Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow

2015-01-27 Thread Qualys Security Advisory
Qualys Security Advisory CVE-2015-0235 GHOST: glibc gethostbyname buffer overflow --[ Contents ] 1 - Summary 2 - Analysis 3 - Mitigating factors 4 - Case studies 5 - Exploitation 6 - Acknowledgments --[ 1 - Summary

Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser

2015-07-23 Thread Qualys Security Advisory
Hello, it is July 23, 2015, 17:00 UTC, the Coordinated Release Date for CVE-2015-3245 and CVE-2015-3246. Please find our advisory below, and our exploit attached. Qualys Security Advisory CVE-2015-3245 userhelper chfn() newline filtering CVE-2015-3246 libuser passwd file handling

Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334)

2015-10-16 Thread Qualys Security Advisory
Qualys Security Advisory LibreSSL (CVE-2015-5333 and CVE-2015-5334) Contents Summary Memory Leak (CVE-2015-5333) Buffer Overflow (CVE-2015-5334

Qualys Security Advisory - OpenSMTPD Audit Report

2015-10-05 Thread Qualys Security Advisory
(Sorry for the "CVE-2015-ABCD" place-holders in the report, but OpenSMTPD's developers were ready with the patches before MITRE was ready with the CVE-IDs.) Qualys Security Advisory OpenSMTPD Audit Report ===

Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778

2016-01-14 Thread Qualys Security Advisory
Qualys Security Advisory Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 Contents Summary Information Leak (CVE-2016-0777

Qualys Security Advisory - Linux PIE/stack corruption (CVE-2017-1000253)

2017-09-26 Thread Qualys Security Advisory
Qualys Security Advisory Linux PIE/stack corruption (CVE-2017-1000253) Contents Summary Analysis Exploitation Acknowledgments

Qualys Security Advisory - Procps-ng Audit Report

2018-05-21 Thread Qualys Security Advisory
Qualys Security Advisory Procps-ng Audit Report Contents Summary 1. FUSE-backed /proc/PID/cmdline 2. Unprivileged process hiding 3. Local Privilege

Integer overflow in Linux's create_elf_tables() (CVE-2018-14634)

2018-09-26 Thread Qualys Security Advisory
Qualys Security Advisory Mutagen Astronomy: Integer overflow in Linux's create_elf_tables() (CVE-2018-14634) Contents Summary Analysis Exploitation

System Down: A systemd-journald exploit

2019-01-09 Thread Qualys Security Advisory
Qualys Security Advisory System Down: A systemd-journald exploit Contents Summary CVE-2018-16864 - Analysis - Exploitation CVE-2018-16865

Re: System Down: A systemd-journald exploit

2019-05-13 Thread Qualys Security Advisory
;ssh 127.0.0.1", but alternative methods can be implemented ("utempter" and "gnome-pty-helper", for example). - To test the default information-leak method even if "No journal files were opened due to insufficient permissions", it is enough to create /var/log/

Local Privilege Escalation in OpenBSD's dynamic loader (CVE-2019-19726)

2019-12-12 Thread Qualys Security Advisory
Qualys Security Advisory Local Privilege Escalation in OpenBSD's dynamic loader (CVE-2019-19726) == Contents == Summary Analysis

Authentication vulnerabilities in OpenBSD

2019-12-05 Thread Qualys Security Advisory
Qualys Security Advisory Authentication vulnerabilities in OpenBSD == Contents == 1. CVE-2019-19521: Authentication bypass 1.1. Analysis

LPE and RCE in OpenSMTPD's default install (CVE-2020-8794)

2020-02-25 Thread Qualys Security Advisory
Qualys Security Advisory LPE and RCE in OpenSMTPD's default install (CVE-2020-8794) == Contents == Summary Analysis ... Acknowledgments

Local information disclosure in OpenSMTPD (CVE-2020-8793)

2020-02-25 Thread Qualys Security Advisory
Qualys Security Advisory Local information disclosure in OpenSMTPD (CVE-2020-8793) == Contents == Summary Analysis Exploitation POKE 47196

LPE and RCE in OpenSMTPD (CVE-2020-7247)

2020-01-29 Thread Qualys Security Advisory
Qualys Security Advisory LPE and RCE in OpenSMTPD (CVE-2020-7247) == Contents == Summary Analysis Exploitation Acknowledgments