8 results (0.005 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

illumos illumos-gate before 676abcb has a stack buffer overflow in /dev/net, leading to privilege escalation via a stat on a long file name in /dev/net. illumos illumos-gate antes de 676abcb tiene un Desbordamiento de Búfer en /dev/net, lo que lleva a la escalada de privilegios a través de una estadística en un nombre de archivo largo en /dev/net. • http://www.openwall.com/lists/oss-security/2023/09/13/4 http://www.openwall.com/lists/oss-security/2023/09/13/5 http://www.openwall.com/lists/oss-security/2023/09/14/4 https://github.com/illumos/illumos-gate/tree/16b76d3cb933ff92018a2a75594449010192eacb https://illumos.topicbox.com/groups/developer/T13ef186a53edeb5c-M821cc18b5884e04e16daa8fd/cve-2023-31284-buffer-overflow-in-dev-net • CWE-787: Out-of-bounds Write •

CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0

An issue was discovered in Illumos in Nexenta NexentaStor 4.0.5 and 5.1.2, and other products. The SMB server allows an attacker to have unintended access, e.g., an attacker with WRITE_XATTR can change permissions. This occurs because of a combination of three factors: ZFS extended attributes are used to implement NT named streams, the SMB protocol requires implementations to have open handle semantics similar to those of NTFS, and the SMB server passes along certain attribute requests to the underlying object (i.e., they are not considered to be requests that pertain to the named stream). Se descubrió un problema en Illumos en Nexenta NexentaStor 4.0.5 y 5.1.2 y otros productos. El servidor SMB permite que un atacante tenga acceso no deseado; por ejemplo, un atacante con WRITE_XATTR puede cambiar los permisos. • https://www.illumos.org/issues/10506 https://www.oracle.com/security-alerts/cpuapr2020.html •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 2

An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected. Se descubrió un problema en illumos antes de f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04 y SmartOS 20210923. Un usuario local sin privilegios puede provocar un punto muerto y pánico en el kernel mediante llamadas de cambio de nombre y rmdir manipuladas en sistemas de archivos tmpfs. • http://www.tribblix.org/relnotes.html https://github.com/illumos/illumos-gate/blob/069654420de4aade43c63c43cd2896e66945fc8a/usr/src/uts/common/fs/tmpfs/tmp_vnops.c https://github.com/illumos/illumos-gate/blob/b3403853e80914bd0aade9b5b605da4878078173/usr/src/uts/common/fs/tmpfs/tmp_dir.c https://github.com/illumos/illumos-gate/commit/f859e7171bb5db34321e45585839c6c3200ebb90 https://illumos.topicbox.com/groups/developer/T1c9e4f27f8c2f959/security-heads-up-illumos14424 https://jgardner100.wordpress.com/2022/01/20/security-heads-up • CWE-667: Improper Locking •

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c. Se detectó un problema en illumos antes del 22-10-2020, como es usado en OmniOS versiones anteriores a r151030by, r151032ay y r151034y y SmartOS versiones anteriores a 20201022. Se presenta un desbordamiento de búfer en la función parse_user_name en la biblioteca lib/libpam/pam_framework.c • https://github.com/illumos/illumos-gate/commit/1d276e0b382cf066dae93640746d8b4c54d15452 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

illumos smbsrv NULL pointer dereference allows system crash. Desreferencia illumos smbsrv puntero null permite caída del sistema. • http://www.securityfocus.com/bid/98079 https://github.com/illumos/illumos-gate/commit/6d1c73b5858fefc6161c7d686345f0dc887ea799 https://www.illumos.org/issues/7483 https://www.openindiana.org/2016/11/01/cve-2016-6560-cve-2016-6561-security-issues-in-illumos • CWE-476: NULL Pointer Dereference •