exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2010-3850

Status Candidate

Overview

The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call.

Related Files

Symantec Messaging Gateway Backdoor / Privilege Escalation
Posted Nov 30, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from backdoor account and privilege escalation vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2007-4573, CVE-2008-0009, CVE-2008-4210, CVE-2009-1046, CVE-2009-1337, CVE-2009-2692, CVE-2009-3547, CVE-2010-1146, CVE-2010-2959, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850, CVE-2010-3904, CVE-2010-4073, CVE-2010-4258, CVE-2010-4347
SHA-256 | 0037358302ea3ef9e579ea39b29f6aeedaab8ea3fd730436e1fe43363d09f8dc
Linux Kernel Econet Privilege Escalation
Posted Sep 6, 2011
Authored by Jon Oberheide

This exploit leverages three vulnerabilities to escalate privileges. The primary vulnerability is a kernel stack overflow, not a stack buffer overflow as the CVE description incorrectly states. This may be the first public exploit for a kernel stack overflow, and it turns out to be a bit tricky due to some particulars of the econet vulnerability. It involves the econet_sendmsg function, ec_dev_ioctl function, and the ipc subsystem. Linux kernel versions prior to 2.6.36.2 are affected.

tags | exploit, overflow, kernel, vulnerability
systems | linux
advisories | CVE-2010-3848, CVE-2010-3850, CVE-2010-4073
SHA-256 | 2d37f538eada970a47c67a722a79c8dce6b69007ccd606d4168c8d3c2c9a2c21
Ubuntu Security Notice USN-1119-1
Posted Apr 20, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1119-1 - Multiple security flaws have been fixed in the OMAP4 port of the Linux kernel.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2010-3849, CVE-2010-3850, CVE-2010-2954, CVE-2010-2955, CVE-2010-2960, CVE-2010-2962, CVE-2010-2963, CVE-2010-3079, CVE-2010-3080, CVE-2010-3081, CVE-2010-3437, CVE-2010-3705, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850, CVE-2010-3861, CVE-2010-3865, CVE-2010-3873, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3904, CVE-2010-4072, CVE-2010-4079, CVE-2010-4158, CVE-2010-4164, CVE-2010-4165, CVE-2010-4249
SHA-256 | ee2b27059547517c9b31d6346cedd7eacba9014e9eeb821192ed01e86e778b49
Ubuntu Security Notice USN-1093-1
Posted Mar 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1093-1 - Joel Becker discovered that OCFS2 did not correctly validate on-disk symlink structures. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. Eric Dumazet discovered that many network functions could leak kernel stack contents. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A large number of additional vulnerabilities have also been address.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2478, CVE-2010-2942, CVE-2010-2943, CVE-2010-2954, CVE-2010-2955, CVE-2010-2960, CVE-2010-2962, CVE-2010-2963, CVE-2010-3067, CVE-2010-3078, CVE-2010-3079, CVE-2010-3080, CVE-2010-3084, CVE-2010-3296, CVE-2010-3297, CVE-2010-3298, CVE-2010-3310, CVE-2010-3432, CVE-2010-3437, CVE-2010-3442, CVE-2010-3477, CVE-2010-3705, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850, CVE-2010-3858, CVE-2010-3859, CVE-2010-3861
SHA-256 | c0782ec52287eab8561329a78cec59713d72aef79fd6b9dd6d11304a47144159
Mandriva Linux Security Advisory 2011-051
Posted Mar 21, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-051 - The Linux 2.6 kernel has been updated to mitigate multiple vulnerabilities related to denial of service, arbitrary code execution, stack memory disclosure, restriction bypass, and more.

tags | advisory, denial of service, arbitrary, kernel, vulnerability, code execution
systems | linux, mandriva
advisories | CVE-2010-2240, CVE-2010-4165, CVE-2010-4072, CVE-2010-4073, CVE-2010-4083, CVE-2010-4078, CVE-2010-3297, CVE-2010-3437, CVE-2010-2946, CVE-2010-3310, CVE-2010-3067, CVE-2010-0007, CVE-2010-3875, CVE-2010-2248, CVE-2009-1895, CVE-2009-2768, CVE-2009-3726, CVE-2009-2698, CVE-2009-3080, CVE-2010-2521, CVE-2007-1592, CVE-2010-3850
SHA-256 | 4cde969b4cdb9c88d249a1bc077eb95b786a6396542e2655f3fdef84c6102638
Mandriva Linux Security Advisory 2010-257
Posted Dec 17, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-257 - The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service via a crafted exec system call, a related issue to CVE-2010-2240. drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device. Various other issues have been addressed as well.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, mandriva
advisories | CVE-2010-3858, CVE-2010-2963, CVE-2010-3067, CVE-2010-3442, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850
SHA-256 | 1e230666cbb1fc66c91156a8035fbdbdaca4fbe40c2a8ed95fd1ecd43722fa30
Linux Kernel 2.6.37 Local Privilege Escalation
Posted Dec 8, 2010
Authored by Dan Rosenberg

Linux kernel local privilege escalation exploit for versions 2.6.37 and below. It leverages three separate vulnerabilities to achieve root including a NULL pointer dereference, being able to assign arbitrary Econet addresses to arbitrary interfaces, and the ability to write a NULL word to an arbitrary kernel address.

tags | exploit, arbitrary, kernel, local, root, vulnerability
systems | linux
advisories | CVE-2010-4258, CVE-2010-3849, CVE-2010-3850
SHA-256 | 90c6bf981c13631f20aedf98e74ee2ce76bde194f9c594a64c300a938f3bfa47
Ubuntu Security Notice USN-1023-1
Posted Dec 1, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1023-1 - Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces.

tags | advisory, denial of service, overflow, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2010-3848, CVE-2010-3849, CVE-2010-3850
SHA-256 | c5ff5a6e5e4b198be085501cd53b40be735c01cd2e4a0d980f2a27f2b5713c47
Debian Security Advisory 2126-1
Posted Nov 29, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2126-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2010-2963, CVE-2010-3067, CVE-2010-3296, CVE-2010-3297, CVE-2010-3310, CVE-2010-3432, CVE-2010-3437, CVE-2010-3442, CVE-2010-3448, CVE-2010-3477, CVE-2010-3705, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850, CVE-2010-3858, CVE-2010-3859, CVE-2010-3873, CVE-2010-3874, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4072, CVE-2010-4073, CVE-2010-4074, CVE-2010-4078, CVE-2010-4079, CVE-2010-4080
SHA-256 | 652a215cfcfeaef0310226d8335344e5825dd30719bdba2815354e1a411557e6
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close