security flaw

Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service kernel OOPS via a userspace process that issues a USB Request Block URB to a USB device and terminates before the URB is finished, which leads to a stale pointer reference...

Hardcoded credentials

The ftdisio driver usb/serial/ftdisio.c in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service memory consumption by writing more data to the serial port than the hardware can handle, which causes the data to be queued...

CVE-2006-2936

The ftdisio driver usb/serial/ftdisio.c in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service memory consumption by writing more data to the serial port than the hardware can handle, which causes the data to be queued...

CVE-2006-1538

The Enova X-Wall ASIC encrypts with a key obtained via Microwire from a serial EEPROM that stores the key in cleartext, which allows local users with physical access to obtain the key by reading and duplicating an EEPROM that is located on a hardware token, or by sniffing the Microwire bus...

slsnif-ploit.pl.txt

Original can be found at http://shellcoders.com/sintigan/slsnif-ploit.pl Author: [email protected] http://www.shellcoders.com/ ---------------------------------------- Program ID: Serial Line Sniffer 0.4.4 sintigan@midnight:/home/sintigan$ perl slsnif-ploit.pl sh-3.00 id uid=0root...

Buffer overflow

Unspecified vulnerability in Serial line sniffer aka slsnif 0.4.4 allows local users to gain privileges via a long value of the HOME environment variable, possibly because of a buffer overflow...

CVE-2006-0196

Unspecified vulnerability in Serial line sniffer aka slsnif 0.4.4 allows local users to gain privileges via a long value of the HOME environment variable, possibly because of a buffer overflow...

CVE-2006-0196

Unspecified vulnerability in Serial line sniffer aka slsnif 0.4.4 allows local users to gain privileges via a long value of the HOME environment variable, possibly because of a buffer overflow...

slsnif serial line sniffer buffer overflow

Buffer overflow on parsing HOME environment variable...

PT-2026-26286

Name of the Vulnerable Software and Affected Versions XML::Parser versions through 2.47 Description The software contains a heap buffer overflow in the st serial stack function. This occurs when parsing XML files with deeply nested elements. Specifically, when stackptr equals stacksize - 1, the...

planetBackdoor.txt

Hello all, Today i discovered a pseudo backdoor thru a default password while trying to reset the password on a Planet Technology Corp FGSW2402RS switch. Allthough i dont consider this to be a real problem since the only access seems to be thru the serial port, i would like to share this with the...

Buffer overflow in moxa driver

Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver moxa.c in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value...

CVE-2005-2984

Avocent CCM console server running firmware 2.1 CCM4850 allows remote authenticated attackers to bypass port restrictions by connecting to the server via SSH and using the connect command to access the serial port...

Avocent CCM: Port Access Control Bypass Vulnerability

Hi, this is another bug I found during my research on console servers which is presumably fixed by now. So here you go: Summary: Port Access Control Bypass Vulnerability Details: Avocents CCM console server have a flaw which enables users to bypass access control by using ssh with standard passwo...

RHEL 2.1 : kernel (RHSA-2005:529)

Updated kernel packages that fix a number of security issues as well as other bugs are now available for Red Hat Enterprise Linux 2.1 32 bit architectures This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix a number of security issues as well as other bugs are now available for Red Hat Enterprise Linux 2.1 32 bit architectures This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages are now available to correct security issues and bugs for Red Hat Enterprise Linux version 2.1 Itanium. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating syste...

CVE-2001-1520

Xircom REX 6000 allows local users to obtain the 10 digit PIN by starting a serial monitor, connecting to the personal digital assistant PDA via Rextools, and capturing the cleartext PIN...

Fortinet Fortigate firewall backdoor account

maintainer/pbcpbnserial number account has local root access to device...

CVE-2005-1837

Fortinet firewall running FortiOS 2.x contains a hardcoded username with the password set to the serial number, which allows local users with console access to gain privileges...