GMER 1.0.15.15641 - MFT Overwrite

include include include include include / Program : GMER 1.0.15.15641 Homepage : http://www.gmer.net Discovery : 2011/08/01 Author Contacted : 2011/08/09 Status of vuln : 0day Found by : Heurs This Advisory : Heurs Contact : [email protected] //----- Application description GMER is an application...

GMER 1.0.15.15641 MFT Overwrite

include include include include include / Program : GMER 1.0.15.15641 Homepage : http://www.gmer.net Discovery : 2011/08/01 Author Contacted : 2011/08/09 Status of vuln : 0day Found by : Heurs This Advisory : Heurs Contact : [email protected] //----- Application description GMER is an application...

GMER 1.0.15.15641 MFT Overwrite

Exploit for windows platform in category dos / poc include include include include include / Program : GMER 1.0.15.15641 Homepage : http://www.gmer.net Discovery : 2011/08/01 Author Contacted : 2011/08/09 Status of vuln : 0day Found by : Heurs This Advisory : Heurs Contact : email protected //---...

USN-1204-1: Linux kernel (i.MX51) vulnerabilities

Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. CVE-2010-3859 Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local...

kernel: drivers/scsi/mpt2sas: prevent heap overflows

Integer overflow in the ctldomptcommand function in drivers/scsi/mpt2sas/mpt2sasctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service memory corruption via an ioctl call specifying a crafted value that triggers a heap-based buffer...

kernel: drivers/scsi/mpt2sas: prevent heap overflows

drivers/scsi/mpt2sas/mpt2sasctl.c in the Linux kernel 2.6.38 and earlier does not validate 1 length and 2 offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service memory corruption, or obtain sensitive information from...

Linux Kernel perf_count_sw_cpu_clock Denial Of Service

/ Error with overflows and perf::perfcountswcpuclock / / This test will crash Linux 3.0.0 / / compile with gcc -O2 -o ofloswcpuclockcrash ofloswcpuclockcrash.c / / by Vince Weaver / define GNUSOURCE 1 include include include include include include include include include include include include...

Securstar - DriveCrypt - Local Kernel Denial of Service/Memory Disclosure/Privilege Escalation

===============================ADVISORY=============================== Advisory: Securstar - DriveCrypt - Local Kernel Denial of Service/Memory Disclosure/Privilege Escalation Advisory ID: DSEC-2011-0001 Author: Neil Kettle, Digit Security Ltd Affected Software: Securstar DriveCrypt Vendor URL:...

Design/Logic Flaw

net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability for an ethtool ioctl call...

CVE-2010-4655

net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability for an ethtool ioctl call...

CVE-2010-4655

net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability for an ethtool ioctl call...

CVE-2010-4655

CVE-2010-4655 affects the Linux kernel’s net/core/ethtool.c, where uninitialized data structures in ethtool ioctl handling could allow a local user with CAP_NET_ADMIN to leak information from kernel heap memory. The initial description specifies the vulnerability exists in kernel builds before 2....

kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls

The agpgenericremovememory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service system crash via a crafted AGPIOCUNBIND agpioctl ioctl call, a different...

USN-1167-1: Linux kernel vulnerabilities

Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. CVE-2011-1927 Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file...

USN-1160-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. CVE-2010-4529 Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc...

kernel: drivers/scsi/mpt2sas: prevent heap overflows

Integer overflow in the ctldomptcommand function in drivers/scsi/mpt2sas/mpt2sasctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service memory corruption via an ioctl call specifying a crafted value that triggers a heap-based buffer...

kernel: drivers/scsi/mpt2sas: prevent heap overflows

drivers/scsi/mpt2sas/mpt2sasctl.c in the Linux kernel 2.6.38 and earlier does not validate 1 length and 2 offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service memory corruption, or obtain sensitive information from...

Ubuntu 8.04 LTS : linux vulnerabilities (USN-1133-1)

Nelson Elhage discovered that Econet did not correctly handle AUN packets over UDP. A local attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2010-4342 Dan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. A...

SecurStar DriveCrypt 'DCR.sys' IOCTL Handling Privilege Escalation Vulnerability

SecurStar DriveCrypt is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-1133-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...