The amd64_set_ldt() function in sys/amd64/amd64/sys_machdep.c in the FreeBSD kernel code is prone to an integer signedness error when processing a system call with specially crafted parameters originated from user space. This issue ultimately leads to a kernel heap overflow, which can be used by unprivileged local attackers to cause a kernel panic and crash the machine.
A vulnerability in the Network Driver Interface Standard (NDIS) implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to trigger buffer overflow. This allows unprivileged local user to cause an invalid dereference in kernel mode, which produces a BSoD.
This module exploits an integer overflow in "srvnet.sys" Windows driver by sending a crafted "Session Setup Request" SMBv2 packet to the Windows SMB Server logging mechanism.
This module exploits an assertion failure vulnerability in BIND 9 servers to cause a denial of service.
This module shuts down the XM Easy Personal FTP server.
This module shuts down the XM Easy Personal FTP server.
This module shuts down the XM Easy Personal FTP server.
This module shuts down the XM Easy Personal FTP server.
This module sends HTTP requests with specially crafted data making the ASP.NET subsystem consume lot of resources. This attack prevents the victim server from processing requests from legitimate clients and probably will make the server non-operational. The PATH parameter must point to a ASP.NET web page, wich they normally have a ".aspx" extension.
This module exploits a Windows kernel vulnerability by loading a fake keyboard layout through a call to "NtUserLoadKeyboardLayoutEx" function with crafted parameters. When the keyboard layout is processed by win32k.sys, it produces a kernel heap memory corruption.
Pagination
- Previous page
- Page 4
- Next page