JON.OBERHEIDE.ORG
Advisories
I've recently started posting some of my exploits publicly.
- CVE-2011-1352 - Android < 2.3.6 PowerVR SGX Privilege Escalation Exploit
- CVE-2011-???? - Linux Kernel grsecurity < 201109142336 Kernel Memory Disclosure
- CVE-2010-4347 - Linux Kernel < 2.6.37-rc2 ACPI custom_method Privilege Escalation Exploit
- CVE-2010-4073 - Linux Kernel < 2.6.37-rc1 compat_sys_semctl 92-Byte Stack Disclosure
- CVE-2010-3848 - Linux Kernel < 2.6.36.2 Econet Privilege Escalation Exploit
- CVE-2010-3437 - Linux Kernel < 2.6.36-rc6 pktcdvd Kernel Memory Disclosure
- CVE-2010-2959 - Linux Kernel < 2.6.36-rc1 CAN BCM Privilege Escalation Exploit
- CVE-2010-2693 - FreeBSD Kernel 7.x/8.x mbuf M_RDONLY Privilege Escalation
- CVE-2010-1173 - Linux Kernel <= 2.6.33.3 SCTP INIT Remote DoS
- CVE-2010-1146 - Linux Kernel <= 2.6.34-rc3 ReiserFS xattr Privilege Escalation
- CVE-2009-3002 - Linux Kernel < 2.6.31-rc7 AF_IRDA getsockname 29-Byte Stack Disclosure
- CVE-2009-3001 - Linux Kernel <= 2.6.31-rc7 AF_LLC getsockname 5-Byte Stack Disclosure
- CVE-2009-2910 - Linux Kernel <= 2.6.32-rc1 x86_64 Register Leak
- CVE-2009-2847 - Linux Kernel <= 2.6.31-rc5 sigaltstack 4-Byte Stack Disclosure
- CVE-2009-2844 - Linux Kernel < 2.6.30.5 cfg80211 Remote DoS
- CVE-2009-1386 - OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit
- CVE-2009-1378 - OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS
- CVE-2009-1185 - Linux Kernel 2.6 UDEV < 141 Local Privilege Escalation Exploit
- CVE-2009-0692 - ISC DHCP dhclient < 3.1.2p1 Remote Exploit
- CVE-2009-0360 - pam-krb5 < 3.13 Local Privilege Escalation Exploit
- CVE-2009-0036 - libvirt_proxy <= 0.5.1 Local Privilege Escalation Exploit
- CVE-2008-5377 - CUPS < 1.3.8-4 (pstopdf filter) Privilege Escalation Exploit
- CVE-2008-5081 - Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit
- CVE-2008-5079 - Linux Kernel <= 2.6.27.8 ATMSVC Local Denial of Service Exploit
- CVE-2008-4113 - Linux Kernel < 2.6.26.4 SCTP Kernel Memory Disclosure
- CVE-2008-3834 - D-Bus Daemon < 1.2.4 (libdbus) Denial of Service Exploit
- CVE-2007-1730 - Linux Kernel < 2.6.21 DCCP Kernel Memory Disclosure
- CVE-2005-4605 - Linux Kernel < 2.6.14.6 procfs Kernel Memory Disclosure
Duo Two-Factor Authentication
Recent Blog Posts
Twitter Updates
Upcoming Events
- RSA Conference - February 25th-28th - San Francisco, CA
- ZonCon - March 11th-13th - Seattle, WA