Lucene search
K

6990 matches found

seebug.org
seebug.org
added 2008/08/11 12:0 a.m.86 views

Sun xVM VirtualBox < 1.6.4 Privilege Escalation Vulnerability PoC

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Sun xVM VirtualBox Privilege Escalation Vulnerability Advisory Information Title: Sun xVM VirtualBox Privilege Escalation...

7.2CVSS7.6AI score0.06932EPSS
Exploits8
securityvulns
securityvulns
added 2008/08/07 12:0 a.m.66 views

CORE-2008-0716 - Sun xVM VirtualBox Privilege Escalation Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Sun xVM VirtualBox Privilege Escalation Vulnerability Advisory Information Title: Sun xVM VirtualBox Privilege Escalation Vulnerability Advisory ID: CORE-2008-0716...

7.2CVSS0.5AI score0.06932EPSS
Exploits8
seebug.org
seebug.org
added 2008/08/06 12:0 a.m.120 views

Sun xVM VirtualBox 'VBoxDrv.sys'本地特权提升漏洞

BUGTRAQ ID: 30481 CVE ID:CVE-2008-3431 CNCVE ID:CNCVE-20083431 Sun xVM VirtualBox是一款功能强大的虚拟机程序。 Sun xVM VirtualBox存在设计错误,本地攻击者可以利用漏洞提升特权。 当处理部分IOCTLs时VBoxDrv.sys驱动中存在错误,可导致在受影响宿主上以内核进程权限执行任意指令。...

7.2CVSS7.4AI score0.06932EPSS
Exploits8
UbuntuCve
UbuntuCve
added 2008/08/05 7:41 p.m.55 views

CVE-2008-3431

The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...

8.8CVSS6.9AI score0.06932EPSS
Exploits8References2
NVD
NVD
added 2008/08/05 7:41 p.m.25 views

CVE-2008-3431

The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...

8.8CVSS6.4AI score0.06932EPSS
Exploits8References12
Prion
Prion
added 2008/08/05 7:41 p.m.26 views

Design/Logic Flaw

The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...

7.2CVSS6.7AI score0.06932EPSS
Exploits8References11Affected Software1
Cvelist
Cvelist
added 2008/08/05 7:20 p.m.61 views

CVE-2008-3431

The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...

6.3AI score0.06932EPSS
Exploits8References11
CVE
CVE
added 2008/08/05 7:20 p.m.1044 views

CVE-2008-3431

CVE-2008-3431 affects Sun xVM VirtualBox on Windows prior to 1.6.4. The VBoxDrv.sys driver handles IOCTLs with METHOD_NEITHER and fails to validate the user-supplied buffer, enabling a local unprivileged user to craft a kernel address and gain kernel privileges by calling DeviceIoControl to the ....

8.8CVSS7.5AI score0.06932EPSS
In wildExploits8References12Affected Software1
ATTACKERKB
ATTACKERKB
added 2008/08/05 12:0 a.m.36 views

CVE-2008-3431

The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...

8.8CVSS5.8AI score0.06932EPSS
In wildExploits8References12
Tenable Nessus
Tenable Nessus
added 2008/08/05 12:0 a.m.62 views

Sun xVM VirtualBox < 1.6.4 Local Privilege Escalation

The remote host contains a version of Sun xVM VirtualBox, an open source virtualization platform, before 1.6.4. Such versions reportedly include a kernel driver, 'VBoxDrv.sys', that allows a local user to open the device '.\VBoxDrv' and issue IOCTLs with a buffering method of 'METHODNEITHER'...

8.8CVSS7AI score0.06932EPSS
Exploits8References4
Rows per page
Query Builder