7876 matches found
Important: Red Hat Security Advisory: Updated kernel packages available for Red Hat Enterprise Linux 3 Update 1
Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the first regular update. The Linux kernel handles the basic functions of the operating system. This is the first regular kernel update for Red Hat Enterprise Linux...
Windows drivers privilege escalation
During access to driver memory range for input/output buffers is not checked...
Win32 Device Drivers Communication Vulnerabilities
Win32 Device Drivers Communication Vulnerabilities Proof Of Concept - Exploiting Norton AntiVirus Device Driver Written by Lord YuP / sEC-Labs ^ tkT Tested on NAV 2002! zipped exploit http://sec-labs.hack.pl DISCLAIMER: This paper is written in educational purposes only. Author, sEC-Labs, tkT tea...
Etherleak information leak in Windows Server 2003 drivers
NGSSoftware Insight Security Research Advisory Name: Etherleak information leak in Windows Server 2003 drivers Systems Affected: Windows Server 2003 all versions Severity: Low/Medium Risk Vendor URL: http://www.microsoft.com/windowsserver2003/ Author: Chris Paget [email protected] Date: 9th...
Buffer overflow in Mandrake printer drivers
Buffer overflows in different drivers...
CVE-2003-0035
Buffer overflow in escputil, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long printer-name command line argument...
[RHSA-2003:025-20] Updated 2.4 kernel fixes various vulnerabilities
--------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated 2.4 kernel fixes various vulnerabilities Advisory ID: RHSA-2003:025-20 Issue date: 2003-01-24 Updated on: 2003-02-03 Product: Red Hat Linux Keywords: ethernet frame...
CVE-2003-0035
Buffer overflow in escputil, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long printer-name command line argument...
CVE-2003-0036
The CVE refers to Mandrake Linux printer-drivers (ml85p) where a race condition in opening a temporary file allows a local attacker to overwrite arbitrary files via symlink attacks on files named mlg85p%d. Affected component: ml85p within the printer-drivers package; root cause: predictable tempo...
CVE-2003-0035
CVE-2003-0035 is a local vulnerability in Mandrake Linux’s printer-drivers package, specifically a buffer overflow in the escputil utility when parsing the --printer-name argument. The issue arises when escputil is installed with elevated privileges (setuid/sgid), enabling a local user to execute...
CVE-2003-0034
The provided documents confirm CVE-2003-0034 affects the mtink status monitor included in Mandrake Linux printer-drivers. The root cause is a buffer overflow when handling a long HOME environment variable, enabling a local attacker to execute arbitrary code. Additional vulnerabilities exist in re...
CVE-2003-0036
ml85p, as included in the printer-drivers package for Mandrake Linux, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable filenames of the form "mlg85p%d"...
iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package http://www.idefense.com/advisory/01.21.03.txt January 21, 2003 I. BACKGROUND MandrakeSoft Inc.'s Mandrake Linux includes the printer-drivers package in mos...
More information regarding Etherleak
This e-mail's purpose is to clear several issues surrounding the Etherleak paper: - Who is Vulnerable? - Why this vulnerability is so wide spread? - Why the examples are only with Linux device drivers? - Why we have contacted CERT? - Are Device Drivers under Microsoft-based OSs are vulnerable? -...
CVE-2003-0001
Multiple ethernet Network Interface Card NIC device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak...
[RHSA-2002:206-12] New kernel fixes local security issues
--------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: New kernel fixes local security issues Advisory ID: RHSA-2002:206-12 Issue date: 2002-09-23 Updated on: 2002-10-15 Product: Red Hat Linux Keywords: Cross references: Obsoletes:...
CVE-2001-1392
The supplied documents confirm CVE-2001-1392 affects the Linux kernel prior to 2.2.19, due to missing unregister calls for CPUID and MSR drivers, which could crash the system on unloading/loading (local DoS). Remediation is to upgrade to kernel 2.2.19 or later (as noted in Mandrake/Debian/NVD ref...
CVE-2001-0890
The CVE-2001-0890 entry describes a vulnerability in backend drivers of the SANE library (1.0.3 and earlier), used by frontend tools such as XSane, where a local user can modify files via a symlink attack on temporary files. The root cause is a symlink-related flaw in temporary file handling with...
Moderate: Red Hat Security Advisory: Updated kernel with information security fixes, bug fixes, and updated drivers
This kernel update is available for Red Hat Linux Advanced Server 2.1. It includes a fix for an information security bug, various kernel bug fixes, and updated device drivers. 2002-07-29 This release is a rebuild for adding exported symbols for Veritas. This kernel fixes an information security...
Weak permissions in HP drivers for MacOS
Some common files are writable...