CVE-2006-6881

CVE-2006-6881: A buffer overflow in the Get_Wep function of cofvnet.c affecting ATMEL Linux PCI PCMCIA USB Drivers (drivers 3.4.1.1) allows an attacker to execute arbitrary code via a long name argument. The issue is exploitable over the network with low attack complexity and no authentication, w...

ATMEL Linux PCI PCMCIA USB Drivers arbitrary code execution

Synopsis: ATMEL Linux PCI PCMCIA USB Drivers arbitrary code execution Product: ATMEL WLAN drivers 3.4.1.1 Version: =3.4.1.1 Product: ======= ATMEL linux PCI, PCMCIA, USB drivers. and configuration utilities. Issue: ====== A critical security vulnerability has been found in ATMEL WLAN drivers...

Linux ATMEL wireless drivers buffer overflow

Buffer overflow in GetWep function...

CVE-2006-6881

Buffer overflow in the GetWep function in cofvnet.c for ATMEL Linux PCI PCMCIA USB Drivers drivers 3.4.1.1 corruption allows attackers to execute arbitrary code via a long name argument...

Intel network drivers privilege escalation vulnerability

Overview A buffer overflow vulnerability in Intel PRO Ethernet drivers may allow local attackers to execute code with elevated privileges. Description Intel network adapter drivers are developed and maintained by Intel for Windows and Linux operating systems. A buffer overflow vulnerability exist...

CVE-2006-6385

Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers aka NDIS miniport drivers before 20061205 allows local users to execute arbitrary code with "kernel-level" privileges via an incorrect function call in certain OID handlers...

CVE-2006-6385

CVE-2006-6385 describes a stack-based buffer overflow in Intel PRO Ethernet NDIS miniport drivers (PRO 10/100, PRO/1000, PRO/10GbE for PCI, PCI-X, PCIe) before 2006-12-05. The flaw allows a local attacker to execute arbitrary code with kernel-level privileges via an incorrect OID-handling functio...

CVE-2006-6013

Integer signedness error in the fwioctl FWIOCTL function in the FireWire IEEE-1394 drivers dev/firewire/fwdev.c in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows...

CVE-2006-6013

The CVE-2006-6013 issue affects the FireWire (IEEE-1394) driver fwdev.c in several BSDs, where in the FW_GCROM ioctl a signed integer comparison is used to compute the length of a buffer copied from kernel memory, effectively enabling a local user to read arbitrary kernel memory contents when cro...

CA多个产品驱动本地权限提升漏洞

Computer Associates是世界领先的安全厂商，产品包括多种杀毒软件及备份恢复系统。 CA HIPS产品的驱动在实现上存在问题，本地攻击者可能利用此漏洞提升权限。 CA的HIPS Core（KmxStart.sys）和HIPS Firewall（KmxFw.sys）驱动hook了TDI和NDIS。本地非特权用户可以使用一些特权IOCTL覆盖这些驱动中的函数指针，以Ring0权限执行任意代码。 Computer Associates Personal Firewall 2007 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

[Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.

Computer Associates "Host Intrusion Prevention System" Engine Drivers are prone to multiple local privilege escalation vulnerabilities. Unprivileged users can take advantage of these flaws in order to execute arbitrary code with kernel privileges. Two drivers are affected, kmxstart.sys and...

D-Link wireless drivers buffer overflow

Buffer overflow on oversized 802.11 beacon frame Rates parameter...

Broadcom wireless drivers buffer overflow

Buffer overflow on oversized SSID...

CVE-2006-5802

SQL injection vulnerability in messagedetails.php in The Web Drivers Simple Forum, dated 20060318, allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2006-5802

The CVE-2006-5802 entry describes an SQL injection vulnerability in The Web Drivers Simple Forum, specifically in message_details.php. The vulnerability can be exploited by remote attackers via the id parameter to execute arbitrary SQL commands. The NVD summary confirms the flaw as a SQL injectio...

Nvidia for Linux / Solaris graphic drivers buffer overflow

Integer overflow in nv000053X function leads to buffer overflow...

CVE-2006-5642

Unspecified vulnerability in NmnLogger 1.0.0 and earlier has unknown impact and attack vectors related to configuration of mesasge drivers...

CVE-2006-5642

Unspecified vulnerability in NmnLogger 1.0.0 and earlier has unknown impact and attack vectors related to configuration of mesasge drivers...

CVE-2006-5642

Technical details about CVE-2006-5642 are not provided in the supplied documents. Public information is limited to a generic description; monitor for updates for concrete affected products, root cause, impact, and remediation.

Asterisk: Multiple vulnerabilities

Background Asterisk is an open source implementation of a telephone private branch exchange PBX. Description Asterisk contains buffer overflows in channels/chanmgcp.c from the MGCP driver and in channels/chanskinny.c from the Skinny channel driver for Cisco SCCP phones. It also dangerously handle...