[SECURITY] [DSA 2389-1] linux-2.6 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-2389-1 [email protected] http://www.debian.org/security/ Dann Frazier January 15, 2012 http://www.debian.org/security/faq -...

Linux Kernel 2.6.x DRM 'drivers/gpu/drm/crm_crtc.c' IOCTL本地特权提升漏洞

Bugtraq ID: 51371 Linux是一款开源的操作系统。 Linux内核存在安全漏洞，允许恶意本地用户进行拒绝服务或特权提升攻击。 "drmmodedirtyfbioctl"函数drivers/gpu/drm/crmcrtc.c存在整数溢出错误，可被利用通过发送特制IOCTLs触发内存破坏。 0 Linux Kernel 2.6.x http://secunia.com/advisories/47486/...

UBUNTU-CVE-2012-0044

Integer overflow in the drmmodedirtyfbioctl function in drivers/gpu/drm/drmcrtc.c in the Direct Rendering Manager DRM subsystem in the Linux kernel before 3.1.5 allows local users to gain privileges or cause a denial of service memory corruption via a crafted ioctl call...

Medium: kernel

Issue Overview: The Linux kernel before 3.2.2 does not properly restrict SGIO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to 1 a partition block device or 2 an LVM volume. Affected Packages: kernel Issue...

Fedora 15 : libguestfs-1.10.12-1.fc15 (2011-17388)

Fixes Security: Mitigate possible privilege escalation via SGIO ioctl CVE-2011-4127, RHBZ757071. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

WinMount 'WMDrive.sys' Driver IOCTL Handling Denial of Service Vulnerability

This host is installed with WinMount and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbwinmountdriverioctlhandlingdosvuln.nasl 5366 2017-02-20 13:55:38Z cfi $ WinMount 'WMDrive.sys' Driver IOCTL Handling Denial of Service Vulnerability Authors: Rachana Shetty...

Fedora 16 : libguestfs-1.14.8-1.fc16 (2011-17372)

Fixes Security: Mitigate possible privilege escalation via SGIO ioctl CVE-2011-4127, RHBZ757071. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

WinMount 'WMDrive.sys' Driver IOCTL Handling DoS Vulnerability

WinMount is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-5032

WMDrive.sys 3.4.181.224 in WinMount 3.5.1018 allows local users to cause a denial of service NULL pointer dereference and system crash via a crafted 0x87342000 IOCTL request to the WMDriver device...

Null pointer dereference

WMDrive.sys 3.4.181.224 in WinMount 3.5.1018 allows local users to cause a denial of service NULL pointer dereference and system crash via a crafted 0x87342000 IOCTL request to the WMDriver device...

CVE-2011-5032

WMDrive.sys 3.4.181.224 in WinMount 3.5.1018 allows local users to cause a denial of service NULL pointer dereference and system crash via a crafted 0x87342000 IOCTL request to the WMDriver device...

Linux kernel 2.6.x 'SG_IO IOCTL' SCSI请求本地特权提升漏洞

Bugtraq ID: 51176 CVE ID：CVE-2011-4127 Linux是一款开放源代码的操作系统。 Paolo Bonzini发现主机linux系统允许在分区或LVM卷上执行SGIO ioctl，并允许向底层块设备传递命令。这可进一步在虚拟化上下文利用，因为virtio磁盘通过SGIO ioctl支持有限的SCSI直通。如果分区上或LVM卷上的virtio磁盘设置为format=raw，类似sgdd的工具可用于读和写相同磁盘上的其他数据，即便这些数据属于宿主机或其他guest。 0 Linux kernel 2.6.x 厂商解决方案...

CVE-2011-4127

The Linux kernel before 3.2.2 does not properly restrict SGIO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to 1 a partition block device or 2 an LVM volume...

HTC HD7 "HTCUtility.dll" IOCTL安全限制绕过漏洞

BUGTRAQ ID: 50697 HTC HD7是采用了Windows Phone 7操作系统的智能手机。 HTC HD7在处理0x9020002C IOCTL请求时，其中的HTCUtility.dll驱动程序中存在错误，可被利用读取或写入任意内核内存。 HTC HD7 厂商补丁： HTC --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.htc.com...

Daemon Tools DoS

Crash on IOCTL processing...

CVE-2011-2909

The dodevinfoioctl function in drivers/staging/comedi/comedifops.c in the Linux kernel before 3.1 allows local users to obtain sensitive information from kernel memory via a copy of a short string...

Norman Security Suite 8 - 'nprosec.sys' Local Privilege Escalation

include include include include / Discovered by : Xst3nZ Jérémy Brun-Nouvion ---- Software ------------------------------------------------------------------------- Program : Norman Security Suite 8 Official page : http://www.norman.com/products/securitysuite/en Description : "This easy-to-use...

Norman Security Suite 8 Privilege Escalation

include include include include / Discovered by : Xst3nZ Jérémy Brun-Nouvion ---- Software ------------------------------------------------------------------------- Program : Norman Security Suite 8 Official page : http://www.norman.com/products/securitysuite/en Description : "This easy-to-use...

Norman Security Suite 8 (nprosec.sys) Local Privilege Escalation 0day

Exploit for windows platform in category remote exploits include include include include / Discovered by : Xst3nZ Jérémy Brun-Nouvion ---- Software ------------------------------------------------------------------------- Program : Norman Security Suite 8 Official page :...

GMER 1.0.15.15641 - MFT Overwrite

GMER 1.0.15.15641 - MFT Overwrite include include include include include / Program : GMER 1.0.15.15641 Homepage : http://www.gmer.net Discovery : 2011/08/01 Author Contacted : 2011/08/09 Status of vuln : 0day Found by : Heurs This Advisory : Heurs Contact : [email protected] //----- Application...