FreeBSD Security Advisory - The kernel can create a core dump file when a process crashes that contains process state, for debugging. Due to incorrect initialization of a stack data structure, up to 20 bytes of kernel data stored previously stored on the stack will be exposed to a crashing user process. Sensitive kernel data may be disclosed.
178d5992a84290ac4a8dc6947197a0096dd8c410a6b2c14c552637e40cf2ff97FreeBSD Security Advisory - Due to insufficient initialization of memory copied to userland in the components listed above small amounts of kernel memory may be disclosed to userland processes. A user who can invoke 32-bit FreeBSD ioctls may be able to read the contents of small portions of kernel memory. Such memory might contain sensitive information, such as portions of the file cache or terminal buffers. This information might be directly useful, or it might be leveraged to obtain elevated privileges in some way; for example, a terminal buffer might include a user-entered password.
0e0df08026cdde81c94f8a176b172a71c19e15379445944e64ecdd04b7315690Suresec Security Advisory - The malloc() function on Mac OS X insecurely trusts a debug variable, regardless of the fact that the calling application may be suid root. This can result in an arbitrary file being overwritten, which can be used to escalate privileges.
cdb59539bd347748b5b59524ac993ceffaf516ffabd88ddfebd8dcd9e1a43d1bSuresec Security Advisory - A lockfile handling error was found in kcheckpass which can, in certain configurations, be used to create world writable files. kdebase versions 3.2.0 through 3.4.2 are susceptible.
a3aa3af306ee8b641cb1cb6ed4cf51efb1c6a63968d144463c1c600707cd4c6eTraceroute and ping suffer from buffer overflows and a user spoofing vulnerability exists in Mac OS X versions up to 10.3.9 and 10.4.2.
ee042c25fc12d8e97cbd7e655a28d07129f44192331cb3d7682b49791c571b91A race condition vulnerability has been found in the ia32 compatibility execve() systemcall of the Linux kernel. The race condition may lead to heap corruption. Versions up to 2.4.31 and 2.6.6 are affected.
60d19fb55a1868fabc6dc3d7ddb54e27e89f5c9fb581589f667b2f5e0a5d2b9bThe Bluetooth code in the Linux kernel has a flaw that allows for local privilege escalation. Versions affected are greater than or equal to 2.4.6, less than or equal to 2.4.30-rc1, and 2.6.x up to 2.6.11.5.
3af1e2b575930a55ef4b0186165f28931f8a985f60a7c3067e9481a97e6a86a3A small utility that allows you to kill zombie processes on x86 Linux.
a2a77ba73f71c96c56aca603232fa0dd92eeb9a87f9c1116df3870f77bfabbd3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed