6173 matches found
DEBIAN-CVE-2010-4530
Signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negati...
CVE-2010-4530
Signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negati...
kernel: drivers/serial/serial_core.c: reading uninitialized stack memory
The uartgetcount function in drivers/serial/serialcore.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call...
CVE-2010-4530
Signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negati...
kernel security and bug fix update
2.6.9-89.35.1.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...
kernel: drivers/usb/serial/mos*.c: reading uninitialized stack memory
The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, and the 1 mos7720ioctl function in...
kernel: drivers/serial/serial_core.c: reading uninitialized stack memory
The uartgetcount function in drivers/serial/serialcore.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call...
DEBIAN-CVE-2010-4523
Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to 1 card-acos5.c, 2 card-atrust-acos.c, and 3 card-starcos.c...
CVE-2010-4523
Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to 1 card-acos5.c, 2 card-atrust-acos.c, and 3 card-starcos.c...
Stack overflow
Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to 1 card-acos5.c, 2 card-atrust-acos.c, and 3 card-starcos.c...
CVE-2010-4523
Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to 1 card-acos5.c, 2 card-atrust-acos.c, and 3 card-starcos.c...
CVE-2010-4523
Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to 1 card-acos5.c, 2 card-atrust-acos.c, and 3 card-starcos.c...
Fedora 12 : kernel-2.6.32.26-175.fc12 (2010-18432)
'Update to stable release 2.6.32.26, includes many CVE fixes documented in the upstream changelogs plus CVE-2010-3880, CVE-2010-4072, CVE-2010-4073, and a bunch of kernel stack leakages in the tty and serial drivers.' Note that Tenable Network Security has extracted the preceding description bloc...
Session fixation
The uartgetcount function in drivers/serial/serialcore.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call...
CVE-2010-4075
The CVE-2010-4075 entry affects the Linux kernel module code: uart_get_count (drivers/serial/serial_core.c) in versions prior to 2.6.37-rc1. The vulnerability arises from not properly initializing a certain structure member, enabling local users to read potentially sensitive information from kern...
Mandriva Update for cups MDVSA-2010:233 (cups)
Check for the Version of cups OpenVAS Vulnerability Test Mandriva Update for cups MDVSA-2010:233 cups Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
kernel: information leak via userspace USB interface
The processcomplcompat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensiti...
kernel: information leak via userspace USB interface
The processcomplcompat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensiti...
Intellicom NetBiter WebSCADA Vulnerabilities
OVERVIEW This advisory is a follow-up to ICS-ALERT-10-293-01 - Intellicom NetBiter WebSCADA Vulnerabilities, published on the ICS-CERT Web page on October 20, 2010. On October 1, 2010 independent researchers identified vulnerabilities in the Intellicom NetBiter Supervisory Control and Data...
Fedora 12 : argyllcms-1.0.4-5.fc12 (2010-3587)
Backport the 55-Argyll.rules files from hargyllcms as the upstream Argyll file allows access to the hardware serial ports for all users. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...