lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20061209012137.889CB6544A@evolution.bress.net>
Date: Fri, 08 Dec 2006 20:21:37 -0500
From: Josh Bressers <bressers@...hat.com>
To: Full-Disclosure@...ts.grok.org.uk
Subject: Re: EEYE: Intel Network Adapter Driver Local
	Privilege Escalation

> eEye Research - http://research.eeye.com
> 
> Intel Network Adapter Driver Local Privilege Escalation
> 
> Release Date:
> December 7, 2006
> 
> Date Reported:
> July 10, 2006
> 
> Severity:
> Medium (Local Privilege Escalation to Kernel)
> 
> Systems Affected:
> Windows 2000, XP, 2003, Vista
>     Intel PRO 10/100   - 8.0.27.0 or previous
>     Intel PRO/1000     - 8.7.1.0  or previous
>     Intel PRO/1000 PCI - 9.1.30.0 or previous
> Linux
>     Intel PRO 10/100   - 3.5.14  or previous
>     Intel PRO/1000     - 7.2.7   or previous
>     Intel PRO/10GbE    - 1.0.109 or previous
> UnixWare/SCO6
>     Intel PRO 10/100   - 4.0.3  or previous
>     Intel PRO/1000     - 9.0.15 or previous

It's worth noting that this advisory is misleading.  This flaw does not
affect the Linux drivers.  The Linux drivers do not support the NDIS API
and the OID concept that Windows does.

-- 
Josh Bressers // Red Hat Security Response Team

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ