[FD] Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow

2015-01-27 Thread Qualys Security Advisory
Qualys Security Advisory CVE-2015-0235 GHOST: glibc gethostbyname buffer overflow --[ Contents ] 1 - Summary 2 - Analysis 3 - Mitigating factors 4 - Case studies 5 - Exploitation 6 - Acknowledgments --[ 1 - Summary

[FD] Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser

2015-07-23 Thread Qualys Security Advisory
Hello, it is July 23, 2015, 17:00 UTC, the Coordinated Release Date for CVE-2015-3245 and CVE-2015-3246. Please find our advisory below, and our exploit attached. Qualys Security Advisory CVE-2015-3245 userhelper chfn() newline filtering CVE-2015-3246 libuser passwd file handling

[FD] Qualys Security Advisory - OpenSMTPD Audit Report

2015-10-05 Thread Qualys Security Advisory
(Sorry for the "CVE-2015-ABCD" place-holders in the report, but OpenSMTPD's developers were ready with the patches before MITRE was ready with the CVE-IDs.) Qualys Security Advisory OpenSMTPD Audit Report ===

[FD] Qualys Security Advisory - CVE-2017-1000367 in Sudo's get_process_ttyname() for Linux

2017-06-02 Thread Qualys Security Advisory
Qualys Security Advisory CVE-2017-1000367 in Sudo's get_process_ttyname() for Linux Contents Analysis Exploitation Example Acknowledgments

[FD] Qualys Security Advisory - Buffer overflow in glibc's ld.so

2017-12-12 Thread Qualys Security Advisory
Qualys Security Advisory Buffer overflow in glibc's ld.so Contents Summary Memory Leak Buffer Overflow Exploitation Acknowledgments

[FD] Qualys Security Advisory - Procps-ng Audit Report

2018-05-28 Thread Qualys Security Advisory
Qualys Security Advisory Procps-ng Audit Report Contents Summary 1. FUSE-backed /proc/PID/cmdline 2. Unprivileged process hiding 3. Local

[FD] Integer overflow in Linux's create_elf_tables() (CVE-2018-14634)

2018-09-28 Thread Qualys Security Advisory
Qualys Security Advisory Mutagen Astronomy: Integer overflow in Linux's create_elf_tables() (CVE-2018-14634) Contents Summary Analysis Exploitation

[FD] System Down: A systemd-journald exploit

2019-01-11 Thread Qualys Security Advisory
Qualys Security Advisory System Down: A systemd-journald exploit Contents Summary CVE-2018-16864 - Analysis - Exploitation CVE-2018-16865

[FD] The Return of the WIZard: RCE in Exim (CVE-2019-10149)

2019-06-11 Thread Qualys Security Advisory
Qualys Security Advisory The Return of the WIZard: RCE in Exim (CVE-2019-10149) Contents Summary Local exploitation Remote exploitation - Non

Re: [FD] System Down: A systemd-journald exploit

2019-05-13 Thread Qualys Security Advisory
;ssh 127.0.0.1", but alternative methods can be implemented ("utempter" and "gnome-pty-helper", for example). - To test the default information-leak method even if "No journal files were opened due to insufficient permissions", it is enough to create /var/log/

[FD] Local Privilege Escalation in OpenBSD's dynamic loader (CVE-2019-19726)

2019-12-13 Thread Qualys Security Advisory
Qualys Security Advisory Local Privilege Escalation in OpenBSD's dynamic loader (CVE-2019-19726) == Contents == Summary Analysis

[FD] Authentication vulnerabilities in OpenBSD

2019-12-06 Thread Qualys Security Advisory
Qualys Security Advisory Authentication vulnerabilities in OpenBSD == Contents == 1. CVE-2019-19521: Authentication bypass 1.1. Analysis

[FD] Local information disclosure in OpenSMTPD (CVE-2020-8793)

2020-02-27 Thread Qualys Security Advisory
Qualys Security Advisory Local information disclosure in OpenSMTPD (CVE-2020-8793) == Contents == Summary Analysis Exploitation POKE 47196

[FD] LPE and RCE in OpenSMTPD's default install (CVE-2020-8794)

2020-02-28 Thread Qualys Security Advisory
Qualys Security Advisory LPE and RCE in OpenSMTPD's default install (CVE-2020-8794) == Contents == Summary Analysis ... Acknowledgments

[FD] LPE and RCE in OpenSMTPD (CVE-2020-7247)

2020-01-31 Thread Qualys Security Advisory
Qualys Security Advisory LPE and RCE in OpenSMTPD (CVE-2020-7247) == Contents == Summary Analysis Exploitation Acknowledgments

[FD] Remote Code Execution in qmail (CVE-2005-1513)

2020-05-22 Thread Qualys Security Advisory
Qualys Security Advisory 15 years later: Remote Code Execution in qmail (CVE-2005-1513) Contents Summary Analysis Exploitation qmail-verify - CVE

Re: [FD] Remote Code Execution in qmail (CVE-2005-1513)

2020-06-23 Thread Qualys Security Advisory
quot;/var/lib/qmail/control/me" on the target machine (and hence the hostname in qmail's SMTP banner). - "server_ip": the IP address of the target machine. - "-d homedir": the home directory of the target user, if known (otherwise, the exploit uses a reasonable def