CVE-2008-5396

Array index error in the 1 torisa.c and 2 dahdi/tor2.c drivers in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZTSPANCONFIG...

CVE-2008-5396

Array index error in the 1 torisa.c and 2 dahdi/tor2.c drivers in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZTSPANCONFIG...

CVE-2008-5396

CVE-2008-5396 is an array index error in Zaptel (DAHDI) drivers, affecting Zaptel versions up to 1.4.11 and earlier. The flaw resides in the torisa.c and tor2.c code paths that handle the ZT_SPANCONFIG ioctl, allowing local users in the dialout group to overwrite kernel memory by writing to /dev/...

SAMBA information disclosure

Kernel memory disclosure on processing of few SMB request types...

Microsoft Windows Vista memory corruption

Kernel memory corruption on CreateIpForwardEntry2 call processing...

msvista-overflow.txt

phion Security Advisory 21/10/2008 Microsoft VISTA TCP/IP stack buffer overflow Summary ----------------------------- Microsoft Device IO Control wrapped by the iphlpapi.dll API shipping with Windows Vista 32 bit and 64 bit contains a possibly exploitable, buffer overflow corrupting kernel memory...

Microsoft Windows AFD driver privilege escalation

Kernel memory access is possible...

iSEC Partners Security Advisory - 2008-002-lenovornr - Lenovo Rescue and Recovery 4.20

iSEC Partners Security Advisory - 2008-002-lenovornr https://www.isecpartners.com -------------------------------------------- Lenovo Rescue and Recovery Local Kernel Overflow Vendor: Lenovo Vendor URL: http://www.lenovo.com Versions affected: 4.20 Systems Affected: Windows XP, Windows Vista...

VulnCheck KEV: CVE-2006-5758

The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read-write, which allows local users to cause a...

FreeBSD Security Advisory (FreeBSD-SA-03:17.procfs.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-03:17.procfs.asc ADV FreeBSD-SA-03:17.procfs.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Sof...

FreeBSD Security Advisory (FreeBSD-SA-06:18.ppp.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:18.ppp.asc ADV FreeBSD-SA-06:18.ppp.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Security Advisory (FreeBSD-SA-05:02.sendfile.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:02.sendfile.asc ADV FreeBSD-SA-05:02.sendfile.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008...

FreeBSD Security Advisory (FreeBSD-SA-05:02.sendfile.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:02.sendfile.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

FreeBSD Security Advisory (FreeBSD-SA-06:06.kmem.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:06.kmem.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

kernel: [x86_64] The string instruction version didn't zero the output on exception.

arch/x8664/lib/copyuser.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information...

USN-637-1: Linux kernel vulnerabilities

It was discovered that there were multiple NULL-pointer function dereferences in the Linux kernel terminal handling code. A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service. CVE-2008-2812 The dochangetype routine did not...

DSA-1630-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities

Bulletin has no description...

[TKADV2008-006] CA HIPS KmxFw.sys Kernel Memory Corruption

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: CA HIPS KmxFw.sys Kernel Memory Corruption Advisory ID: TKADV2008-006 Revision: 1.0 Release Date: 2008/08/12 Last Modified: 2008/08/12 Date Reported: 2008/03/08 Author: Tobias Klein tk at trapkit.de Affected Software: CA Host-Based Intrusion...

Intel Core 2 Duo T5750, Intel Atom N270 CPU cache controller bug exploit

Exploit for hardware platform in category dos / poc /---------------------------------------------------------------------------- CPU cache controller bug exploit ================================ allows you to change content of arbitrary memory cells,including the kernel memory from the user leve...

SOL8923 - Linux kernel vulnerability CVE-2007-2875

A flaw in the cpuset support allows a local user to obtain sensitive information from kernel memory. Information about this advisory is available at the following location:...