CVE-2014-3185

CVE-2014-3185 affects the Linux kernel’s Whiteheat USB Serial Driver (drivers/usb/serial/whiteheat.c). The vulnerability allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) by presenting a crafted USB device that suppli...

CVE-2014-3185

Multiple buffer overflows in the commandportreadcallback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service memory corruption and system crash v...

CVE-2014-3185

Multiple buffer overflows in the commandportreadcallback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service memory corruption and system crash v...

CVE-2014-3185

Multiple buffer overflows in the commandportreadcallback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service memory corruption and system crash v...

UBUNTU-CVE-2014-3185

Multiple buffer overflows in the commandportreadcallback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service memory corruption and system crash v...

Qemu: usb: fix up post load checks

hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."...

[SECURITY] Fedora 19 Update: ppp-2.4.5-33.fc19

The ppp package contains the PPP Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an ISP Internet Service Provider or other organization over a modem...

CVE-2014-0762

The CG Automation Software DNP3 driver, used in the ePAQ-9410 Substation Gateway products, does not validate input correctly. An attacker could cause the software to go into an infinite loop, causing the process to crash. The system must be restarted manually to clear the condition...

Design/Logic Flaw

The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows physically proximate attackers to cause a denial of service infinite loop or process crash via crafted input over a serial line...

[SECURITY] Fedora 20 Update: ppp-2.4.5-34.fc20

The ppp package contains the PPP Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an ISP Internet Service Provider or other organization over a modem...

Hardcoded credentials

Cobham Aviator 700D and 700E satellite terminals have hardcoded passwords for the 1 debug, 2 prod, 3 do160, and 4 flrp programs, which allows physically proximate attackers to gain privileges by sending a password over a serial line...

CVE-2014-2964

Cobham Aviator 700D and 700E satellite terminals have hardcoded passwords for the 1 debug, 2 prod, 3 do160, and 4 flrp programs, which allows physically proximate attackers to gain privileges by sending a password over a serial line...

Qemu: usb: fix up post load checks

hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."...

IBM GCM1632 1.20.0.22575 - Multiple Vulnerabilities

IBM GCM1632 1.20.0.22575 - Multiple Vulnerabilities Product description The IBM 1754 GCM family provides KVM over IP and serial console management technology in a single appliance. Versions v1.20.0.22575 and prior are vulnerables. Note that this vulnerability is also present in some DELL and...

IBM GCM16/32 1.20.0.22575 - Multiple Vulnerabilities

Exploit for php platform in category web applications Product description The IBM 1754 GCM family provides KVM over IP and serial console management technology in a single appliance. Versions v1.20.0.22575 and prior are vulnerables. Note that this vulnerability is also present in some DELL and...

Serial port shell binding, busybox Launching shellcode

No description provided by source. / General: Serial port shell binding, busybox launching shellcode.. yey! Specific: really wish i could tell you what i needed this for.. but meh.. this will bind a busybox sh shell to /dev/ttyS0, the shellcode does not alter the baudrate settings.. 9600 is the...

Linux <= 2.6.37-rc1 serial_multiport_struct Local Info Leak Exploit

No description provided by source. / Linux = 2.6.37-rc1 serialmultiportstruct Info Leak Exploit ./splitmilk2 leak 134514859 \m/ Linux = 2.6.37-rc1 serialmultiportstruct Info Leak Exploit \m/ by Todor Donev x Leakfile : leak x Reservedsize : 134514859 + Leaking.. = ... Greets to prdelka, for...

Blade API Monitor Unicode Bypass (Serial Number BOF)

No description provided by source. !/usr/bin/python -w --------------------------------------------------------------------------------- Exploit: Blade API Monitor Unicode Bypass Serial Number BOF Author: b33f Ruben Boonen - http://www.fuzzysecurity.com http://www.fuzzysecurity.com/exploits/8.htm...

Linux <= 2.6.37-rc1 serial_core TIOCGICOUNT Leak Exploit

No description provided by source. / Linux = 2.6.37-rc1 serialcore TIOCGICOUNT leak ================================================ Information leak exploit for CVE-2010-4077 which leaks kernel stack space back to userland due to uninitialized struct member reserved in struct serialicounterstruc...

openSUSE Security Update : qemu (openSUSE-SU-2014:0200-1)

Running QEMU in a configuration with more than 256 emulated SCSI devices attached could have caused a buffer overflow when the guest issues a REPORT LUNS command. Fix this as part of upgrading to the latest stable version on 13.1. Also fix unintentional building against gtk2 rather than gtk3 on...