| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <457E94F9.9070602@procyonlabs.com> Date: Tue, 12 Dec 2006 06:39:37 -0500 From: "Randal T. Rioux" <randy@...cyonlabs.com> To: Josh Bressers <bressers@...hat.com> Cc: Full-Disclosure@...ts.grok.org.uk Subject: Re: EEYE: Intel Network Adapter Driver Local Privilege Escalation Josh Bressers wrote: >> eEye Research - http://research.eeye.com >> >> Intel Network Adapter Driver Local Privilege Escalation >> >> Release Date: >> December 7, 2006 >> >> Date Reported: >> July 10, 2006 >> >> Severity: >> Medium (Local Privilege Escalation to Kernel) >> >> Systems Affected: >> Windows 2000, XP, 2003, Vista >> Intel PRO 10/100 - 8.0.27.0 or previous >> Intel PRO/1000 - 8.7.1.0 or previous >> Intel PRO/1000 PCI - 9.1.30.0 or previous >> Linux >> Intel PRO 10/100 - 3.5.14 or previous >> Intel PRO/1000 - 7.2.7 or previous >> Intel PRO/10GbE - 1.0.109 or previous >> UnixWare/SCO6 >> Intel PRO 10/100 - 4.0.3 or previous >> Intel PRO/1000 - 9.0.15 or previous > > It's worth noting that this advisory is misleading. This flaw does not > affect the Linux drivers. The Linux drivers do not support the NDIS API > and the OID concept that Windows does. > Thanks for the confirmation... I thought I had gone mad for a bit there. It just didn't sound right. The version numbers threw me off. Does anyone know how these specific Linux driver version numbers were determined? Randy _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists