| |
| |
| |
|
Release:
|
December 29, 2004
|
| |
Synopsis:
|
Heap overflow in Mozilla Browser NNTP code
|
| |
Product:
|
Mozilla Browser <= 1.7.3
|
| |
Author: |
Maurycy Prodeus ( z33d@isec.pl)
| |
| |
|
| |
|
A critical security vulnerability has been found in Mozilla Project code
handling NNTP protocol.
|
| |
|
| |
|
Release:
|
December 14, 2004
|
| |
Synopsis:
|
Linux kernel scm_send local DoS
|
| |
Product:
|
2.4 => 2.4.28, 2.6 => 2.6.9
|
| |
Author: |
Paul Starzetz ( paul@isec.pl)
| |
| |
|
| |
|
A locally exploitable flaw has been found in the Linux socket layer,
that allows a local user to hang a vulnerable machine.
|
| |
|
| |
|
Release:
|
December 14, 2004
|
| |
Synopsis:
|
Linux kernel IGMP vulnerabilities
|
| |
Product:
|
Linux 2.4 => 2.4.28, 2.6 => 2.6.9
|
| |
Author: |
Paul Starzetz ( paul@isec.pl)
| |
| |
|
| |
|
Multiple locally as well as remotely exploitable bugs have been found in
the Linux IGMP networking module and the corresponding user API.
|
| |
|
| |
|
Release:
|
November 10, 2004
|
| |
Synopsis:
|
Linux ELF loader vulnerabilities
|
| |
Product:
|
Linux kernel 2.4 => 2.4.27, 2.6 => 2.6.8
|
| |
Author: |
Paul Starzetz ( paul@isec.pl)
| |
| |
|
| |
|
Numerous bugs have been found in the Linux ELF binary loader while
handling setuid binaries.
|
| |
|
| |
|
Release:
|
August 04, 2004
|
| |
Synopsis:
|
Linux kernel file offset pointer races
|
| |
Product:
|
Linux kernel 2.4 => 2.4.26, 2.6 => 2.6.7
|
| |
Author: |
Paul Starzetz ( paul@isec.pl)
| |
| |
|
| |
|
A security vulnerability has been found in the Linux kernel code handling 64bit file offset pointers.
Any process may exploit the bug to read huge parts of kernel memory.
|
| |
|
| |
|
Release:
|
April 20, 2004
|
| |
Synopsis:
|
Linux kernel setsockopt MCAST_MSFILTER integer overflow
|
| |
Product:
|
Linux kernel 2.4.22 - 2.4.25, 2.6.1 - 2.6.3
|
| |
Author: |
Paul Starzetz ( paul@isec.pl)
| |
| |
|
Wojciech Purczynski ( cliph@isec.pl)
| |
| |
|
| |
|
A critical security vulnerability has been found in the Linux kernel in
the ip_setsockopt() function code. Proper exploitation of this vulnerability leads to local privilege
escalation giving an attacker full super-user privileges.
|
| |
|
| |
|
Release:
|
February 18, 2004
|
|
Updated:
|
March 1, 2004
|
| |
Synopsis:
|
Linux kernel do_mremap VMA limit local privilege escalation vulnerability
|
| |
Product:
|
Linux kernel 2.2 up to 2.2.25, 2.4 up to 2.4.24, 2.6 up to 2.6.2
|
| |
Author: |
Paul Starzetz ( paul@isec.pl)
| |
| |
|
| |
|
A critical security vulnerability has been found in the Linux kernel memory management code inside the mremap(2) system
call due to missing function return value check. This bug is completely unrelated to the mremap bug disclosed on
05.01.2004 except concerning the same internal kernel function code.
|
| |
|
| |
|
Release:
|
January 5, 2004
|
|
Updated:
|
January 15, 2004
|
| |
Synopsis:
|
Linux kernel do_mremap() local privilege escalation vulnerability
|
| |
Product:
|
Linux kernel 2.4 and 2.6 series
|
| |
Author: |
Paul Starzetz ( paul@isec.pl)
| |
| |
|
Wojciech Purczynski ( cliph@isec.pl)
| |
| |
|
| |
|
A critical security vulnerability has been found in the Linux kernel
memory management code in mremap(2) system call due to incorrect bound
checks.
|
| |
|
| |
