QwikSec

Security Database

CVE

CWE

Training

CVE-2007-0257

Published: Jan 16, 2007

Modified: Jan 17, 2025

PUBLISHED

Description

Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities." The developer also cites a past disclosure that was not proven. As of 20070120, the original researcher has released demonstration code

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_SECTRACK

http://www.digitalarmaments.com/pre2007-00018659.html

x_refsource_MISC

20070111 Digital Armaments Security Pre-Advisory 11.01.2007: Grsecurity Kernel PaX - Local root vulnerability

mailing-list

x_refsource_BUGTRAQ

20070112 Lies? [Was: Re: Digital Armaments Security Pre-Advisory11.01.2007: Grsecurity Kernel PaX - Local root vulnerability]

mailing-list

x_refsource_BUGTRAQ

20070309 Re: Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability

mailing-list

x_refsource_BUGTRAQ

http://www.digitalarmaments.com/news_news.shtml

x_refsource_MISC

http://grsecurity.net/news.php#digitalfud

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_BID

http://forums.grsecurity.net/viewtopic.php?t=1646

x_refsource_MISC

20070120 Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.