ISEC: archival advisories
iSEC was founded in 2001 as iSEC Security Research group by four people interested in a wide range of computer and network security problems. Below you can find a selection of advisories published by us in early 2000s:
- Ecartis / Listar – multiple buffer overflows (2001)
- fileutils – race conditions (2002)
- libsafe – ineffective protection against format string exploit attacks (2002)
- Linux kernel – error in d_path (2002)
- PHP – bypass safe_mode and inject control chars with mail() (2002)
- ypxfrd – improper arguments validation (2002)
- BitKeeper – remote shell command execution and locally exploitable race condition (2002)
- /usr/bin/at – job name handling and race condition vulnerabilities (2003)
- 3com RAS 1500 – Remote vulnerabilities (2003)
- Linux nfs-utils xlog() – off-by-one bug (2003)
- wu-ftpd fb_realpath() – off-by-one bug (2003)
- Linux kernel do_brk() lacks argument bound checking (2003)
- Linux kernel do_mremap() – local privilege escalation (2004)
- Linux kernel do_mremap() – local privilege escalation (2004)
- Linux kernel do_mremap – VMA limit local privilege escalation (2004)
- Linux kernel setsockopt – MCAST_MSFILTER integer overflow (2004)
- Linux kernel – file offset pointer handling (2004)
- Linux kernel binfmt_elf – loader vulnerabilities (2004)
- Linux kernel IGMP – vulnerabilities (2004)
- Linux kernel scm_send – local DoS (2004)
- Heap overflow in Mozilla Browser <= 1.7.3 NNTP code (2004)
- Linux kernel uselib() – privilege elevation (2005)
- Linux kernel i386 SMP – page fault handler privilege escalation (2005)
- Linux kernel ELF – core dump privilege elevation (2005)
- Linux kernel – arbitrary signal to a child process (2007)
- Linux kernel – local system compromise (2007)
- Linux kernel – critical vulnerabilities in vmsplice() (2008)
- Windows XP 3 – arbitrary command execution (2007-2010)