6990 matches found
Sun xVM VirtualBox < 1.6.4 Privilege Escalation Vulnerability PoC
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Sun xVM VirtualBox Privilege Escalation Vulnerability Advisory Information Title: Sun xVM VirtualBox Privilege Escalation...
CORE-2008-0716 - Sun xVM VirtualBox Privilege Escalation Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Sun xVM VirtualBox Privilege Escalation Vulnerability Advisory Information Title: Sun xVM VirtualBox Privilege Escalation Vulnerability Advisory ID: CORE-2008-0716...
Sun xVM VirtualBox 'VBoxDrv.sys'本地特权提升漏洞
BUGTRAQ ID: 30481 CVE ID:CVE-2008-3431 CNCVE ID:CNCVE-20083431 Sun xVM VirtualBox是一款功能强大的虚拟机程序。 Sun xVM VirtualBox存在设计错误,本地攻击者可以利用漏洞提升特权。 当处理部分IOCTLs时VBoxDrv.sys驱动中存在错误,可导致在受影响宿主上以内核进程权限执行任意指令。...
CVE-2008-3431
The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...
CVE-2008-3431
The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...
Design/Logic Flaw
The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...
CVE-2008-3431
The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...
CVE-2008-3431
CVE-2008-3431 affects Sun xVM VirtualBox on Windows prior to 1.6.4. The VBoxDrv.sys driver handles IOCTLs with METHOD_NEITHER and fails to validate the user-supplied buffer, enabling a local unprivileged user to craft a kernel address and gain kernel privileges by calling DeviceIoControl to the ....
CVE-2008-3431
The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...
Sun xVM VirtualBox < 1.6.4 Local Privilege Escalation
The remote host contains a version of Sun xVM VirtualBox, an open source virtualization platform, before 1.6.4. Such versions reportedly include a kernel driver, 'VBoxDrv.sys', that allows a local user to open the device '.\VBoxDrv' and issue IOCTLs with a buffering method of 'METHODNEITHER'...