Updated glibc packages fix security vulnerabilities

Updated glibc fixes the following security issues: A stack overflow unbounded alloca could have caused applications which process long strings with the nan function to crash or, potentially, execute arbitrary code CVE-2014-9761. A stack-based buffer overflow in getaddrinfo allowed remote attacker...

SUSE SLED11 / SLES11 Security Update : glibc (SUSE-SU-2016:0472-1)

This update for glibc fixes the following issues : - CVE-2015-7547: A stack-based buffer overflow in getaddrinfo allowed remote attackers to cause a crash or execute arbitrary code via crafted and timed DNS responses bsc961721 - CVE-2015-8777: Insufficient checking of LDPOINTERGUARD environment...

lib32-glibc: multiple issues

CVE-2015-7547 arbitrary code execution A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the...

glibc: multiple issues

CVE-2015-7547 arbitrary code execution A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the...

Vulnerability of the Cyrus IMAP mail server and operating systems openSUSE and OpenSUSE Leap, allowing attackers to compromise the integrity and accessibility of protected information

The vulnerability of the indexurlfetch function imap/index.c in the Cyrus IMAP server and on the OpenSUSE and OpenSUSE Leap operating systems is caused by a numerical overflow issue. Exploiting this vulnerability allows an attacker to compromise the integrity and accessibility of protected...

Libsys图书管理系统 V5.5 变量覆盖漏洞

登陆页面 sessionstart ; if isset $REQUEST'username' $strUser = trim $REQUEST'username' ; $strInput = trim $REQUEST'passwd' ; $strMsg = "用户名或者密码错误"; switch $strUser case "opacadmin" : $strPassWd = $strPassWdFile; $strMsg = verifypwd $strInput, $strPassWd ; if $strMsg == true $SESSION'ADMINUSER' =...

Apple Mac OSX / iOS - Multiple Kernel Uninitialized Variable Bugs Leading to Code Execution

Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=618 The ool variations of the IOKit device.defs functions all incorrectly deal with error conditions. If you run the mig tool on device.defs you can see the source of th...

Metabrik - Perl Brik Platform

Smartphones have their apps, Web browsers have their apps, shells don’t. With Metabrik , we tried to merge the power of shells with the power of the Perl language by creating a platform allowing to quickly write reusable Briks. Metabrik goals: Glue the Perl language with a shell Give a standardis...

GNU C Library Security Mechanism Bypass Vulnerability

glibc is the libc library, or c runtime library, released by GNU. A security vulnerability exists in the function processenvvars within elf/rtld.c of the GNU C Library, where a local attacker can bypass the pointer guard protection mechanism by using a zero value within the LDPOINTERGUARD...

DEBIAN-CVE-2015-8777

The processenvvars function in elf/rtld.c in the GNU C Library aka glibc or libc6 before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LDPOINTERGUARD environment variable...

Null pointer dereference

The processenvvars function in elf/rtld.c in the GNU C Library aka glibc or libc6 before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LDPOINTERGUARD environment variable...

CVE-2015-8777

The processenvvars function in elf/rtld.c in the GNU C Library aka glibc or libc6 before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LDPOINTERGUARD environment variable...

CVE-2015-8777

The processenvvars function in elf/rtld.c in the GNU C Library aka glibc or libc6 before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LDPOINTERGUARD environment variable...

UBUNTU-CVE-2015-8777

The processenvvars function in elf/rtld.c in the GNU C Library aka glibc or libc6 before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LDPOINTERGUARD environment variable...

SSO Authentication Bypass and Website Takeover in DOKEOS

High-Tech Bridge Security Research Lab discovered a high-risk vulnerability in a popular e-learning software DOKEOS. A remote unauthenticated attacker can bypass authentication process and login to the vulnerable website with an arbitrary account including administrator's one. Successful...

VMware ESX Multiple Bash Vulnerabilities (VMSA-2014-0010) (Shellshock)

The remote VMware ESX host is affected by multiple vulnerabilities in the Bash shell : - A command injection vulnerability exists in GNU Bash known as Shellshock. The vulnerability is due to the processing of trailing strings after function definitions in the values of environment variables. This...

Phan - Static Analyzer For PHP

Phan is a static analyzer for PHP. Getting it running Phan requires PHP 7+ with the php-ast extension loaded. The code you analyze can be written for any version of PHP. To get phan running; 1. Clone the repo 2. Run composer install to load dependencies 3. Run ./test to run the test suite 4. Test...

SUSE-SU-2015:2337-1 Security update for rubygem-passenger

This update for rubygem-passenger fixes the following issues: - CVE-2015-7519: rubygem-passenger was not filtering the environment like apache is doing, allowing injection of environment variables bsc956281...

Adobe Flash TextField Variable - Use-After Free

Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=583 If a TextField variable is set to a value with toString defined, and the TextField is updated, a use-after-free can occur if the toString method frees the TextField's...

Adobe Flash TextField.Variable Setter - Use-After-Free

Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=579 There is a use-after-free in the TextField.variable setter. If the variable name that is added is an object with toString defined, the toString function can free the...