1146 matches found
CVE-2002-1296
CVE-2002-1296 affects Sun Solaris priocntl(2): an attacker with local privileges can exploit directory traversal in the pc_clname field of a pcinfo_t structure to cause priocntl to load a kernel module, achieving superuser code execution. The vulnerability stems from priocntl(2) not adequately va...
Mandrake Linux Security Advisory : kernel (MDKSA-2003:038-1)
A bug in the kernel module loader code could allow a local user to gain root privileges. This is done by a local user using ptrace and attaching to a modprobe process that is spawned if the user triggers the loading of a kernel module. A temporary workaround can be used to defend against this fla...
security flaw
kmod in the Linux kernel does not set its uid, suid, gid, or sgid to 0, which allows local users to cause a denial of service crash by sending certain signals to kmod...
Solaris vfs_getvfssw() call directory traversal
Vulnerability allow local user to load kernel module...
Sun Solaris 2.6/7.0/8/9 - vfs_getvfssw function Privilege Escalation
source: https://www.securityfocus.com/bid/9962/info It has been reported that Sun Solaris may be prone to a local privilege escalation vulnerability that may allow an attacker to gain root access to a vulnerable system. The issue exists due to insufficient sanitization of user-supplied data via t...
linux kmod/ptrace bug - details
Hello There are many discussions on slashdot for example on the recent linux ptrace & kmod bug. I'll try to clarify what is this all about. It's a local root vulnerability. It's exploitable only if: 1. the kernel is built with modules and kernel module loader enabled and 2...
Sun Solaris priocntl(2) does not adequately validate path to kernel modules that implement lightweight process (LWP) scheduling policy
Overview The Sun Solaris priocntl2 function does not adequately validate a memory structure that specifies the name of a kernel module. As a result, a local attacker could execute arbitrary code with superuser privileges on a vulnerable system. Description The Sun Solaris priocntl2 function...
CVE-2001-1181
Dynamically Loadable Kernel Module dlkm static kernel symbol table in HP-UX 11.11 is not properly configured, which allows local users to gain privileges...
CVE-2001-0822
FPF kernel module 1.0 allows a remote attacker to cause a denial of service via fragmented packets...
CVE-2001-0822
FPF kernel module 1.0 allows a remote attacker to cause a denial of service via fragmented packets...
slackware.init.txt
I posted this to the linux kernel mailing last Friday, July 13th 2001: Submitted by : Josh [email protected], lockdown [email protected] on July 16th, 2001 Vulnerability : /lib/modules/2.4.5/modules.dep Tested On : Slackware 8.0. 2.4.5 Local : Yes Remote : No Temporary Fix : umask 022 at...
CVE-2001-1181
Dynamically Loadable Kernel Module dlkm static kernel symbol table in HP-UX 11.11 is not properly configured, which allows local users to gain privileges...
CylantSecure 1.0 - Kernel Module Syscall Rerouting
CylantSecure 1.0 - Kernel Module Syscall Rerouting / source: https://www.securityfocus.com/bid/2958/info CylantSecure is a commercial Linux hardening tool and security infrastructure available from Cylant Technology. A problem in the CylantSecure infrastructure could allow users to escape...
CylantSecure 1.0 - Kernel Module Syscall Rerouting
/ source: https://www.securityfocus.com/bid/2958/info CylantSecure is a commercial Linux hardening tool and security infrastructure available from Cylant Technology. A problem in the CylantSecure infrastructure could allow users to escape monitoring. A user with root access may load a module that...
Buffer oveflow in FTPFS (linux kernel module)
FTPFS http://sourceforge.net/projects/ftpfs is a Linux kernel module, enhancing VFS with FTP volume mounting capabilities. However, it has insufficient bounds checking. If a user can enter mount options through a wrapper, he can take over the whole system, even with restricted capabilities. Here'...
FTPFS 0.1.10.2.10.2.2 - mount Buffer Overflow
FTPFS 0.1.10.2.10.2.2 - mount Buffer Overflow source: https://www.securityfocus.com/bid/2498/info FTPFS is a Linux kernel module allowing users to mount remote files from any standard FTP server as a local filesystem. A version of FTPFS is vulnerable to a buffer overflow leading to a denial of...
FTPFS 0.1.1/0.2.1/0.2.2 - mount Buffer Overflow
source: https://www.securityfocus.com/bid/2498/info FTPFS is a Linux kernel module allowing users to mount remote files from any standard FTP server as a local filesystem. A version of FTPFS is vulnerable to a buffer overflow leading to a denial of service, and potentially execution of arbitrary...
[SECURITY] New version of modutils released
Package: modutils Vulnerability: local exploit Debian-specific: no Sebastian Krahmer found a problem in the modprobe utility that could be exploited by local users to run arbitrary commands as root if the machine is running a kernel with kmod enabled. The kmod kernel feature allows the kernel to...
SuSE Security Announcement: modules
-----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: modules Announcement-ID: SuSE-SA:2000:44 Date: Monday, November 13th, 2000 10:00 MEST Affected SuSE versions: 6.4, 7.0 Vulnerability Type: local root compromise Severity 1-10: 8 SuSE default package: yes Other affected systems...
FreeBSD-SA-00:42.linux
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:42 Security Advisory FreeBSD, Inc. Topic: Linux binary compatability mode can cause system compromise Category: core Module: kernel Announced: 2000-08-28 Credits: Boris...