[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

243238

 
 

909

 
 

192833

 
 

277

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:400093
Sebastian Krahmer of SUSE Security identified a problem in udevd with handling of netlink messages. Local attackers could inject netlink messages due to a missing origin check where only the kernel should have been able to and so are able to escalate privileges. CVE-2009-1185 Fixed packages have bee ...

oval:org.secpod.oval:def:101368
The udev package contains an implementation of devfs in userspace using sysfs and netlink.

oval:org.secpod.oval:def:301230
Security vulnerabilities have been identified and fixed in udev. udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space . Buffer overflow in the util_path_encode function in ud ...

oval:org.secpod.oval:def:600333
Sebastian Kramer discovered two vulnerabilities in udev, the /dev and hotplug management daemon. CVE-2009-1185 udev does not check the origin of NETLINK messages, allowing local users to gain root privileges. CVE-2009-1186 udev suffers from a buffer overflow condition in path encoding, potentially a ...

oval:org.secpod.oval:def:101431
The udev package contains an implementation of devfs in userspace using sysfs and netlink.

oval:org.secpod.oval:def:301207
Security vulnerabilities have been identified and fixed in udev. udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space . Buffer overflow in the util_path_encode function in ud ...

oval:org.mitre.oval:def:8217
Sebastian Kramer discovered two vulnerabilities in udev, the /dev and hotplug management daemon. udev does not check the origin of NETLINK messages, allowing local users to gain root privileges. udev suffers from a buffer overflow condition in path encoding, potentially allowing arbitrary code execu ...

oval:org.secpod.oval:def:700337
Sebastian Krahmer discovered that udev did not correctly validate netlink message senders. A local attacker could send specially crafted messages to udev in order to gain root privileges. Sebastian Krahmer discovered a buffer overflow in the path encoding routines in udev. A local attacker could ex ...

CWE    1
CWE-120
*CVE
CVE-2009-1186

© SecPod Technologies