Ubuntu: Security Advisory (USN-894-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-894-1: Linux kernel vulnerabilities

Amerigo Wang and Eric Sesterhenn discovered that the HFS and ext4 filesystems did not correctly check certain disk structures. If a user were tricked into mounting a specially crafted filesystem, a remote attacker could crash the system or gain root privileges. CVE-2009-4020, CVE-2009-4308 It was...

[ MDVSA-2010:030 ] kernel

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:030 http://www.mandriva.com/security/ Package : kernel Date : January 1, 2009 Affected: 2010.0 Problem Description: Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: Array index err...

3 6 0 security guards bregdrv. sys and bregdll. dll file local privilege escalation exploit.-vulnerability warning-the black bar safety net

3 6 0 Security Defender is in China, the widely used free Internet security software. 3 6 0 security guards in the installation process on the user's system to install a registry operation program, the program can be used to bypass theoperating systemthe security check mechanism of any operation...

Qihoo 360 Security Guard breg device drivers Privilege Escalation

Exploit for unknown platform in category local exploits =============================================================================== Qihoo 360 Security Guard breg device drivers Privilege Escalation Vulnerability =============================================================================== /...

Linux Kernel 'drivers/firewire/ohci.c'空指针引用拒绝服务漏洞

Bugraq ID: 37339 CVE ID：CVE-2009-4138 Linux是一款开放源代码的操作系统。 ohci接口在处理数据长度为零的报文时存在问题，本地攻击者可以利用漏洞对系统进行拒绝服务攻击。 可以打开新1394栈新版本中的任意/dev/fw文件的用户，发送部分ioctls可导致使用ohci 1.0控制器或由于硬件缺陷ohci 1.0模式中使用ohci 1.1控制器的机器崩溃。这可导致fw-,ohci.c中引用空指针。 在那些使用不被列入黑名单的ohci1.1控制器的机器，调用不会发生任何事情，虽然是个缺陷，但不会导致崩溃。 在Red Hat Enterprise...

Linux Kernel collect_rx_frame函数本地权限提升漏洞

BUGTRAQ ID: 37036 CVE ID: CVE-2009-4005 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的drivers/isdn/hisax/hfcusb.c文件中的collectrxframe函数存在错误，通过ISDN到达的特制HDLC报文可能触发读缓冲区溢出，导致执行任意内核态代码。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Linux Kernel 'drivers/scsi/gdth.c'本地特权提升漏洞

Bugraq ID: 37068 CVE ID：CVE-2009-3080 Linux是一款开放源代码的操作系统。 Linux drivers/scsi/gdth.c包含的"gdthreadevent"函数存在数组索引错误，发送特殊构建的使用负偏移用于索引的IOCTL，可导致拒绝服务或特权提升。 Linux kernel 2.6.31 5 Linux kernel 2.6.31 .2 Linux kernel 2.6.31 -rc7 Linux kernel 2.6.31 -rc6 Linux kernel 2.6.31 -rc3 + Trustix Secure Enterprise...

Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities (969947)

This host is missing a critical security update according to Microsoft Bulletin MS09-065. OpenVAS Vulnerability Test $Id: secpodms09-065.nasl 5934 2017-04-11 12:28:28Z antu123 $ Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities 969947 Authors: Sharath S Updated By: Madhuri D on...

Marvell Driver Multiple Information Element Overflows

Title: ------ Marvell Driver Multiple Information Element Overflows Summary: -------- The wireless drivers in some Wi-Fi access points such as the MARVELL-based Linksys WAP4400N do not correctly parse information elements included in association requests. Most information elements are used by the...

Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities (969947)

This host is missing a critical security update according to Microsoft Bulletin MS09-065. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Workaround for Microsoft Windows Kernel-Mode Drivers Win32k EOT Parsing Remote Code Execution Vulnerability (MS09-065)

A remote code execution vulnerability has been reported in the way the Windows kernel-mode drivers are parsing Windows Embedded OpenType EOT font code. The Windows kernel is the core of the operating system. It provides system level services such as device management and memory management,...

MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947)

The remote host contains a version of the Windows kernel that is affected by multiple vulnerabilities : - A NULL pointer dereferencing vulnerability allowing a local user to elevate his privileges CVE-2009-1127 - Insufficient validation of certain input passed to GDI from user mode allows a local...

kernel security and bug fix update

2.4.21-63.0.0.0.1.EL - add directio support for qla drivers herb ora 6346849 - support PT Quad card ora 5751043 - io to nfs partition hangs ora 5088963 - add entropy for bnx2 nic ora 5931647 - avoid large allocation-fragmentation in MTU zab - fix clear highpage wli 2.4.21-63.EL - fs: fix pipe nul...

SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 1212 / 1218 / 1219)

The SUSE Linux Enterprise 11 Kernel was updated to 2.6.27.29 fixing various bugs and security issues. The following security issues were fixed : - A missing NULL pointer check in the socket sendpage function can be used by local attackers to gain root privileges. CVE-2009-2692 - A kernel stack...

Null pointer dereference

The sgbuildindirect function in drivers/scsi/sg.c in Linux kernel 2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an array, which allows local users to cause a denial of service kernel OOPS and NULL pointer dereference, as demonstrated by using xcdroast to duplicate a CD...

Fedora Core 11 FEDORA-2009-9044 (kernel)

The remote host is missing an update to kernel announced via advisory FEDORA-2009-9044. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

openSUSE Security Update : kernel (kernel-1214)

The SUSE Linux Enterprise 11 Kernel was updated to 2.6.27.29 fixing various bugs and security issues. Following security issues were fixed: CVE-2009-2692: A missing NULL pointer check in the socket sendpage function can be used by local attackers to gain root privileges. CVE-2009-2406: A kernel...

Linux Kernel 2.6.x - driverschartty_ldisc.c Null Pointer Dereference Denial of Service

Linux Kernel 2.6.x - driverscharttyldisc.c Null Pointer Dereference Denial of Service / source: https://www.securityfocus.com/bid/36191/info The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to crash the affected kernel, denying service to...

Microsoft Windows XP - win32k.sys Local Privilege Escalation

Microsoft Windows XP - win32k.sys Local Privilege Escalation //////////////////////////////////////////////////////////////////////////////////// // +----------------------------------------------------------------------------+ // // | | // // | Microsoft Corporation - http://www.microsoft.com/ |...