Qualys Security Advisory CVE-2015-0235
GHOST: glibc gethostbyname buffer overflow
--[ Contents ]
1 - Summary
2 - Analysis
3 - Mitigating factors
4 - Case studies
5 - Exploitation
6 - Acknowledgments
--[ 1 - Summary
Hello, it is July 23, 2015, 17:00 UTC, the Coordinated Release Date for
CVE-2015-3245 and CVE-2015-3246. Please find our advisory below, and
our exploit attached.
Qualys Security Advisory
CVE-2015-3245 userhelper chfn() newline filtering
CVE-2015-3246 libuser passwd file handling
Qualys Security Advisory
LibreSSL (CVE-2015-5333 and CVE-2015-5334)
Contents
Summary
Memory Leak (CVE-2015-5333)
Buffer Overflow (CVE-2015-5334
(Sorry for the "CVE-2015-ABCD" place-holders in the report, but
OpenSMTPD's developers were ready with the patches before MITRE was
ready with the CVE-IDs.)
Qualys Security Advisory
OpenSMTPD Audit Report
===
Qualys Security Advisory
Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778
Contents
Summary
Information Leak (CVE-2016-0777
Qualys Security Advisory
Linux PIE/stack corruption (CVE-2017-1000253)
Contents
Summary
Analysis
Exploitation
Acknowledgments
Qualys Security Advisory
Procps-ng Audit Report
Contents
Summary
1. FUSE-backed /proc/PID/cmdline
2. Unprivileged process hiding
3. Local Privilege
Qualys Security Advisory
Mutagen Astronomy: Integer overflow in Linux's create_elf_tables()
(CVE-2018-14634)
Contents
Summary
Analysis
Exploitation
Qualys Security Advisory
System Down: A systemd-journald exploit
Contents
Summary
CVE-2018-16864
- Analysis
- Exploitation
CVE-2018-16865
;ssh 127.0.0.1", but alternative methods can be implemented
("utempter" and "gnome-pty-helper", for example).
- To test the default information-leak method even if "No journal files
were opened due to insufficient permissions", it is enough to create
/var/log/
Qualys Security Advisory
Local Privilege Escalation in OpenBSD's dynamic loader (CVE-2019-19726)
==
Contents
==
Summary
Analysis
Qualys Security Advisory
Authentication vulnerabilities in OpenBSD
==
Contents
==
1. CVE-2019-19521: Authentication bypass
1.1. Analysis
Qualys Security Advisory
LPE and RCE in OpenSMTPD's default install (CVE-2020-8794)
==
Contents
==
Summary
Analysis
...
Acknowledgments
Qualys Security Advisory
Local information disclosure in OpenSMTPD (CVE-2020-8793)
==
Contents
==
Summary
Analysis
Exploitation
POKE 47196
Qualys Security Advisory
LPE and RCE in OpenSMTPD (CVE-2020-7247)
==
Contents
==
Summary
Analysis
Exploitation
Acknowledgments
15 matches
Mail list logo