what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2014-0004

Status Candidate

Overview

Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.

Related Files

Mandriva Linux Security Advisory 2015-088
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-088 - A flaw was found in the way udisks and udisks2 handled long path names. A malicious, local user could use this flaw to create a specially-crafted directory structure that could lead to arbitrary code execution with the privileges of the udisks daemon.

tags | advisory, arbitrary, local, code execution
systems | linux, mandriva
advisories | CVE-2014-0004
SHA-256 | 89427775961b055b7bc854212860e0b2ce0aed3a1fb8aec848745d9bd506973a
Gentoo Linux Security Advisory 201405-01
Posted May 2, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201405-1 - A stack-based buffer overflow vulnerability has been found in udisks, allowing a local attacker to possibly execute arbitrary code or cause Denial of Service. Versions less than 2.1.3 are affected.

tags | advisory, denial of service, overflow, arbitrary, local
systems | linux, gentoo
advisories | CVE-2014-0004
SHA-256 | 3a95734b4851905fc4f07042772fc641bfdfa404cd9daa72cfb07218bab2350e
Mandriva Linux Security Advisory 2014-064
Posted Mar 17, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-064 - A flaw was found in the way udisks and udisks2 handled long path names. A malicious, local user could use this flaw to create a specially-crafted directory structure that could lead to arbitrary code execution with the privileges of the udisks daemon.

tags | advisory, arbitrary, local, code execution
systems | linux, mandriva
advisories | CVE-2014-0004
SHA-256 | b0b7c0634a5a2ff783abfae0a2fb6403ec56da0680c7b51ed9eb341cd8a07205
Red Hat Security Advisory 2014-0293-01
Posted Mar 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0293-01 - The udisks package provides a daemon, a D-Bus API, and command line utilities for managing disks and storage devices. A stack-based buffer overflow flaw was found in the way udisks handled files with long path names. A malicious, local user could use this flaw to create a specially crafted directory structure that, when processed by the udisks daemon, could lead to arbitrary code execution with the privileges of the udisks daemon. This issue was discovered by Florian Weimer of the Red Hat Product Security Team.

tags | advisory, overflow, arbitrary, local, code execution
systems | linux, redhat
advisories | CVE-2014-0004
SHA-256 | 5d90c2ffd8ed8370885c882a091d1e810658d6c9577a1d0b2a5ecd31866b6e27
Slackware Security Advisory - udisks, udisks2 Updates
Posted Mar 11, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New udisks and udisks2 packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-0004
SHA-256 | 06d665d1474edcbae86420d67bd52d22f4d130c855f4494f80057f726438ac5a
Debian Security Advisory 2872-1
Posted Mar 10, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2872-1 - Florian Weimer discovered a buffer overflow in udisks's mount path parsing code which may result in privilege escalation.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2014-0004
SHA-256 | 3770672a72490b90d1d2d45d4d967b5f28593c522423e64579e22e602bf4d379
Ubuntu Security Notice USN-2142-1
Posted Mar 10, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2142-1 - Florian Weimer discovered that UDisks incorrectly handled certain long path names. A local attacker could use this issue to cause udisks to create certain directory structures, possibly leading to privilege escalation.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2014-0004
SHA-256 | 390e66bcde86a577bb810b745a889165575865a06ecd9f960604c396242acf44
Page 1 of 1
Back1Next

File Archive:

August 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    15 Files
  • 2
    Aug 2nd
    22 Files
  • 3
    Aug 3rd
    0 Files
  • 4
    Aug 4th
    0 Files
  • 5
    Aug 5th
    0 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close