CVE-2008-7107

easdrv.sys in ESET Smart Security 3.0.667.0 allows local users to cause a denial of service crash via a crafted IOCTL 0x222003 request to the \.\easdrv device interface...

Null pointer dereference

The tgbvpn.sys driver in TheGreenBow IPSec VPN Client 4.61.003 allows local users to cause a denial of service NULL pointer dereference and system crash via a crafted request to the 0x80000034 IOCTL, probably involving an input or output buffer size of 0...

CVE-2009-0682

vetmonnt.sys in CA Internet Security Suite r3, vetmonnt.sys before 9.0.0.184 in Internet Security Suite r4, and vetmonnt.sys before 10.0.0.217 in Internet Security Suite r5 do not properly verify IOCTL calls, which allows local users to cause a denial of service system crash via a crafted call...

CA20090818-02: Security Notice for CA Internet Security Suite

CA20090818-02: Security Notice for CA Internet Security Suite Issued: August 18, 2009 CA's technical support is alerting customers to a security risk with CA Internet Security Suite. A vulnerability exists that can allow a local attacker to cause a denial of service. CA has issued updates to...

TheGreenBow VPN Client tgbvpn.sys Local DoS Exploit

No description provided by source. Author: Giuseppe 'Evilcry' Bonfa' E-Mail: evilcry AT GMAIL DOT COM Website: http://evilcry.netsons.org http://evilcodecave.blogspot.com http://evilcodecave.wordpress.com http://evilfingers.com http://malwareAnalytics.com under construction Release Date: 15/08/20...

TheGreenBow VPN Client - tgbvpn.sys Local Denial of Service

TheGreenBow VPN Client - tgbvpn.sys Local Denial of Service Author: Giuseppe 'Evilcry' Bonfa' E-Mail: evilcry AT GMAIL DOT COM Website: http://evilcry.netsons.org http://evilcodecave.blogspot.com http://evilcodecave.wordpress.com http://evilfingers.com http://malwareAnalytics.com under constructi...

TheGreenBow VPN Client tgbvpn.sys Local DoS Exploit

Exploit for unknown platform in category dos / poc =================================================== TheGreenBow VPN Client tgbvpn.sys Local DoS Exploit =================================================== Author: Giuseppe 'Evilcry' Bonfa' Release Date: 15/08/2009...

TheGreenBow VPN Client - 'tgbvpn.sys' Local Denial of Service

Author: Giuseppe 'Evilcry' Bonfa' E-Mail: evilcry AT GMAIL DOT COM Website: http://evilcry.netsons.org http://evilcodecave.blogspot.com http://evilcodecave.wordpress.com http://evilfingers.com http://malwareAnalytics.com under construction Release Date: 15/08/2009...

CVE-2008-6962

Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel pointer...

Design/Logic Flaw

Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel pointer...

CVE-2008-6962

Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel pointer...

CVE-2008-6962

CVE-2008-6962 affects Avira AntiVir products (Premium/ Premium Security Suite/ Professional/ Personal - FREE). The issue stems from a crafted IOCTL request that overwrites a kernel pointer, enabling local code execution. NVD lists CVSSv2 base score 7.2 (HIGH) with LOCAL attack, low complexity, no...

Microsoft Windows消息队列服务本地权限提升漏洞（MS09-040）

BUGTRAQ ID: 35969 CVECAN ID: CVE-2009-1922 Microsoft Windows是微软发布的非常流行的操作系统。 由于对消息队列服务所发布的IOCTL请求解析中存在缺陷，导致Windows消息队列服务（MSMQ）中存在一个权限提升漏洞。MSMQ服务在将输入数据传递到缓冲区之前没有正确地检查这些字符串。成功利用此漏洞的攻击者可执行任意代码，并可完全控制受影响的系统。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。 Microsoft Windows XP SP2 Microsoft Windows Vista...

FreeBSD IATA驱动本地拒绝服务漏洞

CVECAN ID: CVE-2009-2649 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 FreeBSD所使用的IATA（ATA）驱动中存在安全漏洞。如果本地用户能够读访问/dev的话，就可以通过特制的IOCTL请求触发用很大的值调用malloc，导致内核忙碌。 FreeBSD FreeBSD 8.0 FreeBSD FreeBSD 6.0 厂商补丁： FreeBSD ------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

Cross site request forgery (csrf)

The IATA ata driver in FreeBSD 6.0 and 8.0, when read access to /dev is available, allows local users to cause a denial of service kernel panic via a certain IOCTL request with a large count, which triggers a malloc call with a large value...

CVE-2009-2649

The IATA ata driver in FreeBSD 6.0 and 8.0, when read access to /dev is available, allows local users to cause a denial of service kernel panic via a certain IOCTL request with a large count, which triggers a malloc call with a large value...

CVE-2009-2649

CVE-2009-2649 affects the FreeBSD IATA (ATA) driver on FreeBSD 6.0 and 8.0. If an attacker has read access to /dev, a crafted IOCTL request with a large count can trigger a malloc call with a large value, causing a local denial-of-service (kernel panic). The exploit requires local access and is d...

FreeBSD 6/8 (ata device) Local Denial of Service Exploit

No description provided by source. / atapanic.c by Shaun Colley, 13 July 2009 this panics the freebsd kernel by passing a large value to malloc9 in one of fbsd's ata ioctl's. tested on freebsd 6.0 and 8.0. you need read access to the ata device in /dev to be able to open the device. chain with so...

CVE-2009-2450

The CVE-2009-2450 issue affects the OAmon.sys kernel driver (version 3.1.0.0 and earlier) used by Tall Emu Online Armor Personal Firewall AV+ (before 3.5.0.12) and Online Armor Personal Firewall 3.5 (before 3.5.0.14). The vulnerability allows local users to gain privileges via crafted METHOD_NEIT...

FreeBSD 6/8 - ata Device Local Denial of Service

/ atapanic.c by Shaun Colley, 13 July 2009 this panics the freebsd kernel by passing a large value to malloc9 in one of fbsd's ata ioctl's. tested on freebsd 6.0 and 8.0. you need read access to the ata device in /dev to be able to open the device. chain with some race condition bug? - shaun /...