CVE-2004-2686

Vulnerability CVE-2004-2686 affects the Solaris kernel (versions 2.6, 7, 8, 9) in the vfs_getvfssw function. It describes a directory traversal that allows local users to load arbitrary kernel modules via crafted mount or sysfs system calls, enabling privilege escalation. The note mentions it mig...

elfutils security update

CentOS Errata and Security Advisory CESA-2006:0354 Updated elfutils packages that address a minor security issue and various other issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The elfutils packages contain a number of...

CVE-2004-1767

The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules LKM, possibly involving the modload function...

CVE-2004-1767

The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules LKM, possibly involving the modload function...

Sun Solaris allows unprivileged local user to load arbitrary kernel modules

Overview Sun Solaris allows an unprivileged local user to load arbitrary kernel modules. Description Sun Solaris supports loadable kernel modules LKMs. LKMs are pieces of code that can be dynamically loaded and unloaded into the kernel. Sun Solaris contains a vulnerability that could allow an...

Kernel security update

New kernels are available for Slackware 9.1 and -current. These have been upgraded to Linux kernel version 2.4.23, which fixes a bug in the kernel's dobrk function that could be exploited to gain root privileges. These updated kernels and modules should be installed by any sites running a 2.4...

CVE-2003-0703

KisMAC before 0.05d trusts user-supplied variables to load arbitrary kernels or kernel modules, which allows local users to gain privileges via the $DRIVERKEXT environment variable as used in 1 vihadriver.sh, 2 macjackload.sh, or 3 airojackload.sh, or 4 via "similar techniques" using...

CVE-2003-0703

KisMAC before 0.05d trusts user-supplied variables to load arbitrary kernels or kernel modules, which allows local users to gain privileges via the $DRIVERKEXT environment variable as used in 1 vihadriver.sh, 2 macjackload.sh, or 3 airojackload.sh, or 4 via "similar techniques" using...

ManTrap 1.6.1 - Hidden Process Disclosure

ManTrap 1.6.1 - Hidden Process Disclosure // source: https://www.securityfocus.com/bid/1908/info ManTrap is a "honeypot" intrusion detection system designed to lure attackers into it for analysis. The honeypot is implemented as a chroot'ed Solaris environment, designed to look and feel real to an...

ManTrap 1.6.1 - Hidden Process Disclosure

// source: https://www.securityfocus.com/bid/1908/info ManTrap is a "honeypot" intrusion detection system designed to lure attackers into it for analysis. The honeypot is implemented as a chroot'ed Solaris environment, designed to look and feel real to an attacker who gains access to it. To ensur...