lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <4D51B1C6.7090400@kernelhacking.com> Date: Tue, 08 Feb 2011 19:12:38 -0200 From: "Rodrigo Rubira Branco (BSDaemon)" <rodrigo@...nelhacking.com> To: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: CVE-2010-4435 - Multiple Vendor Calendar Manager Remote Code Execution Dear List, So finally all the vendors fixed this critical issue (remote code execution). As usual, here it goes the PoC to help in the exploitation. It works against all the affected vendors, so just adjust your payload and have fun! http://www.kernelhacking.com/rodrigo/exploits/cmsd_cve2010-4435.c Regards, Rodrigo (BSDaemon). _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists