CVE-2008-1471

The CVE-2008-1471 issue affects Panda Security products using the cpoint.sys kernel driver (Panda Internet Security 2008 and Antivirus+ Firewall 2008). A crafted IOCTL request can trigger an out-of-bounds write in kernel memory, enabling a local attacker to cause a denial of service (system crash...

CVE-2008-1471

The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service system crash or kernel panic, overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory...

Apple iOS < 1.1.4 DoS

Binary data 4425.prm...

NULL dereference in iwl driver

The iwlsetrate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwlgethwmode return value without checking for NULL, which might allow remote attackers to cause a denial of service kernel panic via unspecified vectors during module initialization...

CVE-2008-1115

CVE-2008-1115 concerns Sun Solaris 8 where a vulnerability in directory-related functions allows a local user to trigger a denial of service (panic) through an unspecified sequence of system calls or commands. Some connected sources label the issue as command injection; others echo the unspecifie...

CVE-2008-1057

The ip6checkrh0hdr function in netinet6/ip6input.c in OpenBSD 4.2 allows attackers to cause a denial of service panic via malformed IPv6 routing headers...

CVE-2008-0933

Multiple race conditions in the CPU Performance Counters cpc subsystem in the kernel in Sun Solaris 10 allow local users to cause a denial of service panic via unspecified vectors related to kcpcunbind and kcpcrestore...

CVE-2008-0933

Multiple race conditions in the CPU Performance Counters cpc subsystem in the kernel in Sun Solaris 10 allow local users to cause a denial of service panic via unspecified vectors related to kcpcunbind and kcpcrestore...

CVE-2008-0836

CVE-2008-0836 describes an unspecified vulnerability in the vuidmice STREAMS modules on Sun Solaris 8–10 (x86) that allows local users to cause a denial of service (panic) via vectors triggering a NULL pointer dereference in the vuid3ps2 module. The issue is categorized as a local access problem ...

KAME Project IPv6 IPComp头远程拒绝服务漏洞

BUGTRAQ ID: 27642 CVECAN ID: CVE-2008-0177 KAME项目是6家日本公司协作为各种BSD系统所提供的免费IPv6、IPsec和Mobile IPv6实现。 KAME项目实现的IPv6协议栈存在漏洞，远程攻击者可能利用此漏洞导致服务器不可用。 如果BSD系统使用了KAME项目的IPv6实现的话，则在处理有IPComp头的IPv6报文时kame/sys/netinet6/ipcompinput.c文件的ipcomp6input函数会出现空指针引用。如果将内核配置为处理IPsec和IPv6通讯的话，单个特制的IPv6报文可能导致内核忙碌。 FreeBSD...

FreeBSD Security Advisory FreeBSD-SA-08:04.ipsec

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:04.ipsec Security Advisory The FreeBSD Project Topic: IPsec null pointer dereference panic Category: core Module: ipsec Announced: 2008-02-14 Credits: Takashi...

FreeBSD-SA-08:04.ipsec

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:04.ipsec Security Advisory The FreeBSD Project Topic: IPsec null pointer dereference panic Category: core Module: ipsec Announced: 2008-02-14 Credits: Takashi...

CVE-2008-0718

The CVE-2008-0718 entry concerns Sun Solaris 9/10 where the USB Mouse STREAMS module (usbms) is vulnerable when 64-bit mode is enabled. The vulnerability allows local users to cause a denial of service (panic) via unspecified vectors. The NVD notes a CVSS v2 base score of 4.7 (Medium) with local ...

openSUSE 10 Security Update : kernel (kernel-4970)

This kernel update is a respin of a previous one that broke CPUFREQ support bug 357598. Previous changes : This kernel update fixes the following security problems : CVE-2008-0007: Insufficient range checks in certain fault handlers could be used by local attackers to potentially read or write...

Design/Logic Flaw

The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux RHEL 4 on Itanium ia64 does not properly handle page faults during NUMA memory access, which allows local users to cause a denial of service panic via invalid arguments to setmempolicy in an MPOLBIND operation...

kernel security update

CentOS Errata and Security Advisory CESA-2008:0055 Updated kernel packages that fix several security issues and a bug in the Red Hat Enterprise Linux 4 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packag...

Important: kernel security and bug fix update

2.6.9-67.0.4.0.1.EL - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with rds Zach Brown orabug 5760648 - remove patch sysrq-b that queues upto keventd thread orab...

RHEL 4 : kernel (RHSA-2008:0055)

Updated kernel packages that fix several security issues and a bug in the Red Hat Enterprise Linux 4 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix several security issues and a bug in the Red Hat Enterprise Linux 4 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

Apple iOS Mobile Safari - Memory Exhaustion Remote Denial of Service

source: https://www.securityfocus.com/bid/27442/info Apple iPhone is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a maliciously crafted webpage. Successful attacks cause a kernel panic, crashing the device. Given the...