или не функционирует /dev/urandom, используется предсказуемая последовательность при генерации ключей...