6578 matches found
IRIX syssgi system call vulnerability and other security fixes
-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: syssgi system call vulnerability and other security fixes Number: 20040601-01-P Date: June 14, 2004 Reference: SGI BUG 914420, CVE CAN-2004-0135 Reference: SGI BUG 912601, CVE CAN-2004-0136 Reference: SGI BUG 907407, CVE CAN-2004-013...
CVE-2004-0118
The component for the Virtual DOS Machine VDM subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code...
CVE-2004-0177
The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw devic...
CVE-2003-0910
The NtSetLdtEntries function in the programming interface for the Local Descriptor Table LDT in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory...
CVE-2004-0177
The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw devic...
CVE-2004-0482
Multiple integer overflows in 1 procfscmdline.c, 2 procfsfpregs.c, 3 procfslinux.c, 4 procfsregs.c, 5 procfsstatus.c, and 6 procfssubr.c in procfs for OpenBSD 3.5 and earlier allow local users to read sensitive kernel memory and possibly perform other unauthorized activities...
CVE-2004-0482
The CVE-2004-0482 issue affects OpenBSD 3.5 and earlier in procfs components (procfs_cmdline.c, procfs_fpregs.c, procfs_linux.c, procfs_regs.c, procfs_status.c, procfs_subr.c) due to multiple integer overflows. This enables local users to read sensitive kernel memory and potentially perform other...
PT-2004-1600 · Openbsd · Openbsd
Name of the Vulnerable Software and Affected Versions: OpenBSD versions 3.5 and earlier Description: The issue is related to multiple integer overflows in several procfs files for OpenBSD, including procfs cmdline.c, procfs fpregs.c, procfs linux.c, procfs regs.c, procfs status.c, and procfs...
CVE-2004-0370
The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic...
Linux Kernel 2.5.x/2.6.x - CPUFreq Proc Handler Integer Handling Memory Read
/ source: https://www.securityfocus.com/bid/10201/info A local integer handling vulnerability has been announced in the Linux kernel. It is reported that this vulnerability may be exploited by an unprivileged local user to obtain kernel memory contents. Additionally it is reported that a root use...
Linux Kernel 2.5.x2.6.x - CPUFreq Proc Handler Integer Handling Memory Read
Linux Kernel 2.5.x2.6.x - CPUFreq Proc Handler Integer Handling Memory Read / source: https://www.securityfocus.com/bid/10201/info A local integer handling vulnerability has been announced in the Linux kernel. It is reported that this vulnerability may be exploited by an unprivileged local user t...
CVE-2004-0118
The component for the Virtual DOS Machine VDM subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code...
CVE-2003-0910
The NtSetLdtEntries function in the programming interface for the Local Descriptor Table LDT in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory...
CVE-2004-0177
The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw devic...
CVE-2004-0177
CVE-2004-0177 affects Linux 2.4.x (before 2.4.26) due to improper initialization of journal descriptor blocks in ext3, causing an information leak where in-memory kernel data could be written to the device and read back via raw-device access. Impact: privileged users could obtain portions of kern...
CVE-2003-0910
CVE-2003-0910 concerns a privilege-elevation flaw in the Local Descriptor Table (LDT) interface on Windows NT 4.0 and Windows 2000. An attacker must be locally logged on to exploit by creating a malicious LDT entry to gain access to protected memory; Windows XP and Windows Server 2003 are not aff...
Microsoft Virtual DOS Machine Local Privilege Escalation Vulnerability
Description A problem exists in the Virtual DOS Machine VDM that may allow a local user to elevate their privilege level. The issue exists because an attacker may use the VDM to write arbitrary code to protected kernel memory locations. Technologies Affected Avaya DefinityOne Media Servers Avaya...
CVE-2004-0370
The CVE-2004-0370 issue affects FreeBSD 5.2 using the KAME IPv6 stack, where a programming error in setsockopt(2) handling of IPv6 socket options can allow a local attacker to read portions of kernel memory and cause a system panic. The vulnerability arises from improper validation in setsockopt(...
CVE-2004-0370
The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic...
FreeBSD-SA-04:06.ipv6
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:06.ipv6 Security Advisory The FreeBSD Project Topic: setsockopt2 IPv6 sockets input validation error Category: core Module: kernel Announced: 2004-03-29...