anilkashyap01

2 exploits Active since Mar 2002

CVE-2002-0082 NOMISEC WRITEUP

Apache-SSL < 1.3.22+1.46 and mod_ssl < 2.8.7-1.3.23 - Remote Code Execution via Large Client Certificate

The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code via a large client certificate that is signed by a trusted Certificate Authority (CA), which produces a large serialized session.

View Code

CVE-2003-0127 NOMISEC WRITEUP

Linux kernel <2.2.25-2.4.21 - Privilege Escalation

The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.

View Code