|
255951
|
9.8 |
CRITICAL
Network
|
netbsd
|
netbsd
|
NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1000375
|
2024-11-21 12:04 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255952
|
7.0 |
HIGH
Local
|
redhat
debian
libffi_project
oracle
|
enterprise_virtualization_server
enterprise_linux
openshift
debian_linux
libffi
peopletools
|
libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1000376
|
2024-11-21 12:04 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255953
|
9.8 |
CRITICAL
Network
|
netbsd
|
netbsd
|
A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and po…
|
NVD-CWE-noinfo
|
CVE-2017-1000374
|
2024-11-21 12:04 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255954
|
6.5 |
MEDIUM
Network
|
openbsd
|
openbsd
|
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allo…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-1000373
|
2024-11-21 12:04 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255955
|
9.8 |
CRITICAL
Network
|
openbsd
|
openbsd
|
A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects Open…
|
NVD-CWE-noinfo
|
CVE-2017-1000372
|
2024-11-21 12:04 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255956
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated (the maximum under the 1/4 restriction) then t…
|
NVD-CWE-noinfo
|
CVE-2017-1000371
|
2024-11-21 12:04 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255957
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address…
|
NVD-CWE-noinfo
|
CVE-2017-1000370
|
2024-11-21 12:04 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255958
|
4.0 |
MEDIUM
Local
|
exim
debian
|
exim
debian_linux
|
Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2017-1000369
|
2024-11-21 12:04 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255959
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment poin…
|
NVD-CWE-noinfo
|
CVE-2017-1000365
|
2024-11-21 12:04 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255960
|
7.4 |
HIGH
Local
|
linux
|
linux_kernel
|
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this af…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1000364
|
2024-11-21 12:04 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
