exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 1 of 1 RSS Feed

Files from Ed Maste

First Active2013-09-10
Last Active2013-09-10
FreeBSD Security Advisory - sendfile(2) Kernel Memory Disclosure
Posted Sep 10, 2013
Authored by Ed Maste | Site security.freebsd.org

FreeBSD Security Advisory - The sendfile(2) system call allows a server application (such as an HTTP or FTP server) to transmit the contents of a file over a network connection without first copying it to application memory. High performance servers such as Apache and ftpd use sendfile. On affected systems, if the length passed to sendfile(2) is non-zero and greater than the length of the file being transmitted, sendfile(2) will pad the transmission up to the requested length or the next pagesize boundary, whichever is smaller. The content of the additional bytes transmitted in this manner depends on the underlying filesystem, but may potentially include information useful to an attacker. An unprivileged user with the ability to run arbitrary code may be able to obtain arbitrary kernel memory contents.

tags | advisory, web, arbitrary, kernel
systems | freebsd
advisories | CVE-2013-5666
SHA-256 | 2c43f9839d8e9bf39752b47d4b9dbc5baf6ebdb977b3951776c95386cd3691b1
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close