[SECURITY] Fedora 12 Update: fuse-encfs-1.7.2-1.fc12

EncFS implements an encrypted filesystem in userspace using FUSE. FUSE provides a Linux kernel module which allows virtual filesystems to be writt en in userspace. EncFS encrypts all data and filenames in the filesystem and passes access through to the underlying filesystem. Similar to CFS except...

CVE-2010-3014

The CVE-2010-3014 issue affects the Coda filesystem kernel module used in FreeBSD and NetBSD. A missing validation on the ViceIoctl out_size field (in a Coda ioctl path via Venus with /coda mounted) allows an unprivileged local user to read kernel heap memory by copying more data than intended, e...

Kingsoft WebShield KAVSafe.sys Privilege Escalation

Kingsoft WebShield KAVSafe.sys = 2010.4.14.6092010.5.23 Kernel Mode Local Privilege Escalation Vulnerability VULNERABLE PRODUCTS Kingsoft WebShield = 3.5.1.2 2010.5.23 Signature Date: 2010-5-23 2:33:54 And KAVSafe.sys = 2010.4.14.609 Signature Date：2010-4-14 13:42:26 DETAILS: Kavsafe.sys create a...

Kingsoft Webshield KAVSafe.sys 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation

Kingsoft Webshield KAVSafe.sys 2010.4.14.609 2010.5.23 - Kernel Mode Privilege Escalation / Kingsoft WebShield KAVSafe.sys = 2010.4.14.6092010.5.23 Kernel Mode Local Privilege Escalation Vulnerability VULNERABLE PRODUCTS Kingsoft WebShield = 3.5.1.2 2010.5.23 Signature Date: 2010-5-23 2:33:54 And...

Kingsoft WebShield KAVSafe.sys <= 2010.4.14.609(2010.5.23) Local Priv

Exploit for linux platform in category local exploits ============================================================================================= Kingsoft WebShield KAVSafe.sys = 2010.4.14.6092010.5.23 Kernel Mode Local Priv. Escalation...

CVE-2010-1591

Beijing Rising International Rising Antivirus 2008 through 2010 does not properly validate input to certain IOCTLs, including 0x83003C07, which allows local users to gain privileges via crafted IOCTL requests to the 1 HookCont.sys, 2 HookNtos.sys, 3 HOOKREG.sys, or 4 HookSys.sys device driver; or...

Design/Logic Flaw

Beijing Rising International Rising Antivirus 2008 through 2010 does not properly validate input to certain IOCTLs, including 0x83003C07, which allows local users to gain privileges via crafted IOCTL requests to the 1 HookCont.sys, 2 HookNtos.sys, 3 HOOKREG.sys, or 4 HookSys.sys device driver; or...

CVE-2010-1591

Beijing Rising International Rising Antivirus 2008 through 2010 does not properly validate input to certain IOCTLs, including 0x83003C07, which allows local users to gain privileges via crafted IOCTL requests to the 1 HookCont.sys, 2 HookNtos.sys, 3 HOOKREG.sys, or 4 HookSys.sys device driver; or...

[SECURITY] [DSA 2015-1] New drbd8 packages fix privilege escalation

------------------------------------------------------------------------ Debian Security Advisory DSA-2015 [email protected] http://www.debian.org/security/ Dann Frazier March 15, 2010 http://www.debian.org/security/faq - ------------------------------------------------------------------------...

DSA-2015-1 drbd8 linux-modules-extra-2.6 - privilege escalation

Bulletin has no description...

SuSE 11.2 Security Update: kmps (2009-10-28)

This update contains kernel module packages for the openSUSE 11.2 RC1 test kernel update. It contains all kernel module packages. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if !...

SuSE 11 Security Update : KVM (SAT Patch Number 1166)

The KVM technology available as Technical Preview in SUSE Linux Enterprise has been updated to version 0.10.5. While a minor security issue was fixed, this mainly is a huge version update. Changelog : - 'info chardev' monitor command - automatic port allocation for vnc and similar - improved cdro...

CVE-2009-3000

The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv41 through snv122, when Network Cache Accelerator NCA logging is enabled, allows remote attackers to cause a denial of service panic via unspecified web-server traffic that triggers a NULL pointer dereference in the nl7chttplog...

openSUSE Security Update : kmps (kmps-562)

This update contains kernel module packages for the first openSUSE 11.1 kernel update. It contains all kernel module packages. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update kmps-562. The tex...

Sun Solaris NFS Version 4内核模块本地拒绝服务漏洞

Bugraq ID: 35714 CNCAN ID：CNCAN-2009071704 Sun Solaris是一款商业性质的操作系统。 Sun Solaris NFSv4内核模块存在安全问题，本地攻击者可以利用漏洞使NFSv4客户端崩溃。 目前没有详细漏洞细节提供。 Sun Solaris 10x86 Sun Solaris 10.0 Sun OpenSolaris build snv119 Sun OpenSolaris build snv118 Sun OpenSolaris build snv117 Sun OpenSolaris build snv116 Sun...

Code injection

The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv119, does not properly implement the nfsportmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors...

MDKA-2007:124 : openafs

This update addresses the following bugs in the openafs package: The openafs kernel module does not work on the x8664 platform, triggering a kernel oops as soon as it is loaded. The openafs package was compiled with wrong gcc 4.2 compiler optimisations which prevented it from listing directory...

[SECURITY] [DSA 1768-1] New openafs packages potential code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1768-1 [email protected] http://www.debian.org/security/ Florian Weimer April 10, 2009 http://www.debian.org/security/faq -...

Debian DSA-1768-1 : openafs - several vulnerabilities

Two vulnerabilities were discovered in the client part of OpenAFS, a distributed file system. - CVE-2009-1251 An attacker with control of a file server or the ability to forge RX packets may be able to execute arbitrary code in kernel mode on an OpenAFS client, due to a vulnerability in XDR array...

[Backports-security-announce] Security Update for openafs

Russ Allbery uploaded new packages for openafs a distributed file system which fixed the following security problems: CVE-2009-1251 An attacker with control of a file server or the ability to forge RX packets may be able to execute arbitrary code in kernel mode on an OpenAFS client, due to a...