Articles with tag: Buffer Overflow
POSTED BY: Patroklos Argyroudis / 23.05.2010

FreeBSD kernel NFS client local vulnerabilities

CENSUS ID:CENSUS-2010-0001
CVE ID:CVE-2010-2020
Affected Products:FreeBSD 8.0-RELEASE, 7.3-RELEASE, 7.2-RELEASE
Class:Improper Input Validation (CWE-20)
Remote:No
Discovered by:Patroklos Argyroudis

We have discovered two improper input validation vulnerabilities in the FreeBSD kernel’s NFS client-side implementation (FreeBSD 8.0-RELEASE, 7.3-RELEASE and 7.2-RELEASE) that allow local unprivileged users to escalate their privileges, or to crash the system by performing a denial of service attack.


POSTED BY: Patroklos Argyroudis / 02.12.2009

CoreHTTP web server off-by-one buffer overflow vulnerability

CENSUS ID:CENSUS-2009-0003
CVE ID:CVE-2009-3586
Affected Products:CoreHTTP web server versions ≤ 0.5.3.1.
Class:Improper Input Validation (CWE-20), Failure to Constrain Operations within the Bounds of a Memory Buffer (CWE-119)
Remote:Yes
Discovered by:Patroklos Argyroudis

We have discovered a remotely exploitable “improper input validation” vulnerability in the CoreHTTP web server that leads to an off-by-one stack buffer overflow. The vulnerability can lead to denial of service attacks against the web server and potentially to the remote execution of arbitrary code with the privileges of the user running the server.


POSTED BY: Patroklos Argyroudis / 01.12.2009

Linux kernel SUNRPC off-by-two buffer overflow

CENSUS ID:CENSUS-2009-0005
Affected Products:Linux kernel versions from 2.6.32 to 2.6.32-rc7.
Class:Off-by-two stack buffer overflow.
Discovered by:Patroklos Argyroudis

We have found an off-by-two stack buffer overflow in the Linux kernel SUNRPC implementation. Linux kernel versions from 2.6.32 to 2.6.32-rc7 are affected.


POSTED BY: Patroklos Argyroudis / 14.10.2009

gif2png command line buffer overflow

CENSUS ID:CENSUS-2009-0006
CVE ID:CVE-2009-5018
Affected Products:gif2png versions ≤ 2.5.1.
Class:Improper Input Validation (CWE-20), Failure to Constrain Operations within the Bounds of a Memory Buffer (CWE-119)
Remote:Yes (when gif2png is used by CGI programs)
Discovered by:Patroklos Argyroudis

We have discovered an “improper input validation” vulnerability in the gif2png utility that leads to a stack buffer overflow.