CVE-2008-5744

Array index error in the dahdi/tor2.c driver in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to an incorrect tor2 patch for CVE-2008-5396 that uses the wrong variable in a range check...

Design/Logic Flaw

Array index error in the dahdi/tor2.c driver in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to an incorrect tor2 patch for CVE-2008-5396 that uses the wrong variable in a range check...

CVE-2008-5744

Array index error in the dahdi/tor2.c driver in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to an incorrect tor2 patch for CVE-2008-5396 that uses the wrong variable in a range check...

CVE-2008-5744

CVE-2008-5744 describes an array index error in the zaptel/DAHDI driver (dahdi/tor2.c) that allows local users in the dialout group to overwrite kernel memory by writing to /dev/zap/ctl. Affected: Zaptel/DAHDI versions up to 1.4.11 (and related patches). The root cause relates to an incorrect tor...

CVE-2008-5744

Array index error in the dahdi/tor2.c driver in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to an incorrect tor2 patch for CVE-2008-5396 that uses the wrong variable in a range check...

CVE-2008-5396

Array index error in the 1 torisa.c and 2 dahdi/tor2.c drivers in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZTSPANCONFIG...

CVE-2008-5396

Array index error in the 1 torisa.c and 2 dahdi/tor2.c drivers in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZTSPANCONFIG...

Design/Logic Flaw

Array index error in the 1 torisa.c and 2 dahdi/tor2.c drivers in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZTSPANCONFIG...

CVE-2008-5396

Array index error in the 1 torisa.c and 2 dahdi/tor2.c drivers in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZTSPANCONFIG...

CVE-2008-5396

CVE-2008-5396 is an array index error in Zaptel (DAHDI) drivers, affecting Zaptel versions up to 1.4.11 and earlier. The flaw resides in the torisa.c and tor2.c code paths that handle the ZT_SPANCONFIG ioctl, allowing local users in the dialout group to overwrite kernel memory by writing to /dev/...

SAMBA information disclosure

Kernel memory disclosure on processing of few SMB request types...

Microsoft Windows Vista memory corruption

Kernel memory corruption on CreateIpForwardEntry2 call processing...

msvista-overflow.txt

phion Security Advisory 21/10/2008 Microsoft VISTA TCP/IP stack buffer overflow Summary ----------------------------- Microsoft Device IO Control wrapped by the iphlpapi.dll API shipping with Windows Vista 32 bit and 64 bit contains a possibly exploitable, buffer overflow corrupting kernel memory...

Microsoft Windows AFD driver privilege escalation

Kernel memory access is possible...

iSEC Partners Security Advisory - 2008-002-lenovornr - Lenovo Rescue and Recovery 4.20

iSEC Partners Security Advisory - 2008-002-lenovornr https://www.isecpartners.com -------------------------------------------- Lenovo Rescue and Recovery Local Kernel Overflow Vendor: Lenovo Vendor URL: http://www.lenovo.com Versions affected: 4.20 Systems Affected: Windows XP, Windows Vista...

VulnCheck KEV: CVE-2006-5758

The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read-write, which allows local users to cause a...

FreeBSD Security Advisory (FreeBSD-SA-03:17.procfs.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-03:17.procfs.asc ADV FreeBSD-SA-03:17.procfs.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Sof...

FreeBSD Security Advisory (FreeBSD-SA-06:18.ppp.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:18.ppp.asc ADV FreeBSD-SA-06:18.ppp.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Security Advisory (FreeBSD-SA-05:02.sendfile.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:02.sendfile.asc ADV FreeBSD-SA-05:02.sendfile.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008...

FreeBSD Security Advisory (FreeBSD-SA-05:02.sendfile.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:02.sendfile.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...