[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20061209012137.889CB6544A@evolution.bress.net>
Date: Fri, 08 Dec 2006 20:21:37 -0500
From: Josh Bressers <bressers@...hat.com>
To: Full-Disclosure@...ts.grok.org.uk
Subject: Re: EEYE: Intel Network Adapter Driver Local
Privilege Escalation
> eEye Research - http://research.eeye.com
>
> Intel Network Adapter Driver Local Privilege Escalation
>
> Release Date:
> December 7, 2006
>
> Date Reported:
> July 10, 2006
>
> Severity:
> Medium (Local Privilege Escalation to Kernel)
>
> Systems Affected:
> Windows 2000, XP, 2003, Vista
> Intel PRO 10/100 - 8.0.27.0 or previous
> Intel PRO/1000 - 8.7.1.0 or previous
> Intel PRO/1000 PCI - 9.1.30.0 or previous
> Linux
> Intel PRO 10/100 - 3.5.14 or previous
> Intel PRO/1000 - 7.2.7 or previous
> Intel PRO/10GbE - 1.0.109 or previous
> UnixWare/SCO6
> Intel PRO 10/100 - 4.0.3 or previous
> Intel PRO/1000 - 9.0.15 or previous
It's worth noting that this advisory is misleading. This flaw does not
affect the Linux drivers. The Linux drivers do not support the NDIS API
and the OID concept that Windows does.
--
Josh Bressers // Red Hat Security Response Team
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists