Mandriva Update for kernel MDVSA-2010:188 (kernel)

Check for the Version of kernel OpenVAS Vulnerability Test Mandriva Update for kernel MDVSA-2010:188 kernel Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

CVE-2010-3477

The CVE-2010-3477 issue affects the Linux kernel’s net/sched/act_police.c (tcf_act_police_dump) in versions before 2.6.36-rc4. The root cause is incomplete initialization of certain structure members during dump operations, allowing local users to read potentially sensitive kernel memory. The vul...

CVE-2010-2942

The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors relate...

Kingsoft Antivirus 'kavfm.sys' Buffer overflow Vulnerability

This host is installed with Kingsoft Antivirus and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: secpodkingsoftantivirusbofvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Kingsoft Antivirus 'kavfm.sys' Buffer overflow Vulnerability Authors: Madhuri D Copyright: Copyright...

CVE-2010-2803

The drmioctl function in drivers/gpu/drm/drmdrv.c in the Direct Rendering Manager DRM subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive information from kernel memory...

kernel: mm: keep a guard page below a grow-down stack segment

The doanonymouspage function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to t...

USN-974-1: Linux kernel vulnerabilities

Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as...

FreeBSD / NetBSD Coda file system information leak

Kernel memory information leak via IOCTL...

CVE-2010-3014: Coda Filesystem Kernel Memory Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Coda Filesystem Kernel Memory Disclosure Release Date: 2010-08-16 Application: Coda kernel module for NetB...

kernel: information leak via userspace USB interface

The processcomplcompat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensiti...

kernel: mm: keep a guard page below a grow-down stack segment

The doanonymouspage function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to t...

Microsoft Windows - nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks (MS10-047)

Microsoft Windows nt!SeObjectCreateSaclAccessBits missed ACE bounds checks ---------------------------------------------------------------------------- CVE-2010-1890 An ACE is an Access Control Entry, of which many may be attached to an ACL Access Control List. On Windows, an ACL can be of type...

Design/Logic Flaw

KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device...

CVE-2010-2031

CVE-2010-2031 affects KAVSafe.sys 2010.4.14.609 and earlier (used with Kingsoft Webshield 3.5.1.2 and earlier). It allows local users to overwrite arbitrary kernel memory via a crafted IOCTL 0x830020d4 request to the KAVSafe device. The NVD entry documents a local-exploit scenario with a CVSSv2 b...

CVE-2010-2031

KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device...

CVE-2010-1446

arch/powerpc/mm/fslbookemmu.c in KGDB in the Linux kernel 2.6.30 and other versions before 2.6.33, when running on PowerPC, does not properly perform a security check for access to a kernel page, which allows local users to overwrite arbitrary kernel memory, related to Fsl booke...

CVE-2010-1446

arch/powerpc/mm/fslbookemmu.c in KGDB in the Linux kernel 2.6.30 and other versions before 2.6.33, when running on PowerPC, does not properly perform a security check for access to a kernel page, which allows local users to overwrite arbitrary kernel memory, related to Fsl booke...

Rising Antivirus Drivers Multiple Local Privilege Escalation Vulnerabilities

This host is installed with Rising Antivirus and is prone to local privilege escalation vulnerability. OpenVAS Vulnerability Test $Id: gbbeijingrisingavmultlocprevesclvuln.nasl 5368 2017-02-20 14:34:16Z cfi $ Rising Antivirus Drivers Multiple Local Privilege Escalation Vulnerabilities Authors:...

Rising Antivirus Drivers Multiple Local Privilege Escalation Vulnerabilities

Rising Antivirus is prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Micropoint ProActive Denfense 'Mp110013.sys' 1.3.10123.0 - Local Privilege Escalation

/ Micropoint Proactive Denfense Mp110013.sys = 1.3.10123.0 Local Privilege Escalation Exploit VULNERABLE PRODUCTS Micropoint Proactive Denfense = 100323.1.2.10581.0285.r1 mp110013.sys = 1.3.10123.0 DETAILS: mp110013.sys handles DeviceIoControl request which tells driver...