CVE-2004-0495

Summary: CVE-2004-0495 refers to multiple vulnerabilities in Linux kernel 2.4 and 2.6, identified by the Sparse source-checking tool, that can allow local privilege escalation or access to kernel memory. Affected software: Linux kernel for 2.4 and 2.6 series. Root cause/impact: local attacker cou...

CVE-2004-0495

Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool...

CVE-2004-0135

The syssgi SGIIOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and writing to kernel memory...

CVE-2004-0135

The CVE-2004-0135 entry concerns the SGI IO system call SGI_IOPROBE in IRIX 6.5.20–6.5.24, which allows local users to gain privileges by reading and writing kernel memory. The vulnerability is confirmed in multiple sources: NVD/NVD entry already specifies the affected IRIX versions and the local...

IRIX syssgi system call vulnerability and other security fixes

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: syssgi system call vulnerability and other security fixes Number: 20040601-01-P Date: June 14, 2004 Reference: SGI BUG 914420, CVE CAN-2004-0135 Reference: SGI BUG 912601, CVE CAN-2004-0136 Reference: SGI BUG 907407, CVE CAN-2004-013...

CVE-2004-0177

The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw devic...

CVE-2004-0177

The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw devic...

CVE-2003-0910

The NtSetLdtEntries function in the programming interface for the Local Descriptor Table LDT in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory...

CVE-2004-0118

The component for the Virtual DOS Machine VDM subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code...

CVE-2004-0482

Multiple integer overflows in 1 procfscmdline.c, 2 procfsfpregs.c, 3 procfslinux.c, 4 procfsregs.c, 5 procfsstatus.c, and 6 procfssubr.c in procfs for OpenBSD 3.5 and earlier allow local users to read sensitive kernel memory and possibly perform other unauthorized activities...

CVE-2004-0482

The CVE-2004-0482 issue affects OpenBSD 3.5 and earlier in procfs components (procfs_cmdline.c, procfs_fpregs.c, procfs_linux.c, procfs_regs.c, procfs_status.c, procfs_subr.c) due to multiple integer overflows. This enables local users to read sensitive kernel memory and potentially perform other...

PT-2004-1600 · Openbsd · Openbsd

Name of the Vulnerable Software and Affected Versions: OpenBSD versions 3.5 and earlier Description: The issue is related to multiple integer overflows in several procfs files for OpenBSD, including procfs cmdline.c, procfs fpregs.c, procfs linux.c, procfs regs.c, procfs status.c, and procfs...

CVE-2004-0370

The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic...

Linux Kernel 2.5.x/2.6.x - CPUFreq Proc Handler Integer Handling Memory Read

/ source: https://www.securityfocus.com/bid/10201/info A local integer handling vulnerability has been announced in the Linux kernel. It is reported that this vulnerability may be exploited by an unprivileged local user to obtain kernel memory contents. Additionally it is reported that a root use...

Linux Kernel 2.5.x2.6.x - CPUFreq Proc Handler Integer Handling Memory Read

Linux Kernel 2.5.x2.6.x - CPUFreq Proc Handler Integer Handling Memory Read / source: https://www.securityfocus.com/bid/10201/info A local integer handling vulnerability has been announced in the Linux kernel. It is reported that this vulnerability may be exploited by an unprivileged local user t...

CVE-2004-0118

The component for the Virtual DOS Machine VDM subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code...

CVE-2003-0910

The NtSetLdtEntries function in the programming interface for the Local Descriptor Table LDT in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory...

CVE-2004-0177

The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw devic...

CVE-2003-0910

CVE-2003-0910 concerns a privilege-elevation flaw in the Local Descriptor Table (LDT) interface on Windows NT 4.0 and Windows 2000. An attacker must be locally logged on to exploit by creating a malicious LDT entry to gain access to protected memory; Windows XP and Windows Server 2003 are not aff...

CVE-2004-0177

CVE-2004-0177 affects Linux 2.4.x (before 2.4.26) due to improper initialization of journal descriptor blocks in ext3, causing an information leak where in-memory kernel data could be written to the device and read back via raw-device access. Impact: privileged users could obtain portions of kern...