NSFOCUS SA2002-02 : Microsoft Windows MUP overlong request kernel overflow

NSFOCUS Security AdvisorySA2002-02 Topic: Microsoft Windows MUP overlong request kernel overflow Release Date: 2002-4-04 CVE CAN ID : CAN-2002-0151 Affected system: =================== Microsoft Windows NT 4.0 Microsoft Windows 2000 Microsoft Windows XP Impact: ========= NSFOCUS Security Team has...

user-mode-linux problems

Program: User-mode-linux Version tested: patch-2.4.17-8 I assume all previous versions would be Not vulnerable: patch-2.4.17-9 Haven't tested any different techniques. Now for something completely different. Anything in 's is my comments to my article... deal with it. Description: ------------...

CVE-1999-1166

CVE-1999-1166 affects Linux 2.0.37 and is caused by not properly encoding the Custom segment limit, which allows local users to gain root privileges by accessing or modifying kernel memory. The connected documents reiterate the same description and do not provide a concrete remediation, workaroun...

CVE-1999-1166

Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory...

CVE-2001-0316

Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call...

CVE-2001-0316

CVE-2001-0316 affects Linux kernels 2.2 and 2.4 where sysctl can be invoked with a negative length, allowing unprivileged local users to read kernel memory and potentially obtain root privileges. Mitigation in the public records points to upgrading to kernel 2.2.19 or later (and vendor advisories...

CVE-2001-0316

Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call...

NT drivers are potentially vulnerable to format string bug

Many NT drivers are potentially vulnerable to "format string bug". The problem is concerned with DbgPrint function that is used for debug messages. Some drivers instead of directly call of this function use additional intermediate functions. Those functions add a prefix to an outputted string,...

Microsoft Security Bulletin MS01-009

The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Patch...

Linux Kernel 2.2.x - 'sysctl()' Memory Reading

/ source: https://www.securityfocus.com/bid/2364/info The Linux Kernel is the core of the Linux Operating System. It was originally written by Linus Torvalds, and is publicly maintained. A problem in the Linux kernel may allow root compromise. The sysctl call allows a privileged program to read o...

Security Advisory: FreeBSD-SA-00:62.top

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:62 Security Advisory FreeBSD, Inc. Topic: top allows reading of kernel memory Category: core Module: top Announced: 2000-11-01 Credits: [email protected] via OpenBSD...

FreeBSD 3.54.x - usrbintop Format String

FreeBSD 3.54.x - usrbintop Format String / source: https://www.securityfocus.com/bid/1895/info top is a program used to display system usage statistics in real time written by GoupSys Consulting but shipped by default as a core component with many operating systems. On BSD systems, top is install...

FreeBSD-SA-00:62.top

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:62 Security Advisory FreeBSD, Inc. Topic: top allows reading of kernel memory REISSUED Category: core Module: top Announced: 2000-11-01 Reissued: 2000-11-06 Credits:...

Microsoft Windows NT 4.02000 - LPC Zone Memory Depletion Denial of Service

Microsoft Windows NT 4.02000 - LPC Zone Memory Depletion Denial of Service source: https://www.securityfocus.com/bid/1745/info LPC Local Procedure Call is a message-passing service that allows threads and processes to communicate with each other on a local machine as opposed to RPC Remote Procedu...

Microsoft Windows NT 4.0/2000 - LPC Zone Memory Depletion Denial of Service

source: https://www.securityfocus.com/bid/1745/info LPC Local Procedure Call is a message-passing service that allows threads and processes to communicate with each other on a local machine as opposed to RPC Remote Procedure Call that takes place between different hosts. LPC allocates memory from...

FreeBSD-SA-00:03.asmon

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:03 Security Advisory FreeBSD, Inc. Topic: Asmon/Ascpu ports fail to drop privileges Category: ports Module: asmon/ascpu Announced: 2000-02-19 Affects: Ports collection...

CVE-1999-0367

CVE-1999-0367 affects the NetBSD netstat command, where local users can access kernel memory. The connected Red Hat, EUVD, CVE, and NVD entries reiterate: NetBSD netstat is the affected component; root cause details are not provided in the supplied documents. NVD describes low impact with partial...

CVE-1999-0295

The CVE-1999-0295 entry concerns Solaris: the sysdef command can read kernel memory, enabling local privilege escalation to root. The available sources confirm the local access requirement and kernel-memory read as the impact, but no vendor version, component patch, exploit details, or remediatio...

CVE-1999-0295

Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges...

CVE-1999-0367

NetBSD netstat command allows local users to access kernel memory...