5899 matches found
Solaris 8/9/10 - 'fifofs I_PEEK' Local Kernel Memory Leak
/ $Id: raptorpeek.c,v 1.1 2007/10/18 08:09:02 raptor Exp $ raptorpeek.c - Solaris fifofs IPEEK kernel memory leak Copyright c 2007 Marco Ivaldi Lame integer signedness error in FIFO filesystems named pipes on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory...
Solaris 8/9/10 fifofs I_PEEK Local Kernel memory Leak Exploit
Exploit for solaris platform in category local exploits ============================================================= Solaris 8/9/10 fifofs IPEEK Local Kernel memory Leak Exploit ============================================================= / $Id: raptorpeek.c,v 1.1 2007/10/18 08:09:02 raptor Exp...
SafeGuard PrivateDisk 2.02.3 - privatediskm.sys Multiple Local Security Bypass Vulnerabilities
SafeGuard PrivateDisk 2.02.3 - privatediskm.sys Multiple Local Security Bypass Vulnerabilities // source: https://www.securityfocus.com/bid/45749/info SafeGuard PrivateDisk is prone to multiple local security-bypass vulnerabilities. Attackers with physical access to a computer with the affected...
Design/Logic Flaw
IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRVIOCTL IOCTL request...
CVE-2008-0573
IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRVIOCTL IOCTL request...
CVE-2008-0573
The CVE-2008-0573 entry concerns IPSecDrv.sys version 10.4.0.12 used by SafeNET HighAssurance Remote and SoftRemote. The vulnerability arises from a crafted IPSECDRV_IOCTL IOCTL request that can let local users escalate privileges, as documented in the NVD entry. Connected documents corroborate t...
SafeNet 10.4.0.12 - IPSecDrv.sys Local kernel Ring0 SYSTEM
SafeNet 10.4.0.12 - IPSecDrv.sys Local kernel Ring0 SYSTEM / safenet-ipsec-call.c Copyright c 2008 by Safenet IPSecDrv.sys include include include define IPSECDRVIOCTL 0x80002064 define ARGSIZEa a/sizeof void static unsigned char win32fixup = "\x53" "\x52"; static unsigned char win2k3ring0shell =...
Null pointer dereference
OpenBSD 4.2 allows local users to cause a denial of service kernel panic by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return value from the rtlabelid2name function is not checked...
CVE-2008-0384
OpenBSD 4.2 allows local users to cause a denial of service kernel panic by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return value from the rtlabelid2name function is not checked...
CVE-2008-0384
OpenBSD 4.2 is affected. Local users can cause a kernel panic by invoking the SIOCGIFRTLABEL IOCTL on an interface without a route label, triggering a NULL pointer dereference when the return value from rtlabel_id2name isn’t checked. The concrete root cause is an unchecked rtlabel_id2name result ...
openbsd-deref.txt
/ OpenBSD 4.2 rtlabelid2name SIOCGIFRTLABEL ioctl Null Pointer Dereference local Denial of Service Exploit by Hunger Advisory: http://marc.info/?l=openbsd-security-announce&m=120007327504064 FOR TESTING PURPOSES ONLY! $ uname -mrsv OpenBSD 4.2 GENERIC375 i386 $ id uid=1000hunger gid=1000hunger...
Buffer overflow
Multiple buffer overflows in CORE FORCE before 0.95.172 allow local users to cause a denial of service system crash and possibly execute arbitrary code in the kernel context via crafted arguments to 1 IOCTL functions in the Firewall module or 2 SSDT hook handler functions in the Registry module...
CVE-2008-0365
Multiple buffer overflows in CORE FORCE before 0.95.172 allow local users to cause a denial of service system crash and possibly execute arbitrary code in the kernel context via crafted arguments to 1 IOCTL functions in the Firewall module or 2 SSDT hook handler functions in the Registry module...
CVE-2008-0365
Multiple buffer overflows in CORE FORCE before 0.95.172 allow local users to cause a denial of service system crash and possibly execute arbitrary code in the kernel context via crafted arguments to 1 IOCTL functions in the Firewall module or 2 SSDT hook handler functions in the Registry module...
OpenBSD 4.2 - rtlabel_id2name() Local Null Pointer Dereference Denial of Service
OpenBSD 4.2 - rtlabelid2name Local Null Pointer Dereference Denial of Service / OpenBSD 4.2 rtlabelid2name SIOCGIFRTLABEL ioctl Null Pointer Dereference local Denial of Service Exploit by Hunger Advisory: http://marc.info/?l=openbsd-security-announce&m=120007327504064 FOR TESTING PURPOSES ONLY! $...
OpenBSD 4.2 rtlabel_id2name() Local Null Pointer Dereference DoS
Exploit for bsd platform in category dos / poc ================================================================ OpenBSD 4.2 rtlabelid2name Local Null Pointer Dereference DoS ================================================================ / OpenBSD 4.2 rtlabelid2name SIOCGIFRTLABEL ioctl Null...
OpenBSD 4.2 - 'rtlabel_id2name()' Local Null Pointer Dereference Denial of Service
/ OpenBSD 4.2 rtlabelid2name SIOCGIFRTLABEL ioctl Null Pointer Dereference local Denial of Service Exploit by Hunger Advisory: http://marc.info/?l=openbsd-security-announce&m=120007327504064 FOR TESTING PURPOSES ONLY! $ uname -mrsv OpenBSD 4.2 GENERIC375 i386 $ id uid=1000hunger gid=1000hunger...
CVE-2008-0324
Cisco Systems VPN Client IPSec Driver CVPNDRVA.sys 5.0.02.0090 allows local users to cause a denial of service crash by calling the 0x80002038 IOCTL with a small size value, which triggers memory corruption...
OpenBSD rtlabel_id2name()本地拒绝服务漏洞
BUGTRAQ ID: 27252 OpenBSD是一款开放源代码Unix类操作系统。 OpenBSD中对ifconfig rtlabel的rtlabelid2name调用没有正确地验证返回值,如果没有分配标记或ID无效的话rtlabelid2name就可能返回空。本地攻击者可以通过在没有分配路由标记的接口上使用SIOCGIFRTLABEL ioctl导致内核忙碌。 OpenBSD 4.2 厂商补丁: OpenBSD ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Linux multiple security vulnerabilities
DoS with minix filesystem, integer overflow in hrtimer subsystem, buffer overflow on ISDN IOCTL handling, invalid coredump files handling...