146 matches found
CVE-2008-7107
easdrv.sys in ESET Smart Security 3.0.667.0 allows local users to cause a denial of service crash via a crafted IOCTL 0x222003 request to the \.\easdrv device interface...
Design/Logic Flaw
Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel pointer...
CVE-2008-6962
Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel pointer...
CVE-2008-6962
CVE-2008-6962 affects Avira AntiVir products (Premium/ Premium Security Suite/ Professional/ Personal - FREE). The issue stems from a crafted IOCTL request that overwrites a kernel pointer, enabling local code execution. NVD lists CVSSv2 base score 7.2 (HIGH) with LOCAL attack, low complexity, no...
CVE-2009-2649
The IATA ata driver in FreeBSD 6.0 and 8.0, when read access to /dev is available, allows local users to cause a denial of service kernel panic via a certain IOCTL request with a large count, which triggers a malloc call with a large value...
Cross site request forgery (csrf)
The IATA ata driver in FreeBSD 6.0 and 8.0, when read access to /dev is available, allows local users to cause a denial of service kernel panic via a certain IOCTL request with a large count, which triggers a malloc call with a large value...
Design/Logic Flaw
The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populates kernel registers with IOCTL 0x8317001c input values, which allows local users to cause a denial of service system crash or gain privileges via a crafted IOCTL request, as demonstrated by executi...
NOD32 3.0/ESET Smart Security < 3.0.684 Local Privilege Escalation
NOD32 3.0/ESET Smart Security is installed on the remote host. The installed version is older than 3.0.684. Such versions are reportedly affected by a local privilege escalation issue. By sending a specially crafted request to an IOCTL request handler in 'epfw.sys', a local user may be able to...
Design/Logic Flaw
The PGPwded device driver aka PGPwded.sys in PGP Corporation PGP Desktop 9.0.6 build 6060 and 9.9.0 build 397 allows local users to cause a denial of service system crash and possibly gain privileges via a certain METHODBUFFERED IOCTL request that overwrites portions of memory, related to a "Driv...
CVE-2008-5725
The NT kernel-mode driver aka pstrip.sys 5.0.1.1 and earlier in EnTech Taiwan PowerStrip 3.84 and earlier allows local users to gain privileges via certain IRP parameters in an IOCTL request to \Device\Powerstrip1 that overwrites portions of memory...
Cross site request forgery (csrf)
The NT kernel-mode driver aka pstrip.sys 5.0.1.1 and earlier in EnTech Taiwan PowerStrip 3.84 and earlier allows local users to gain privileges via certain IRP parameters in an IOCTL request to \Device\Powerstrip1 that overwrites portions of memory...
CVE-2008-5725
The NT kernel-mode driver aka pstrip.sys 5.0.1.1 and earlier in EnTech Taiwan PowerStrip 3.84 and earlier allows local users to gain privileges via certain IRP parameters in an IOCTL request to \Device\Powerstrip1 that overwrites portions of memory...
Anti-Trojan Elite 4.2.1 - Atepmon.sys IOCTL Request Local Overflow Local Privilege Escalation
Anti-Trojan Elite 4.2.1 - Atepmon.sys IOCTL Request Local Overflow Local Privilege Escalation source: https://www.securityfocus.com/bid/32202/info ISecSoft Anti-Trojan Elite and Anti-Keylogger Elite are prone to multiple local privilege-escalation vulnerabilities. An attacker can exploit these...
CVE-2008-4451
The SysInspector AntiStealth driver esiasdrv.sys 3.0.65535.0 in ESET System Analyzer Tool 1.1.1.0 allows local users to execute arbitrary code via a certain METHODNEITHER IOCTL request to \Device\esiasdrv that overwrites a pointer...
CVE-2008-4363
DLMFENC.sys 1.0.0.28 in DESlock+ 3.2.7 allows local users to cause a denial of service system crash or potentially execute arbitrary code via a certain DLMFENCIOCTL request to \.\DLKPFSDDevice that overwrites a pointer, probably related to use of the ProbeForRead function when ProbeForWrite was...
Design/Logic Flaw
The Virtual Token driver vdlptokn.sys 1.0.2.43 in DESlock+ 3.2.7 allows local users to cause a denial of service system crash via a crafted IOCTL request to \Device\DLPTokenWalter0...
CVE-2008-4113
The sctpgetsockopthmacident function in net/sctp/socket.c in the Stream Control Transmission Protocol sctp implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows loc...
CVE-2008-4113
The sctpgetsockopthmacident function in net/sctp/socket.c in the Stream Control Transmission Protocol sctp implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows loc...
CVE-2008-3525
The sbniioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAPNETADMIN capability before processing a 1 SIOCDEVRESINSTATS, 2 SIOCDEVSHWSTATE, 3 SIOCDEVENSLAVE, or 4 SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass...
Deterministic Network Extender dne2000.sys驱动本地权限提升漏洞
BUGTRAQ ID: 29772 Deterministic Network Enhancer(DNE)是用于扩展Windows联网栈的软件包。 DNE的驱动程序实现上存在漏洞,本地攻击者可以通过对DNE驱动(dne2000.sys)发送特制的IOCTL请求导致以内核级权限执行任意指令。 Citrix Deterministic Network Extender 2.21.7.233 - 3.21.7.17464 Citrix ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...