kees cook vulnerabilities and exploits

(subscribe to this query)

Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field.

Debian Shadow 1\\

The l2tp_ip6_recvmsg function in net/l2tp/l2tp_ip6.c in the Linux kernel prior to 3.9-rc7 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Linux Linux Kernel Linux Linux Kernel 3.9

The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel prior to 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfr...

Linux Linux Kernel Linux Linux Kernel 3.9

The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel prior to 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Linux Linux Kernel Linux Linux Kernel 3.9

Untrusted search path vulnerability in pam_motd (aka the MOTD module) in libpam-modules prior to 1.1.3-2ubuntu2.1 on Ubuntu 11.10, prior to 1.1.2-2ubuntu8.4 on Ubuntu 11.04, prior to 1.1.1-4ubuntu2.4 on Ubuntu 10.10, prior to 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and prior to 0.9...

Canonical Libpam-modules 1.1.2 Canonical Libpam-modules 0.9.7 Canonical Ubuntu Linux 8.04 Canonical Ubuntu Linux 10.04 Canonical Ubuntu Linux 10.10 Canonical Ubuntu Linux 11.04 Canonical Libpam-modules 1.1.1 Canonical Libpam-modules 1.1.3 Canonical Ubuntu Linux 11.10

Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) prior to 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.p...

The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) prior to 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).

Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel up to and including 3.9.4 allows local users to gain privileges by leveraging root access and including format string specif...

Linux Linux Kernel Debian Debian Linux 6.0 Canonical Ubuntu Linux 13.04 Canonical Ubuntu Linux 12.10 Canonical Ubuntu Linux 10.04 Canonical Ubuntu Linux 12.04

1 EDB exploit

hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x prior to 2.7.10 allows context-dependent malicious users to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sendmail.

Hp Linux Imaging And Printing Project 1.0 Hp Linux Imaging And Printing Project

1 EDB exploit

Off-by-one error in the build_unc_path_to_root function in fs/cifs/connect.c in the Linux kernel prior to 3.9.6 allows remote malicious users to cause a denial of service (memory corruption and system crash) via a DFS share mount operation that triggers use of an unexpected DFS r...

Linux Linux Kernel

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook