what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2009-2692

Status Candidate

Overview

The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.

Related Files

Symantec Messaging Gateway Backdoor / Privilege Escalation
Posted Nov 30, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from backdoor account and privilege escalation vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2007-4573, CVE-2008-0009, CVE-2008-4210, CVE-2009-1046, CVE-2009-1337, CVE-2009-2692, CVE-2009-3547, CVE-2010-1146, CVE-2010-2959, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850, CVE-2010-3904, CVE-2010-4073, CVE-2010-4258, CVE-2010-4347
SHA-256 | 0037358302ea3ef9e579ea39b29f6aeedaab8ea3fd730436e1fe43363d09f8dc
Linux Kernel Sendpage Local Privilege Escalation
Posted Jul 19, 2012
Authored by Brad Spengler, Ramon de C Valle, Tavis Ormandy, Julien Tinnes, egypt | Site metasploit.com

The Linux kernel failed to properly initialize some entries the proto_ops struct for several protocols, leading to NULL being derefenced and used as a function pointer. By using mmap(2) to map page 0, an attacker can execute arbitrary code in the context of the kernel. Several public exploits exist for this vulnerability, including spender's wunderbar_emporium and rcvalle's ppc port, sock_sendpage.c. All Linux 2.4/2.6 versions since May 2001 are believed to be affected: 2.4.4 up to and including 2.4.37.4; 2.6.0 up to and including 2.6.30.4

tags | exploit, arbitrary, kernel, protocol, ppc
systems | linux
advisories | CVE-2009-2692
SHA-256 | 9bd69f05ada8cee6b76af8cc4636ab3a3a49a49bfad809f7b97fefaea4e48bb0
VMware Security Advisory 2010-0010
Posted Jun 26, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory - Multiple security vulnerabilities have been addressed in the ESX 3.5 third party update for Service Console kernel.

tags | advisory, kernel, vulnerability
advisories | CVE-2008-5029, CVE-2008-5300, CVE-2009-1337, CVE-2009-1385, CVE-2009-1895, CVE-2009-2848, CVE-2009-3002, CVE-2009-3547, CVE-2009-2698, CVE-2009-2692
SHA-256 | aa1a26637b1e580254f4bbb305140b8c04268ad3825842369f0d59c42358231a
Mandriva Linux Security Advisory 2009-233
Posted Sep 15, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-233 - The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation on a PF_PPPOX socket.

tags | advisory, arbitrary, kernel, local
systems | linux, mandriva
advisories | CVE-2009-2692
SHA-256 | be7a8c109bb4611b2a018b9206daaa39e696dab75610bab5f291ba7c26909e34
Linux 2.x sock_sendpage() Local Root
Posted Aug 18, 2009
Authored by Zinx | Site zenthought.org

Linux 2.x kernel sock_sendpage() local root exploit. Written to exploit kernels on Android released prior to August of 2009.

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2009-2692
SHA-256 | fd16f6a447a65587cb5e3d1d2098b300f6f3adc7d0b25f1f47293e1ea78c3458
Mandriva Linux Security Advisory 2009-205
Posted Aug 18, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-205 - The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation on a PF_PPPOX socket.

tags | advisory, arbitrary, kernel, local
systems | linux, mandriva
advisories | CVE-2009-2692
SHA-256 | 1cce88a0c92394ce0d0eb2b172b291b95970d0a7adaea11291782f02e7f0af60
Debian Linux Security Advisory 1865-1
Posted Aug 17, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1865-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to denial of service or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2009-1385, CVE-2009-1389, CVE-2009-1630, CVE-2009-1633, CVE-2009-2692
SHA-256 | fcae27437b2b0fdbfe3736c4335096431f370e8341becfdced7a741ef6ea4579
Debian Linux Security Advisory 1864-1
Posted Aug 17, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1864-1 - A vulnerability has been discovered in the Linux kernel that may lead to privilege escalation.

tags | advisory, kernel
systems | linux, debian
advisories | CVE-2009-2692
SHA-256 | 009ec0aca4015d32052a8fcf82a6d204c1a7ab6c9be5da98346d1d83ee133a6d
Debian Linux Security Advisory 1862-1
Posted Aug 15, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1862-1 - A vulnerability has been discovered in the Linux kernel that may lead to privilege escalation.

tags | advisory, kernel
systems | linux, debian
advisories | CVE-2009-2692
SHA-256 | ee03984f78e4ddfab0750a75c78f010f203c4cd1a6a8ac0e7fd4ae37e1d6ba45
Linux NULL Pointer Dereference
Posted Aug 15, 2009
Authored by Przemyslaw Frasunek

Local root sock_sendpage() exploit for the Linux 2.x kernel. Versions 2.4.4 through 2.4.37.4 and 2.6.0 through 2.6.30.4 are affected.

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2009-2692
SHA-256 | f42dfe47cb863d9dbaea5fa4a84ad6b25e92ec217b82a576a639573e9e4f98ef
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close