Lucene search
K

5986 matches found

CVE
CVE
added 2007/06/26 6:0 p.m.68 views

CVE-2007-0773

CVE-2007-0773 is a local kernel vulnerability affecting the Linux kernel prior to 2.6.9-42.0.8 on Red Hat 4.4 where a NULL-pointer dereference in fput for 32‑bit ioctl on 64‑bit x86 systems can cause a kernel OOPS and denial of service. The issue is addressed by Red Hat Security Advisory RHSA-200...

4.6CVSS7AI score0.00328EPSS
Exploits0References9Affected Software2
Oracle linux
Oracle linux
added 2007/06/26 12:0 a.m.51 views

Important: kernel security update

2.6.9-55.0.2.0.1 - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix for nfs open call taking longer issue Chuck Lever orabug 5580407 bz 219412 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with rds Zach...

6.1CVSS6.6AI score0.03473EPSS
Exploits0
Prion
Prion
added 2007/05/31 11:30 p.m.20 views

Input validation

Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and earlier allows local users to gain privileges via...

7.2CVSS7AI score0.00353EPSS
Exploits0References7Affected Software7
CVE
CVE
added 2007/05/31 11:0 p.m.60 views

CVE-2007-2965

CVE-2007-2965 concerns the Real-time Scanning component across multiple F-Secure products (Internet Security 2005–2007, Anti-Virus 2005–2007, and related Protection Service for Consumers 6.40 and earlier). The root cause is improper validation in IOCTL/I/O space handling, allowing a crafted I/O r...

7.2CVSS6.5AI score0.00353EPSS
Exploits0References7Affected Software7
Prion
Prion
added 2007/04/24 4:19 p.m.13 views

Code injection

The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine SRE in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses...

7.2CVSS7.8AI score0.00411EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2007/04/24 4:19 p.m.13 views

CVE-2007-2174

The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine SRE in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses...

7.2CVSS7.2AI score0.00411EPSS
Exploits0References8
CVE
CVE
added 2007/04/24 4:0 p.m.46 views

CVE-2007-2174

Affected software: ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm. The IOCTL handling in srescan.sys is vulnerable before version 5.0.156.0, permitting local users to execute arbitrary code via certain IOCTL lrp parameter addresses. No exploitation details are provided beyond thi...

7.2CVSS7.2AI score0.00411EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2007/04/24 4:0 p.m.21 views

CVE-2007-2174

The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine SRE in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses...

7.2AI score0.00411EPSS
Exploits0References8
securityvulns
securityvulns
added 2007/04/24 12:0 a.m.45 views

[Reversemode advisory] CheckPoint Zonelabs - ZoneAlarm SRESCAN driver local privilege escalation

CHECK POINT ZONE LABS PRODUCTS MULTIPLE LOCAL PRIVILEGE ESCALATION VULNERABILITIES Rubйn Santamarta [email protected] 04.20.2007 Affected products: + ZoneAlarm Srescan.sys v 5.0.155 and earlier Srescan.sys is exposed through the following Dos Device:“.SreScan”. Restricted accounts ,including...

Exploits0
securityvulns
securityvulns
added 2007/04/21 12:0 a.m.54 views

iDefense Security Advisory 04.20.07: Check Point Zone Labs SRESCAN IOCTL Local Privilege Escalation Vulnerability

Check Point Zone Labs SRESCAN IOCTL Local Privilege Escalation Vulnerability iDefense Security Advisory 04.20.07 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 20, 2007 I. BACKGROUND Zone Alarm products provide security solutions such as anti-virus, firewall, spy-ware, and ad-ware...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2007/03/14 12:0 a.m.22 views

Plash沙盒中进程TIOCSTI ioctl()权限提升漏洞

Plash是用于在沙盒中运行GNU/Linux程序的系统,以使程序只能获得最低权限。 Plash没有正确的限制沙盒中的进程通过TIOCSTI ioctl向终端的文件描述符插入字符,如果该终端上运行着shell的话,恶意的沙盒中进程就可能以该shell的权限执行任意命令。 Plash 1.17 临时解决方法: 代理访问stdin/stdout/stderr,通过cat管道传输: cat | pola-run ... 2&1 | cat 厂商补丁: Plash ----- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...

7.1AI score
Exploits0
Prion
Prion
added 2007/03/10 10:19 p.m.12 views

Design/Logic Flaw

Plash permits sandboxed processes to open /dev/tty, which allows local users to escape sandbox restrictions and execute arbitrary commands by sending characters to a shell process on the same termimal via the TIOCSTI ioctl...

6.9CVSS7.7AI score0.00342EPSS
Exploits0References6
NVD
NVD
added 2007/03/10 10:19 p.m.10 views

CVE-2007-1400

Plash permits sandboxed processes to open /dev/tty, which allows local users to escape sandbox restrictions and execute arbitrary commands by sending characters to a shell process on the same termimal via the TIOCSTI ioctl...

6.9CVSS7.2AI score0.00342EPSS
Exploits0References6
Cvelist
Cvelist
added 2007/03/10 10:0 p.m.18 views

CVE-2007-1400

Plash permits sandboxed processes to open /dev/tty, which allows local users to escape sandbox restrictions and execute arbitrary commands by sending characters to a shell process on the same termimal via the TIOCSTI ioctl...

7.2AI score0.00342EPSS
Exploits0References6
CVE
CVE
added 2007/03/10 10:0 p.m.45 views

CVE-2007-1400

Plash allows sandboxed processes to open /dev/tty via TIOCSTI, enabling local users to escape sandbox restrictions and send characters to a shell process on the same terminal to execute arbitrary commands. This CVE (CVE-2007-1400) is documented with a local-privilege/escalation impact and does no...

6.9CVSS7.2AI score0.00342EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2007/03/03 7:19 p.m.44 views

CVE-2006-7098

The Debian GNU/Linux 033-FNOSETSID patch for the Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl...

6.6CVSS5.9AI score0.0056EPSS
Exploits0References1
seebug.org
seebug.org
added 2007/03/01 12:0 a.m.28 views

madwifi <= 0.9.2.1 WPA/RSN IE Remote Kernel Buffer Overflow Exploit

No description provided by source. / ---- madwifi WPA/RSN IE remote kernel buffer overflow ------ expoit code by: sgrakkyu at antifork.org -- 10/1/2007 CVE: 2006-6332 Laurent BUTTI, Jerome RAZNIEWSKI, Julien TINNES for wpa .... memcpybuf, se-sewpaie, se-sewpaie1 + 2 .... .... the function re-uses...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/01 12:0 a.m.44 views

Madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow

/ ---- madwifi WPA/RSN IE remote kernel buffer overflow ------ expoit code by: sgrakkyu antifork.org -- 10/1/2007 CVE: 2006-6332 Laurent BUTTI, Jerome RAZNIEWSKI, Julien TINNES for wpa .... memcpybuf, se-sewpaie, se-sewpaie1 + 2 .... .... the function re-uses args in the stack before returning so...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/02/11 12:0 a.m.29 views

[Reversemode Advisory] TrendMicro Products - multiple privilege escalation vulnerabilities.

Trend Micro Products Multiple Local Privilege Escalation Vulnerabilities Discovered by: Rubйn Santamarta [email protected] Affected products: Client / Server / Messaging Security for SMB – 3.5 PC-cillin Internet Security - 2007, Trend Micro AntiVirus – 2007 Trend Micro Anti-Spyware for SMB –...

Exploits0
seebug.org
seebug.org
added 2007/02/08 12:0 a.m.36 views

Trend Micro病毒扫描引擎TMComm本地权限提升漏洞

Trend Micro病毒扫描引擎为桌面、服务器和网关提供杀毒功能。 Trend Micro的病毒扫描引擎中所捆绑的TmComm.sys驱动没有对\.\TmComm DOS设备接口设置安全的权限,对Everyone给予了写权限。这允许本地登录的用户通过IOCTL访问仅应由特权用户才能访问的功能。 此外,这个DOS设备接口的IOCTL处理器没有验证对其传送的地址,允许在内核(RING 0)环境中覆盖任意内存或执行任意指令。 Trend Micro PC-cillin Internet Security 2007 Trend Micro Antivirus 2007 Trend Micro...

7AI score
Exploits0
Rows per page
Query Builder