openssl security update

An update is available for openssl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transpo...

Qualcomm RIL Buffer Error Vulnerability

Qualcomm RIL is a Qualcomm Incorporated USA support component used in chips. A buffer error vulnerability exists in Qualcomm RIL, which arises from a stack overflow that can occur when the configuration size of a GSM WCDMA broadcast received from a user is larger than a variable-length array...

kernel: buffer-overflow hardening in WiFi beacon validation code.

A flaw in the Linux kernel's WiFi beacon validation code was discovered. The code does not check the length of the variable length elements in the beacon head potentially leading to a buffer overflow. System availability, as well as data confidentiality and integrity, can be impacted by this...

OpenSSL -- ChaCha20-Poly1305 nonce vulnerability

The OpenSSL project reports: Low: ChaCha20-Poly1305 with long nonces CVE-2019-1543 ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value IV should be 96 bits 12 bytes. OpenSSL allows a variable nonce length a...

[SECURITY] Fedora 24 Update: libdb-5.3.28-24.fc24

The Berkeley Database Berkeley DB is a programmatic toolkit that provides embedded database support for both traditional and client/server applications. The Berkeley DB includes B+tree, Extended Linear Hashing, Fixed and Variable-length record access methods, transactions, locking, logging, share...

CVE-2016-3934

drivers/media/platform/msm/camerav2/sensor/io/msmcameraccii2c.c in the Qualcomm camera driver in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices relies on variable-length arrays, which allows attackers to gain privileges via a crafted application, aka...

CVE-2016-3934

drivers/media/platform/msm/camerav2/sensor/io/msmcameraccii2c.c in the Qualcomm camera driver in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices relies on variable-length arrays, which allows attackers to gain privileges via a crafted application, aka...

CVE-2016-3922

libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 relies on variable-length arrays, which allows attackers to gain privileges via a crafted application, aka internal bug 30202619...

UBUNTU-CVE-2016-3922

libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 relies on variable-length arrays, which allows attackers to gain privileges via a crafted application, aka internal bug 30202619...

On the PHP multi-character set encoding vulnerability research-exploit warning-the black bar safety net

| First, do an experiment,in the local environment in the establishment of such a php file ? php header"Content-Type:text/html;Charset=gb2312"; echo $GET"str"; echi "br/"; echo addslashes$GET"str"; ?& gt; Here my php environment has opened the Magicquotesgpc,contemporary code inside also made to...

Security Best Practice: Protect Yourself from MS-RPC and DCE-RPC Vulnerabilities

DCE/RPC stands for "Distributed Computing Environment / Remote Procedure Calls". It is a Remote Procedure Call system that allows software to work across multiple computers, as if it were all working on the same computer. This system allows programmers to write distributed software without having...

PHP php_binary / WDDX information leak

Fragment of heap memory may be red because of missed variable length checking...

Variable-length Fnstenv/mov Dword XOR Encoder

This encoder uses a variable-length mov equivalent instruction with fnstenv for getip. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Variable-length Fnstenv/mov Dword XOR Encoder',...

GLIBC (via /bin/su) Local Root Exploit

Exploit for linux platform in category local exploits ====================================== GLIBC via /bin/su Local Root Exploit ====================================== / Working exploit for glibc executing /bin/su To exploit this i have used a technique that overwrites the .dtors section of...