CVE-2004-0370

The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic...

Linux Kernel 2.5.x/2.6.x - CPUFreq Proc Handler Integer Handling Memory Read

/ source: https://www.securityfocus.com/bid/10201/info A local integer handling vulnerability has been announced in the Linux kernel. It is reported that this vulnerability may be exploited by an unprivileged local user to obtain kernel memory contents. Additionally it is reported that a root use...

Linux Kernel 2.5.x2.6.x - CPUFreq Proc Handler Integer Handling Memory Read

Linux Kernel 2.5.x2.6.x - CPUFreq Proc Handler Integer Handling Memory Read / source: https://www.securityfocus.com/bid/10201/info A local integer handling vulnerability has been announced in the Linux kernel. It is reported that this vulnerability may be exploited by an unprivileged local user t...

CVE-2003-0910

The NtSetLdtEntries function in the programming interface for the Local Descriptor Table LDT in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory...

CVE-2004-0118

The component for the Virtual DOS Machine VDM subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code...

CVE-2004-0177

The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw devic...

CVE-2004-0177

CVE-2004-0177 affects Linux 2.4.x (before 2.4.26) due to improper initialization of journal descriptor blocks in ext3, causing an information leak where in-memory kernel data could be written to the device and read back via raw-device access. Impact: privileged users could obtain portions of kern...

CVE-2003-0910

CVE-2003-0910 concerns a privilege-elevation flaw in the Local Descriptor Table (LDT) interface on Windows NT 4.0 and Windows 2000. An attacker must be locally logged on to exploit by creating a malicious LDT entry to gain access to protected memory; Windows XP and Windows Server 2003 are not aff...

Microsoft Virtual DOS Machine Local Privilege Escalation Vulnerability

Description A problem exists in the Virtual DOS Machine VDM that may allow a local user to elevate their privilege level. The issue exists because an attacker may use the VDM to write arbitrary code to protected kernel memory locations. Technologies Affected Avaya DefinityOne Media Servers Avaya...

CVE-2004-0370

The CVE-2004-0370 issue affects FreeBSD 5.2 using the KAME IPv6 stack, where a programming error in setsockopt(2) handling of IPv6 socket options can allow a local attacker to read portions of kernel memory and cause a system panic. The vulnerability arises from improper validation in setsockopt(...

CVE-2004-0370

The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic...

FreeBSD-SA-04:06.ipv6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:06.ipv6 Security Advisory The FreeBSD Project Topic: setsockopt2 IPv6 sockets input validation error Category: core Module: kernel Announced: 2004-03-29...

setsockopt(2) IPv6 sockets input validation error

From the FreeBSD Security Advisory: A programming error in the handling of some IPv6 socket options within the setsockopt2 system call may result in memory locations being accessed without proper validation. It may be possible for a local attacker to read portions of kernel memory, resulting in...

CVE-2004-0114

The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vmmapfind function fails, which could allow local users to gain read or...

FreeBSD-SA-04:02.shmat

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:02.shmat Security Advisory The FreeBSD Project Topic: shmat reference counting bug Category: core Module: kernel Announced: 2004-02-05 Credits: Joost Pol...

KAME Racoon - Initial Contact SA Deletion

KAME Racoon - Initial Contact SA Deletion // source: https://www.securityfocus.com/bid/9417/info It has been reported that it may be possible for attackers to remotely delete security associations SAs in hosts running the KAME IKE daemon Racoon. / Sun Microsystems Solaris sysinfo Kernel Memory...

KAME Racoon - 'Initial Contact' SA Deletion

// source: https://www.securityfocus.com/bid/9417/info It has been reported that it may be possible for attackers to remotely delete security associations SAs in hosts running the KAME IKE daemon Racoon. / Sun Microsystems Solaris sysinfo Kernel Memory Disclosure exploit...

CVE-2003-1289

The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory memory disclosure via a large length parameter, which copies additional kernel memory into userland memory...

[Full-Disclosure] [SECURITY] [DSA-403-1] userland can access Linux kernel memory

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-403-1 [email protected] http://www.debian.org/security/ Wichert Akkerman December 1, 2003 -...

CVE-2003-1062

Unknown vulnerability in the sysinfo system call for Solaris for SPARC 2.6 through 9, and Solaris for x86 2.6, 7, and 8, allows local users to read kernel memory...