exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Juan Pablo Martinez Kuhn

Core Security Technologies Advisory 2004.0714

Posted Aug 10, 2004

Authored by Core Security Technologies, Juan Pablo Martinez Kuhn | Site coresecurity.com

Core Security Technologies Advisory ID: CORE-2004-0714 - Cfengine is susceptible to multiple vulnerabilities. Two were found in cfservd, a daemon which acts as both a file server and a remote cfagent executor. This daemon authenticates requests from the network and processes them. If exploited, the first vulnerability allows an attacker to execute arbitrary code with those privileges of root. The second vulnerability allows an attacker to crash the server, denying service to further requests. These vulnerabilities are present in versions 2.0.0 to 2.1.7p1 of cfservd.

tags | advisory, remote, arbitrary, root, vulnerability

SHA-256 | 972d6fe44e1fb797e09e548c7999686a7e9c3eebf006c0c00a601a175aa174e5

Download | Favorite | View

core.db2.txt

Posted Sep 18, 2003

Authored by Juan Pablo Martinez Kuhn | Site coresecurity.com

Core Security Technologies Advisory ID: CORE-2003-0531 - IBM DB2 Universal Data Base v7.2 for Linux/s390 has two binaries in a default install which are setuid to root and have owner and group execute capabilities. These binaries are vulnerable to buffer overflow attacks from a local user that is in the same group.

tags | advisory, overflow, local, root

systems | linux

advisories | CVE-2003-0758, CVE-2003-0759

SHA-256 | 230169f15f23404e9986d75dff6bf3eea592ff6e1d121c14056dd29c97fc181c

Download | Favorite | View