Qihoo 360 Security Guard privilege escalation

IOCTL privilege escalation...

Rising Antivirus privilege escalation

IOCTL privilege escalation...

瑞星杀病毒多个IOCTL请求处理本地特权提升漏洞

Bugraq ID: 37951 RISING Antivirus 2008/2009是国内流行的杀病毒程序。 RISING Antivirus 2008/2009不正确处理IOCTL请求，本地攻击者可以利用漏洞提升特权。 部分设备驱动RsNTGdi.sys, HookCont.sys, HookNtos.sys, HOOKREG.sys和HookSys.sys在处理IOCTLs请求时存在错误，提交特殊构建的IOCTL可破坏内核内存，导致以内核空间上下文执行任意代码。 Rising Antivirus International Rising Antivirus 2009 Rising...

TheGreenBow VPN Client privilege escalation

Buffer overflow on IOCTL processing in tgbvpn.sys...

kernel: gdth: Prevent negative offsets in ioctl

Array index error in the gdthreadevent function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request...

Linux Kernel fuse_ioctl_copy_user()函数本地拒绝服务漏洞

BUGTRAQ ID: 37453 CVECAN ID: CVE-2009-4410 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的fuse内核代码的ioctl处理器中存在拒绝服务漏洞，本地用户在某些环境下调用fuseioctlcopyuser可能会导致系统忙碌。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised

The ATI Rage 128 aka r128 driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine CCE state initialization, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly gain privileges via unspecified ioctl...

Linux Kernel Ext4 'move extents' ioctl本地特权提升漏洞

Bugraq ID: 37277 CVE ID：CVE-2009-4131 Linux是一款开放源代码的操作系统。 处理"EXT4IOCMOVEEXT" IOCTL时缺少充分的访问检查，本地攻击者发送特殊构建的IOCTL可以ROOT权限覆盖系统任意文件，导致拒绝服务或特权提升。 Linux kernel 2.6.31 5 Linux kernel 2.6.31 .2 Linux kernel 2.6.31 -rc7 Linux kernel 2.6.31 -rc6 Linux kernel 2.6.31 -rc3 + Trustix Secure Enterprise Linux 2.0...

CVE-2009-4306

CVE-2009-4306 concerns the Linux kernel’s ext4 filesystem, specifically the EXT4_IOC_MOVE_EXT (move extents) ioctl in 2.6.32-git6 and earlier. The vulnerability enables local users to trigger a denial of service through filesystem corruption via unknown vectors, and is described as distinct from ...

Linux kernel multiple security vulnerabilities

Crash on malformed IP packet defragmentation, privilege escalation with Ext4 "move extents" ioctl...

Kaspersky Anti-Virus 2010 'kl1.sys' Driver DoS Vulnerability

The host is installed with Kaspersky Anti-Virus 2010 and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbkasperskyav2010dosvuln.nasl 4918 2017-01-02 14:56:10Z cfi $ Kaspersky Anti-Virus 2010 'kl1.sys' Driver DoS Vulnerability Authors: Veerendra GG Copyright: Copyrig...

Kaspersky Anti-Virus 2010 'kl1.sys' Driver DoS Vulnerability

Kaspersky Anti-Virus 2010 is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Memory corruption

kl1.sys in Kaspersky Anti-Virus 2010 9.0.0.463, and possibly other versions before 9.0.0.736, does not properly validate input to IOCTL 0x0022c008, which allows local users to cause a denial of service system crash via IOCTL requests using crafted kernel addresses that trigger memory corruption,...

avast! 'aswRdr.sys' Buffer Overflow Vulnerability

avast! AntiVirus is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:avast:antivirus";...

CVE-2009-4049

Heap-based buffer overflow in aswRdr.sys aka the TDI RDR driver in avast! Home and Professional 4.8.1356.0 allows local users to cause a denial of service memory corruption or possibly gain privileges via crafted arguments to IOCTL 0x80002024...

Heap overflow

Heap-based buffer overflow in aswRdr.sys aka the TDI RDR driver in avast! Home and Professional 4.8.1356.0 allows local users to cause a denial of service memory corruption or possibly gain privileges via crafted arguments to IOCTL 0x80002024...

CVE-2009-4049

Heap-based buffer overflow in aswRdr.sys aka the TDI RDR driver in avast! Home and Professional 4.8.1356.0 allows local users to cause a denial of service memory corruption or possibly gain privileges via crafted arguments to IOCTL 0x80002024...

CVE-2009-4049

The CVE-2009-4049 entry concerns avast! AntiVirus for Windows (Home/Professional 4.8.1356.0) with a heap-based buffer overflow in the aswRdr.sys kernel driver (the TDI RDR driver). The underlying issue is a memory corruption condition triggered by crafted arguments sent to IOCTL 0x80002024, which...

CVE-2009-3080

Array index error in the gdthreadevent function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request...

CVE-2009-3080

Array index error in the gdthreadevent function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request...