Ubuntu 6.06 LTS / 6.10 / 7.04 : linux-restricted-modules-2.6.15/.17/.20 vulnerabilities (USN-479-1)

Multiple flaws in the MadWifi driver were discovered that could lead to a system crash. A physically near-by attacker could generate specially crafted wireless network traffic and cause a denial of service. CVE-2006-7177, CVE-2006-7178, CVE-2006-7179, CVE-2007-2829, CVE-2007-2830 A flaw was...

Ubuntu 7.04 : linux-source-2.6.20 vulnerabilities (USN-510-1)

A flaw was discovered in the PPP over Ethernet implementation. Local attackers could manipulate ioctls and cause kernel memory consumption leading to a denial of service. CVE-2007-2525 An integer underflow was discovered in the cpuset filesystem. If mounted, local attackers could obtain kernel...

Design/Logic Flaw

Dbgv.sys in Microsoft Sysinternals DebugView before 4.72 provides an unspecified mechanism for copying data into kernel memory, which allows local users to gain privileges via unspecified vectors...

CVE-2007-4223

Dbgv.sys in Microsoft Sysinternals DebugView before 4.72 provides an unspecified mechanism for copying data into kernel memory, which allows local users to gain privileges via unspecified vectors...

Microsoft Sysinternals DebugView privilege escalation

Dbgv.sys Driver allows any user to copy any data in kernel memory...

Solaris 10 x86/sparc sysinfo Kernel Memory Disclosure Exploit

No description provided by source. / 07/2006: public release SPARC Solaris 10 without 118833-09 x86 Solaris 10 without 118855-06 Solaris sysinfo Kernel Memory Disclosure By qaaz / include stdio.h include stdlib.h include unistd.h include string.h include sys/mman.h include sys/systeminfo.h define...

Solaris fifofs I_PEEK Kernel Memory Disclosure Exploit (x86/sparc)

No description provided by source. / 10/2007: public release SPARC Solaris 8 without 109454-06 Solaris 9 without 117471-04 Solaris 10 without 127737-01 x86 Solaris 8 without 109455-06 Solaris 9 without 117472-04 Solaris 10 without 127738-01 ...

Security feature bypass

Unspecified vulnerability in the Virtual File System VFS in Sun Solaris 10 allows local users to cause a denial of service kernel memory consumption via unspecified vectors...

CVE-2007-5367

The CVE-2007-5367 entry concerns an unspecified vulnerability in the Virtual File System (VFS) of Sun Solaris 10. The initial description states local users can cause a denial of service by consuming kernel memory via unspecified vectors. The connected documents do not supply concrete technical d...

solaris-fifofs.txt

/ 10/2007: public release SPARC Solaris 8 without 109454-06 Solaris 9 without 117471-04 Solaris 10 without 127737-01 x86 Solaris 8 without 109455-06 Solaris 9 without 117472-04 Solaris 10 without 127738-01 Solaris fifofs IPEEK Kernel Memory Disclosure By qaaz / include include include include...

Solaris (SPARCx86) - fifofs I_PEEK Kernel Memory Disclosure

Solaris SPARCx86 - fifofs IPEEK Kernel Memory Disclosure / 10/2007: public release SPARC Solaris 8 without 109454-06 Solaris 9 without 117471-04 Solaris 10 without 127737-01 x86 Solaris 8 without 109455-06 Solaris 9 without 117472-04 Solaris 10 without 127738-01 Solaris fifofs IPEEK Kernel Memory...

Solaris (SPARC/x86) - fifofs I_PEEK Kernel Memory Disclosure

/ 10/2007: public release SPARC Solaris 8 without 109454-06 Solaris 9 without 117471-04 Solaris 10 without 127737-01 x86 Solaris 8 without 109455-06 Solaris 9 without 117472-04 Solaris 10 without 127738-01 Solaris fifofs IPEEK Kernel Memory Disclosure By qaaz / include include include include...

iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability

Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability iDefense Security Advisory 10.02.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 02, 2007 I. BACKGROUND Solaris is a UNIX operating system developed by Sun Microsystems. More information can be found at the...

Code injection

The sndmemprocread function in sound/core/memalloc.c in the Advanced Linux Sound Architecture ALSA in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information kernel memory contents via a small count argument, as demonstrate...

kav/kis 6/7 vulnerabilities-vulnerability warning-the black bar safety net

Foreign famous Rootkit research site rootkit. com published an article: "Exploiting Kaspersky Antivirus 6.0-7.0" the author as EPXOFF/UG North,is famous for its anti-Rootkit tool Rootkit Unhooker,Process walker developers. The article said that Kaspersky Anti-virus software from 6. 0 to the curre...

CVE-2007-1865

The ipv6getsockoptsticky function in the kernel in Red Hat Enterprise Linux RHEL Beta 5.1.0 allows local users to obtain sensitive information kernel memory contents via a negative value of the len parameter. NOTE: this issue has been disputed in a bug comment, stating that "len is ignored when...

Buffer overflow

The ipv6getsockoptsticky function in the kernel in Red Hat Enterprise Linux RHEL Beta 5.1.0 allows local users to obtain sensitive information kernel memory contents via a negative value of the len parameter. NOTE: this issue has been disputed in a bug comment, stating that "len is ignored when...

CVE-2007-1865

The ipv6getsockoptsticky function in the kernel in Red Hat Enterprise Linux RHEL Beta 5.1.0 allows local users to obtain sensitive information kernel memory contents via a negative value of the len parameter. NOTE: this issue has been disputed in a bug comment, stating that "len is ignored when...

LTC36188-Don't allow the stack to grow into hugetlb reserved regions

mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service OOPS via unspecified vectors...

Solaris 10 (SPARCx86) - sysinfo Kernel Memory Disclosure

Solaris 10 SPARCx86 - sysinfo Kernel Memory Disclosure / 07/2006: public release SPARC Solaris 10 without 118833-09 x86 Solaris 10 without 118855-06 Solaris sysinfo Kernel Memory Disclosure By qaaz / include include include include include include define PAGECOUNT 1000 int mainint argc, char argv...