Showing posts with label integer overflow. Show all posts
Showing posts with label integer overflow. Show all posts
Wednesday, November 29, 2006
MOKB-29-11-2006: Linux 2.6.7 - 2.6.18.3 get_fdb_entries() Integer Overflow
Linux 2.6.7 - 2.6.18.3 get_fdb_entries() function is vulnerable to an integer overflow condition. This could be abused to force memory allocation of an attacker controlled size. Successful exploitation could allow arbitrary code execution.
Sunday, November 26, 2006
MOKB-26-11-2006: Mac OS X Universal Binary Loading Memory Corruption
Mac OS X fails to properly handle corrupted Universal Binaries, leading to an exploitable memory corruption condition with potential risk of kernel-mode arbitrary code execution. This particular vulnerability is caused by an integer overflow in the fatfile_getarch2() function. Local unprivileged users can abuse this issue with specially crafted Mach-O 'Universal' binaries.
- More details and debugging information
- Proof of concept: MOKB-26-11-2006.bz2
Friday, November 03, 2006
MOKB-03-11-2006: FreeBSD 6.1 UFS filesystem ffs_mountfs() integer overflow
The UFS filesystem handling code of the FreeBSD 6.1 kernel fails to properly handle corrupted data structures, leading to exploitable memory corruption (DoS) issues and possible arbitrary code execution. This particular vulnerability is caused by an integer overflow at ffs_mountfs() function.
More details:
More details:
Subscribe to:
Posts (Atom)