4243 matches found
CVE-2013-1774
The chaseport function in drivers/usb/serial/ioti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service NULL pointer dereference and system crash via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter...
UBUNTU-CVE-2013-1772
The logprefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service buffer overflow and system crash by leveraging /dev/kmsg write access and triggering a...
CVE-2013-1772
The logprefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service buffer overflow and system crash by leveraging /dev/kmsg write access and triggering a...
CVE-2013-0160
The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device...
Information disclosure
The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device...
CVE-2013-0160
CVE-2013-0160 affects the Linux kernel up to version 3.7.9. It enables local attackers to obtain sensitive keystroke timing information by abusing the inotify API on the /dev/ptmx device. The impact is described as partial confidentiality loss; no guidance on exploit details or mitigation is prov...
CVE-2013-0160
The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device...
CVE-2013-0160
The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device...
Ubuntu: Security Advisory (USN-1704-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Paypal Bug Bounty #8 - CSRF DEV Web Vulnerability
Document Title: =============== Paypal Bug Bounty 8 - CSRF DEV Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=644 Paypal UID: ydw159yyb Release Date: ============= 2013-01-23 Vulnerability Laboratory ID VL-ID:...
USN-1704-1: Linux kernel (Quantal HWE) vulnerabilities
Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. CVE-2012-0957 Jon Howell reported a flaw in the Linux kernel's KVM Kernel-based virtual machine subsystem's handling of the XSAVE feature. On hosts,...
Linux Kernel '/dev/ptmx'文件本地信息泄露漏洞
Bugtraq ID:57176 CVE ID:CVE-2013-0160 Linux是一款开源的操作系统 "/dev/ptmx"是一款字符设备,用于创建伪终端master设备和slave设备,在击键时可通过PTM输送数据。"/dev/ptmx"存在一个安全漏洞,非特权本地用户漏洞通过判断击键间的延迟,来猜测输入密码的长度 0 Linux kernel 3.x Linux kernel 2.6.x 厂商解决方案 目前没有详细解决方案提供: http://www.linux.org/ http://vladz.devzero.fr/013ptmx-timing.php...
USN-1673-1: Linux kernel (OMAP4) vulnerability
Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. CVE-2012-4508 A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user...
USN-1671-1: Linux kernel vulnerability
Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. CVE-2012-4508 A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user...
USN-1649-1: Linux kernel (OMAP4) vulnerabilities
Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. CVE-2012-0957 Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cau...
CVE-2012-4225
NVIDIA UNIX graphics driver before 295.71 and before 304.32 allows local users to write to arbitrary physical memory locations and gain privileges by modifying the VGA window using /dev/nvidia0...
Memory corruption
NVIDIA UNIX graphics driver before 295.71 and before 304.32 allows local users to write to arbitrary physical memory locations and gain privileges by modifying the VGA window using /dev/nvidia0...
CVE-2012-4225
NVIDIA UNIX graphics driver before 295.71 and before 304.32 allows local users to write to arbitrary physical memory locations and gain privileges by modifying the VGA window using /dev/nvidia0...
CVE-2012-4225
The CVE-2012-4225 entry affects the NVIDIA UNIX graphics driver for Linux, with vulnerable versions: before 295.71 and before 304.32. The root cause is the driver allowing local users to write to arbitrary physical memory locations by modifying the VGA window via /dev/nvidia0, enabling privilege ...
OpenSSH 6.0p1 Backdoor Patch 1.2 Vulnerability 0day
This patch is for openssh-6.0p1 source which combines a known openssh backdoor and Sebastian Krahmer's openssh.reverse capabilities. Telnet to target openssh server and issue udcgamaimagic string for getting reverse openssh connection. $id: udc-hackssh-v3bajaulaut-v1, 2012/10/28 05:00:50 slash...