CVE-2009-0342
https://notcve.org/view.php?id=CVE-2009-0342
Niels Provos Systrace before 1.6f on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 64-bit syscall with a syscall number that corresponds to a policy-compliant 32-bit syscall. Niels Provos Systrace anteriores a v1.6f en las plataformas Linux x86_64 permite a usuarios locales evitar las restricciones de acceso previstas mediante una syscal de 64 bit con un número de llamada correspondiente a una llamada de 32 bit. • http://scary.beasts.org/security/CESA-2009-001.html http://scarybeastsecurity.blogspot.com/2009/01/bypassing-syscall-filtering.html http://www.citi.umich.edu/u/provos/systrace http://www.securityfocus.com/archive/1/500377/100/0/threaded http://www.securityfocus.com/bid/33417 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2009-0343 – Systrace 1.x (Linux Kernel x64) - Aware Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-0343
Niels Provos Systrace 1.6f and earlier on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in monitoring 64-bit processes. Niels Provos Systrace v1.6f y anteriores en las plataformas Linux x86_64 permite a usuarios locales evitar las restricciones de acceso previstas, mediante una syscal de 32 bit, con un número correspondiente a una llamada de 64 bit. Relacionada con las condiciones de carrera en la monitorización de procesos de 64 bit. • https://www.exploit-db.com/exploits/32751 http://scary.beasts.org/security/CESA-2009-001.html http://scarybeastsecurity.blogspot.com/2009/01/bypassing-syscall-filtering.html http://www.citi.umich.edu/u/provos/systrace http://www.securityfocus.com/archive/1/500377/100/0/threaded http://www.securityfocus.com/bid/33417 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2007-1030
https://notcve.org/view.php?id=CVE-2007-1030
Niels Provos libevent 1.2 and 1.2a allows remote attackers to cause a denial of service (infinite loop) via a DNS response containing a label pointer that references its own offset. Niels Provos libevent 1.2 y 1.2a permite a atacantes remotos provocar denegación de servicio (bucle infinito) a través de una respuesta DNS que contiene una puntero de etiqueta que referencia a su propio offset. • http://monkey.org/~provos/libevent http://osvdb.org/33228 http://secunia.com/advisories/24181 http://securityreason.com/securityalert/2268 http://www.securityfocus.com/archive/1/460530/100/0/threaded http://www.securityfocus.com/bid/22606 http://www.vupen.com/english/advisories/2007/0647 •
CVE-2006-4292
https://notcve.org/view.php?id=CVE-2006-4292
Unspecified vulnerability in Niels Provos Honeyd before 1.5b allows remote attackers to cause a denial of service (application crash) via certain Address Resolution Protocol (ARP) packets. Vulnerabilidad no especificada en Niels Provos Honeyd anterior a 1.5b permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) mediante determinados paquetes ARP (Address Resolution Protocol). • http://secunia.com/advisories/21591 http://www.honeyd.org/release.php?version=1.5b http://www.securityfocus.com/bid/19614 http://www.vupen.com/english/advisories/2006/3329 https://exchange.xforce.ibmcloud.com/vulnerabilities/28480 •
CVE-2006-0752
https://notcve.org/view.php?id=CVE-2006-0752
Niels Provos Honeyd before 1.5 replies to certain illegal IP packet fragments that other IP stack implementations would drop, which allows remote attackers to identify IP addresses that are being simulated using honeyd. • http://secunia.com/advisories/18867 http://www.honeyd.org/adv.2006-01 http://www.honeyd.org/phpBB2/viewtopic.php?t=106 http://www.securityfocus.com/archive/1/425112/100/0/threaded http://www.securityfocus.com/bid/16595 http://www.vupen.com/english/advisories/2006/0552 https://exchange.xforce.ibmcloud.com/vulnerabilities/24728 •