EUVD-2004-0657

Malware in sbrugna...

USN-6254-1: Linux kernel vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the doprlimit function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0458 It was discovered that a race...

Ubuntu: Security Advisory (USN-5299-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5299-1: Linux kernel vulnerabilities

Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. CVE-2020-26147 It was discovered that the bluetooth...

Aerotech Npaq MR Servo Drives Detection

Binary data 763907.prm...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3445-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3445-1 advisory. Eyal Itkin discovered that the IP over IEEE 1394 FireWire implementation in the Linux kernel contained a buffer overflow when handling fragmented packets...

USN-3445-1: Linux kernel vulnerabilities

Eyal Itkin discovered that the IP over IEEE 1394 FireWire implementation in the Linux kernel contained a buffer overflow when handling fragmented packets. A remote attacker could use this to possibly execute arbitrary code with administrative privileges. CVE-2016-8633 Andrey Konovalov discovered...

Ubuntu: Security Advisory (USN-3162-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3161-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3161-1 advisory. Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to...

Ubuntu 16.04 LTS : Linux kernel (Raspberry Pi 2) vulnerabilities (USN-3161-3)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3161-3 advisory. Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to...

Ubuntu: Security Advisory (USN-3161-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3161-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3161-2 advisory. USN-3161-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

Ubuntu 16.04 LTS : Linux kernel (Qualcomm Snapdragon) vulnerabilities (USN-3161-4)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3161-4 advisory. Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to...

USN-3162-2: Linux kernel (Raspberry Pi 2) vulnerabilities

CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A local attacker could use this to cause a denial of service system crash. CVE-2016-6213 Andreas Gruenbacher and Jan Kara discovered that the...

Inception - Attacking FireWire Devices

Inception is a FireWire physical memory manipulation and hacking tool exploiting IEEE 1394 SBP-2 DMA. The tool can unlock any password accepted and escalate privileges to Administrator/root on almost any powered on machine you have physical access to. The tool can attack over FireWire, Thunderbol...

FreeBSD-SA-06:25.kmem

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:25.kmem Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in firewire4 Category: core Module: sysdev Announced: 2006-12-06 Credits: Rodrigo...

FreeBSD -- Kernel memory disclosure in firewire(4)

Problem Description: In the FWGCROM ioctl, a signed integer comparison is used instead of an unsigned integer comparison when computing the length of a buffer to be copied from the kernel into the calling application. Impact: A user in the "operator" group can read the contents of kernel memory...

CVE-2004-0658

Integer overflow in the hpsballocpacket function incorrectly reported as allochpsbpacket in IEEE 1394 Firewire driver 2.4 and 2.6 allows local users to cause a denial of service crash and possibly execute arbitrary code via the functions 1 raw1394write, 2 stateconnected, 3 handleremoterequest, or...

CVE-2004-0658

Integer overflow in the hpsballocpacket function incorrectly reported as allochpsbpacket in IEEE 1394 Firewire driver 2.4 and 2.6 allows local users to cause a denial of service crash and possibly execute arbitrary code via the functions 1 raw1394write, 2 stateconnected, 3 handleremoterequest, or...

CVE-2004-0658

CVE-2004-0658 describes an integer overflow in the hpsb_alloc_packet function of the IEEE 1394 (Firewire) driver (versions 2.4 and 2.6). This vulnerability can allow local users to cause a denial of service (crash) and potentially execute arbitrary code through the functions raw1394_write, state_...