Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."
aff5b40d48b744669b49fa2cfee527fa3db07c7cb604fbe5b035e218c9052351OpenSSL versions 0.9.8f through 0.9.8m remote denial of service exploit.
d619ba947842d0aec5a867578cea9e2b0780420df00ddb7b8adf844e4c572ed9Linux 2.6 kernels prior to version 2.6.19 udp_sendmsg local root exploit.
589a7c6856e4dc94ba37aaf2bf8e556d9958b133e9d7fae3e8a7922977a6f9acHPP (HTTP Parameter Pollution) protection patch for ModSecurity version 2.5.9.
694e79fd6246d584e4df0972c66d14e7afca6ec28b6e3eee0d217b41d58f5786Sun Solaris 8/9/10 and OpenSolaris versions below snv_96 snoop utility remote exploit.
35e45fd192fe8d93b73a8b63f302b1e8583257b9ea95ef03be4093ea08ebd7e9Lighttpd version 1.4.17 and below FastCGI header overflow remote exploit.
7c39ec7d2d16e0c3a90deba300e963a021c303d9e764b6adc815b8dd389eab3aPHP versions 4.4.3 / 5.1.4 and below local buffer overflow exploit. Yields webserver uid.
76d2a73f8fb3743433f837c194707701127c12b5166a020c2396aef7f6d354a4Remote root exploit for Linux that makes use of a format string vulnerability in OpenFTPD versions up to 0.30.2.
4a813dbfde0c43338733a0d71011da4dee731192168cf758ffb58a3d80969bacA format string vulnerability exists in OpenFTPD versions up to 0.30.2.
3d14f8de65a15da5e2a16400f1ad225b52f93ab1e94fb25bdb07df8230707879Local exploit for the SUNWlldap library buffer overflow vulnerability on Sun Solaris x86.
9741295723632b8059de0525584841db6e2fb91f9d27d52e0c0d9caf0562ad64OpenBSD Network ACLs for i386 - This paper discusses how to utilize a kernel patch to create local ACLs to restrict local users from using network services. It allows an administrator to deny network access for a user by restricting bind() and connect() to allowed accounts.
4049a210d3c28f826d0429cbdcfedc0ee92e89e21c90faa4675b99e21d18a311Linux Kernel Patch from the segfault.net project - This patch for kernel v2.2.19 allows you to specify GID's which are allowed to bind to each interface. This patch could be very useful for shell providers or admins who wants to restrict the using of more interfaces.
0ab604f42e9c8656bf07b1286bd56f0d7f1d756a9d7ffda62764507085a0e115Man -l format string local exploit for Linux.
ca335bd4cdac2c35254a550caf5b711395186ac1f91e69c92d32054d17d198fc
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed