exploit the possibilities
Showing 1 - 10 of 10 RSS Feed

CVE-2009-2692

Status Candidate

Overview

The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.

Related Files

Symantec Messaging Gateway Backdoor / Privilege Escalation
Posted Nov 30, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from backdoor account and privilege escalation vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2007-4573, CVE-2008-0009, CVE-2008-4210, CVE-2009-1046, CVE-2009-1337, CVE-2009-2692, CVE-2009-3547, CVE-2010-1146, CVE-2010-2959, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850, CVE-2010-3904, CVE-2010-4073, CVE-2010-4258, CVE-2010-4347
MD5 | e1a9b2ba54c980d0ecd312d2a5ed1672
Linux Kernel Sendpage Local Privilege Escalation
Posted Jul 19, 2012
Authored by Brad Spengler, Ramon de C Valle, Tavis Ormandy, Julien Tinnes, egypt | Site metasploit.com

The Linux kernel failed to properly initialize some entries the proto_ops struct for several protocols, leading to NULL being derefenced and used as a function pointer. By using mmap(2) to map page 0, an attacker can execute arbitrary code in the context of the kernel. Several public exploits exist for this vulnerability, including spender's wunderbar_emporium and rcvalle's ppc port, sock_sendpage.c. All Linux 2.4/2.6 versions since May 2001 are believed to be affected: 2.4.4 up to and including 2.4.37.4; 2.6.0 up to and including 2.6.30.4

tags | exploit, arbitrary, kernel, protocol, ppc
systems | linux
advisories | CVE-2009-2692
MD5 | 2592f40037078ac9737526c10644b4e9
VMware Security Advisory 2010-0010
Posted Jun 26, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory - Multiple security vulnerabilities have been addressed in the ESX 3.5 third party update for Service Console kernel.

tags | advisory, kernel, vulnerability
advisories | CVE-2008-5029, CVE-2008-5300, CVE-2009-1337, CVE-2009-1385, CVE-2009-1895, CVE-2009-2848, CVE-2009-3002, CVE-2009-3547, CVE-2009-2698, CVE-2009-2692
MD5 | e4196a7c8913b5f43c7453aff28107c4
Mandriva Linux Security Advisory 2009-233
Posted Sep 15, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-233 - The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation on a PF_PPPOX socket.

tags | advisory, arbitrary, kernel, local
systems | linux, mandriva
advisories | CVE-2009-2692
MD5 | 12c71e4b396c73d427feee3de43079c0
Linux 2.x sock_sendpage() Local Root
Posted Aug 18, 2009
Authored by Zinx | Site zenthought.org

Linux 2.x kernel sock_sendpage() local root exploit. Written to exploit kernels on Android released prior to August of 2009.

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2009-2692
MD5 | ef04c91c72156971a4a0b244c6d4c0b1
Mandriva Linux Security Advisory 2009-205
Posted Aug 18, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-205 - The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation on a PF_PPPOX socket.

tags | advisory, arbitrary, kernel, local
systems | linux, mandriva
advisories | CVE-2009-2692
MD5 | 11fc644d3411928431aacb42e69033d8
Debian Linux Security Advisory 1865-1
Posted Aug 17, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1865-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to denial of service or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2009-1385, CVE-2009-1389, CVE-2009-1630, CVE-2009-1633, CVE-2009-2692
MD5 | 2d8612b91e9eaedf5655af552d44b909
Debian Linux Security Advisory 1864-1
Posted Aug 17, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1864-1 - A vulnerability has been discovered in the Linux kernel that may lead to privilege escalation.

tags | advisory, kernel
systems | linux, debian
advisories | CVE-2009-2692
MD5 | 75d6f001ad41577772984e74bf2e2756
Debian Linux Security Advisory 1862-1
Posted Aug 15, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1862-1 - A vulnerability has been discovered in the Linux kernel that may lead to privilege escalation.

tags | advisory, kernel
systems | linux, debian
advisories | CVE-2009-2692
MD5 | 527f593800372b13bb5beb1f54e242eb
Linux NULL Pointer Dereference
Posted Aug 15, 2009
Authored by Przemyslaw Frasunek

Local root sock_sendpage() exploit for the Linux 2.x kernel. Versions 2.4.4 through 2.4.37.4 and 2.6.0 through 2.6.30.4 are affected.

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2009-2692
MD5 | 5dcca62a3c7951b4b7101baf7b71c4c9
Page 1 of 1
Back1Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    12 Files
  • 4
    Jul 4th
    1 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    25 Files
  • 7
    Jul 7th
    35 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close