Design/Logic Flaw

FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the SIOCSIFINFOIN6 IOCTL, which allows local users to modify or disable IPv6 network interfaces, as demonstrated by modifying the MTU...

CVE-2009-2208

The CVE-2009-2208 issue affects FreeBSD 6.3, 6.4, 7.1, and 7.2 where permissions are not enforced on the SIOCSIFINFO_IN6 IOCTL. This allows local users to modify or disable IPv6 network interfaces (e.g., MTU) due to improper access controls. The vulnerability is documented in FreeBSD SA-09:10 IPv...

FreeBSD IPv6 SIOCSIFINFO_IN6权限检查绕过安全限制漏洞

BUGTRAQ ID: 35285 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 IPv6是用于替换当前IPv4的新一代Internet协议，可通过ioctl2接口配置FreeBSD IPv6网络栈的很多属性。由于SIOCSIFINFOIN6 ioctl缺少必要的权限检查，本地用户（包括非root用户和牢笼中用户）可以设置一些IPv6接口属性，包括更改链路MTU和完全禁用接口。请注意这个漏洞只影响IPv6，无法利用这个漏洞影响IPv4功能。 FreeBSD FreeBSD 7.2 FreeBSD FreeBSD 7.1 FreeBSD FreeBS...

FreeBSD Security Advisory FreeBSD-SA-09:10.ipv6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:10.ipv6 Security Advisory The FreeBSD Project Topic: Missing permission check on SIOCSIFINFOIN6 ioctl Category: core Module: netinet6 Announced: 2009-06-10...

Online Armor个人防火墙IOCTL请求本地权限提升漏洞

BUGTRAQ ID: 35227 Online Armor是澳大利亚Tall Emu开发的个人防火墙。 Online Armor防火墙的OAmon.sys驱动在处理用户所提交的IOCTL请求时没有执行正确的地址空间验证，本地非特权用户可以向任意地址写入任意数据，导致执行任意内核态代码。 ... .text:00013E8D @@ioctl830020C3: .text:00013E8D mov eax, ebp+OutputBuffer ; UserBuffer .text:00013E90 mov dword ptr eax, 1 ; UserBuffer0 = 1...

ArcaVir AntiVirus Products Privilege Escalation Vulnerability

ArcaVir AntiVirus Products is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2009-1824

The psdrv.sys kernel driver in ArcaBit ArcaVir 2009 Antivirus Protection 9.4.3201.9 and earlier, ArcaVir 2009 Internet Security 9.4.3202.9 and earlier, ArcaVir 2009 System Protection 9.4.3203.9 and earlier, and ArcaBit 2009 Home Protection 9.4.3204.9 and earlier, allows local users to gain...

CVE-2009-1824

The psdrv.sys kernel driver in ArcaBit ArcaVir 2009 Antivirus Protection 9.4.3201.9 and earlier, ArcaVir 2009 Internet Security 9.4.3202.9 and earlier, ArcaVir 2009 System Protection 9.4.3203.9 and earlier, and ArcaBit 2009 Home Protection 9.4.3204.9 and earlier, allows local users to gain...

CVE-2009-1478

Multiple unspecified vulnerabilities in the DTrace ioctl handlers in Sun Solaris 10, and OpenSolaris before snv114, allow local users to cause a denial of service panic via unknown vectors...

CVE-2009-1478

CVE-2009-1478 affects Sun Solaris 10 (x86 and SPARC) and OpenSolaris prior to snv_114, due to multiple unspecified vulnerabilities in the DTrace ioctl handlers that can cause a local denial of service (panic). Nessus/OpenVAS entries describe patch-based mitigations: Solaris 10 patch 141766-01 (x8...

CVE-2009-1478

Multiple unspecified vulnerabilities in the DTrace ioctl handlers in Sun Solaris 10, and OpenSolaris before snv114, allow local users to cause a denial of service panic via unknown vectors...

CentOS 4 : kernel (CESA-2007:0939)

Updated kernel packages that fix various security issues in the Red Hat Enterprise Linux 4 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel is the core of the operating system. These updated kernel...

CVE-2009-0681

PGP Desktop before 9.10 allows local users to 1 cause a denial of service crash via a crafted IOCTL request to pgpdisk.sys, and 2 cause a denial of service crash and execute arbitrary code via a crafted IRP in an IOCTL request to pgpwded.sys...

CVE-2009-0681

PGP Desktop before 9.10 is affected by local DoS and code execution vulnerabilities in two IOCTL handlers. Specifically, pgpdisk.sys and pgpwded.sys fail to properly validate Irp/buffer data, allowing local attackers to crash the system or, for pgpwded.sys, crash or execute arbitrary code with SY...

PGP Desktop privilege escalation

Multiple vulnerabilities on IOCTL processing...

Mandriva Update for kernel MDKSA-2007:195 (kernel)

Check for the Version of kernel OpenVAS Vulnerability Test Mandriva Update for kernel MDKSA-2007:195 kernel Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Mandriva Update for kernel MDVSA-2008:224 (kernel)

Check for the Version of kernel OpenVAS Vulnerability Test Mandriva Update for kernel MDVSA-2008:224 kernel Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

CVE-2009-1146

Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 allows local users to cause a denial of service via...

CVE-2009-1146

Affected software: VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745. Vulnerability: An unspecified DoS issue exists in the ioctl handling of hcmon.sys, enablin...

CVE-2009-1146

Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 allows local users to cause a denial of service via...