Creative Ensoniq PCI ES1371 WDM Driver 5.1.3612 - Local Privilege Escalation

source: https://www.securityfocus.com/bid/27179/info Creative Ensoniq PCI ES1371 WDM drivers are prone to a local privilege-escalation vulnerability. Successful exploits allow local users to execute arbitrary machine code with kernel-level privileges, facilitating the complete compromise of...

Symantec SYMTDI.SYS Device Driver Local Elevation of Privilege

SUMMARY Some versions of Symantecs device driver SYMTDI.SYS contain a vulnerability which, if successfully exploited, could allow a local attacker to execute arbitrary code with system level privileges. Risk Impact Medium Remote Access | No ---|--- Local Access | Yes Authentication Required | Yes...

SafeNet High Assurance Remote 1.4.0 - 'IPSecDrv.sys' Remote Denial of Service

/ safenet-dos.c SafeNet HighAssurance Remote 1.4.0 Ring0 DoS win32 by John Anderson mu-b - Mar 2006 - June 2007 - Tested on: SafeNet HighAssurance Remote 1.4.0 Build 12 win32 Kernel level Ring0 DoS in IPv6 support of IPSecDrv.sys causes an infinite loop in searching option headers 0x1000BEB0. Thi...

Apple Mac OSX 10.4.8 - DMG UFS FFS_MountFS Integer Overflow

Apple Mac OSX 10.4.8 - DMG UFS FFSMountFS Integer Overflow source: https://www.securityfocus.com/bid/21993/info Apple Mac OS X is prone to a remote integer-overflow vulnerability. This issue occurs when the UFS filesystem handler fails to handle specially crafted DMG images. A successful exploit...

Apple Mac OSX 10.4.8 - DMG UFS FFS_MountFS Integer Overflow

source: https://www.securityfocus.com/bid/21993/info Apple Mac OS X is prone to a remote integer-overflow vulnerability. This issue occurs when the UFS filesystem handler fails to handle specially crafted DMG images. A successful exploit can allow a remote attacker to execute arbitrary code with...

Microsoft Windows csrss (?) memory corruption exploited in-the-wild

Dear [email protected], On one of Russian forum security vulnerability is discussed in Microsoft Windows Windows XP is tested. A vulnerability is caused by memory corruption is string beginning with "?" is send thorugh MessageBox API with MBSERVICENOTIFICATION flag. It looks like some "debug"...

CVE-2006-6385

Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers aka NDIS miniport drivers before 20061205 allows local users to execute arbitrary code with "kernel-level" privileges via an incorrect function call in certain OID handlers...

CVE-2006-6385

Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers aka NDIS miniport drivers before 20061205 allows local users to execute arbitrary code with "kernel-level" privileges via an incorrect function call in certain OID handlers...

CVE-2006-6385

CVE-2006-6385 describes a stack-based buffer overflow in Intel PRO Ethernet NDIS miniport drivers (PRO 10/100, PRO/1000, PRO/10GbE for PCI, PCI-X, PCIe) before 2006-12-05. The flaw allows a local attacker to execute arbitrary code with kernel-level privileges via an incorrect OID-handling functio...

Intel? Centrino Wireless Driver畸形帧远程代码执行漏洞

Intel 2200BG和2915ABG PRO/Wireless Network Connection Hardware是无线连接适配设备。 Windows操作系统下的Intel 2200BG和2915ABG PRO/Wireless Network Connection Hardware不正确处理畸形帧数据，远程攻击者可以利用漏洞以内核级权限执行任意指令，控制系统。 问题存在于w22n50.sys, w22n51.sys, w29n50.sys, w29n51.sys驱动中，目前没有详细漏洞细节提供。 Intel PROSet/Wireless 8, 9, 10 Intel...

Apple Mac OSX 10.4.x - Mach-O Binary Loading Integer Overflow

source: https://www.securityfocus.com/bid/21291/info Apple Mac OS X is prone to a local integer-overflow vulnerability. This issue occurs when the operating system fails to handle specially crafted binaries. A successful exploit would allow a local attacker to execute arbitrary code with...

Apple Mac OSX 10.4.x - Mach-O Binary Loading Integer Overflow

Apple Mac OSX 10.4.x - Mach-O Binary Loading Integer Overflow source: https://www.securityfocus.com/bid/21291/info Apple Mac OS X is prone to a local integer-overflow vulnerability. This issue occurs when the operating system fails to handle specially crafted binaries. A successful exploit would...

Symantec products fail to properly limit device driver access to kernel memory

Overview Certain device drivers included with Symantec products fail to properly verify address space within the "IOCTL" handlers. Description Symantec provides Anti-Virus and Internet Security products that are designed to protect users. According to Symantec Security Response SYM06-020:A...

Apple Mac OSX 10.x - AirPort Wireless Driver Multiple Buffer Overflow Vulnerabilities

Apple Mac OSX 10.x - AirPort Wireless Driver Multiple Buffer Overflow Vulnerabilities source: https://www.securityfocus.com/bid/20144/info The Apple Mac OS X AirPort wireless driver is prone to multiple buffer-overflow vulnerabilities because it fails to perform sufficient bounds checking before...

Apple Mac OSX 10.x - AirPort Wireless Driver Multiple Buffer Overflow Vulnerabilities

source: https://www.securityfocus.com/bid/20144/info The Apple Mac OS X AirPort wireless driver is prone to multiple buffer-overflow vulnerabilities because it fails to perform sufficient bounds checking before copying data to finite-sized buffers. An attacker can exploit these issues to have...

Symantec AntiVirus - IOCTL Kernel Privilege Escalation (1)

/ source: https://www.securityfocus.com/bid/20360/info Symantec AntiVirus is prone to a privilege-escalation vulnerability. Local attackers can exploit this issue to corrupt memory and execute arbitrary code with kernel-level privileges. Successful exploits may facilitate a complete system...

Symantec AntiVirus - IOCTL Kernel Privilege Escalation (1)

Symantec AntiVirus - IOCTL Kernel Privilege Escalation 1 / source: https://www.securityfocus.com/bid/20360/info Symantec AntiVirus is prone to a privilege-escalation vulnerability. Local attackers can exploit this issue to corrupt memory and execute arbitrary code with kernel-level privileges...

Intel® Centrino Wireless Driver Malformed Frame Privilege Escalation

Intel® Centrino Wireless Driver Malformed Frame Privilege Escalation Summary: A security vulnerability exists in the Microsoft Windows drivers for the Intel® 2100 PRO/Wireless Network Connection Hardware because of the way that driver handles certain requests by applications. The vulnerability...

Microsoft Server Service Mailslot vulnerable to heap overflow

Overview A buffer overflow vulnerability in the Microsoft mailslot server service may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Mailslot A mailslot is a temporary mechanism that can facilitate data transfer between hosts. Mailslots messages are limited ...

nfs-server NFS rpc.mountd buffer overflow

realpath function buffer overflow. Kernel-level nfs-utils package is not vulnerable...