339 matches found
UBUNTU-CVE-2013-4515
The bcmcharioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an IOCTLBCMGETDEVICEDRIVERINFO ioctl call...
PT-2013-5054 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.12 Description: The issue allows local users to obtain sensitive information from kernel memory. This is due to the bcm char ioctl function in drivers/staging/bcm/Bcmchar.c not initializing a certain data...
kernel: missing check in can/bcm and can/raw socket releases
The bcmrelease function in net/can/bcm.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service NULL pointer dereference or possibly have unspecified other impact via a crafted release operation...
PT-2011-3244 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39-rc6 Description: The issue is related to the bcm release function in the Linux kernel, which does not properly validate a socket data structure. This can be exploited by local users to cause a denial of...
kernel security and bug fix update
2.6.32-71.14.1.0.1.el6 - replace Red Hat with Oracle in files genkey and kernel.spec 2.6.32-71.14.1.el6 - kvm x86: zero kvmvcpuevents-interrupt.pad Marcelo Tosatti 665471 665409 CVE-2010-4525 2.6.32-71.13.1.el6 email6.RHSA-2011-0007 178L, 11970C written - scsi lpfc: Fixed crashes for NULL pnode...
Design/Logic Flaw
The bcmconnect function in net/can/bcm.c aka the Broadcast Manager in the Controller Area Network CAN implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensiti...
CVE-2010-4565
The bcmconnect function in net/can/bcm.c aka the Broadcast Manager in the Controller Area Network CAN implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensiti...
PT-2010-5133 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.36.2 Description: A heap-based buffer overflow issue exists in the bcm connect function within the net/can/bcm.c file, which is part of the Controller Area Network CAN implementation. This issue might allow...
Linux Kernel < 2.6.36-rc1 CAN BCM Privilege Escalation Exploit
No description provided by source. / i-CAN-haz-MODHARDEN.c Linux Kernel 2.6.36-rc1 CAN BCM Privilege Escalation Exploit Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2959 Ben Hawkes discovered an integer overflow in th...
Linux Kernel < 2.6.36-rc1 (Ubuntu 10.04 / 2.6.32) - 'CAN BCM' Local Privilege Escalation
/ i-CAN-haz-MODHARDEN.c Linux Kernel http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2959 Ben Hawkes discovered an integer overflow in the Controller Area Network CAN subsystem when setting up frame content and filtering certain messages. An attacker...
Linux Kernel 2.6.36-rc1 (Ubuntu 10.04 2.6.32) - CAN BCM Local Privilege Escalation
Linux Kernel 2.6.36-rc1 Ubuntu 10.04 2.6.32 - CAN BCM Local Privilege Escalation / i-CAN-haz-MODHARDEN.c Linux Kernel http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2959 Ben Hawkes discovered an integer overflow in the Controller Area Network CAN...
Linux Kernel < 2.6.36-rc1 CAN BCM Privilege Escalation Exploit
Exploit for windows platform in category local exploits ============================================================== Linux Kernel http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2959 Ben Hawkes discovered an integer overflow in the Controller Area...
Motorola SB5101 Hax0rware Rajko HTTPd Remote Proof Of Concept
!/usr/bin/perl Motorola SB5101 Hax0rware Rajko HttpD Remote Exploit PoC Author: Dillon Beresford Date: 6/6/2010 Vendor: SBHacker & Motorola Software Link: http://www.sbhacker.net/forum/index.php Tested on Hax0rware 1.1 R30, R32 and R39 Description: Motorola SB5101 Hax0rware Rajko HttpD Remote...
Nortel Business Communications Manager 3.5 / 3.6 Default Password (deprecated)
Binary data 4883.prm...
Design/Logic Flaw
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager BCM, and other product lines allow remote attackers to eavesdrop on the physical environment via an Open Audio Stream message that enables "surveillance mode."...
CVE-2007-5637
The CVE-2007-5637 entry applies to Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and related Nortel products (IP Phone, BCM, and other lines). The vulnerability is described as remote eavesdropping on the physical environment via an Open Audio Stream message that enables a surveillance mode. ...
Mandrake Linux Security Advisory : kernel (MDKSA-2006:151)
A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel : Prior to and including 2.6.16-rc2, when running on x8664 systems with preemption enabled, local users can cause a DoS oops via multiple ptrace tasks that perform single steps CVE-2006-1066. Prior to 2.6.16, a...
CVE-2004-0056
Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager BCM, Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway allow remote attackers to cause a denial of service and possibly execute arbitrary code, as...
CVE-2004-0056
Multiple vulnerabilities in the H.323 protocol implementation affect Nortel Networks BCM, Succession 1000 IP Trunk/IP Peer Networking, and 802.11 Wireless IP Gateway. The issues enable remote denial of service and possibly arbitrary code execution, demonstrated via the H.225 protocol test suite (...