hibomaのブックマーク - はてなブックマーク

oss-sec: Re: CVE-2019-5736: runc container breakout (all versions)

hiboma 2019/02/13

リンク

oss-sec: CVE-2019-5736: runc container breakout (all versions)

CVE-2019-5736: runc container breakout (all versions) From: Aleksa Sarai <cyphar () cyphar com> Date: Tue, 12 Feb 2019 00:05:20 +1100 [[ Patch CRD: 2019-02-11 15:00 CET ]] [[ Exploit Code CRD: 2019-02-18 15:00 CET ]] Hello, I am one of the maintainers of runc (the underlying container runtime underneath Docker, cri-o, containerd, Kubernetes, and so on). We recently had a vulnerability reported whi

hiboma 2019/02/11

2get

リンク

oss-sec: Apache web server use after free bugs (unfixed)

hiboma 2019/01/21

リンク

oss-sec: Re: KASAN stack out of bound bug

hiboma 2019/01/09

> And no need to post all syzbot issues to security@, that doesn't make sense, just send them to the correct mailing lists and developers so they can work to resolve them. Like the other people who use this tool do.

リンク

oss-sec: CVE-2018-6554 and CVE-2018-6555: Linux kernel: irda memory leak and use after free

CVE-2018-6554 and CVE-2018-6555: Linux kernel: irda memory leak and use after free From: Tyler Hicks <tyhicks () canonical com> Date: Tue, 4 Sep 2018 11:47:06 -0500 Two issues were discovered in the irda subsystem within the Linux kernel. The irda subsystem has been removed from the upstream kernel starting in v4.17 but it is present in many distro kernels and the stable kernel tree. Memory leak i

hiboma 2018/09/05

AF_IRDA + bind(2) で slab ( kmalloc-96 ) がリークする. PoC 書いて検証済み

リンク

oss-sec: Re: Linux kernel: FS_IOC_FSSETXATTR will lead to EXT4-fs shut down

hiboma 2018/08/28

わろた. fuzzzing してて正規のパラメータを引き当ててる

リンク

oss-sec: Linux kernel: FS_IOC_FSSETXATTR will lead to EXT4-fs shut down

hiboma 2018/08/28

linux

リンク

oss-sec: CVE-2017-5123 Linux kernel v4.13 waitid() not calling access_ok()

hiboma 2017/10/13

https://github.com/torvalds/linux/commit/96ca579a1ecc943b75beba58bebb0356f6cc4b51

リンク

tcpdump: capturing the netlink socket on Linux

capturing the netlink socket on Linux From: Michael Richardson <mcr () sandelman ca> Date: Thu, 23 Oct 2014 14:29:31 -0400 Please correct my understanding. The libpcap/pcap-netfilter-linux.c file is about capturing NFLOG packets from the netlink socket, i.e. ones that came from netfilter's --log target. On the other hand, we have: /* * Link-layer header type for the netlink protocol (nlmon devices

hiboma 2017/02/14

リンク

Full Disclosure: Apache 2.2.17 exploit?

hiboma 2011/10/04

動くのかな

リンク

Full Disclosure: Vulnerability in multiple themes for Drupal

hiboma 2011/10/03

リンク

Full Disclosure: sshd logins without a source

hiboma 2011/09/27

ソースIPの無いsshdログイン -> ログ,wtmp,utmpの書き換え

security

リンク

Full Disclosure: XSS and FPD vulnerabilities in Adobe ColdFusion

hiboma 2011/09/27

cf7,cf9 管理画面

リンク

Full Disclosure: Possibility to exploit bash "*" processing

hiboma 2011/09/21

touch -- -f -r , rm * であぼーんみたいな。脆弱性というより落とし穴

リンク

Full Disclosure: Apache Killer

Apache Killer From: "HI-TECH ." <isowarez.isowarez.isowarez () googlemail com> Date: Sat, 20 Aug 2011 00:23:26 +0200 (see attachment) /Kingcope Attachment: killapache.pl Description: _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ Current thread:

hiboma 2011/08/25

リンク

はてなブックマーク

タグ

ブックマーク / seclists.org (15)

お知らせ

今週のはてなブックマーク数ランキング（2024年6月第2週）

月間はてなブックマーク数ランキング（2024年5月）

今週のはてなブックマーク数ランキング（2024年6月第1週）

公式Twitter

キーボードショートカット一覧

はてなブックマーク

公式Twitter

はてなのサービス