lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 12 Dec 2006 06:39:37 -0500
From: "Randal T. Rioux" <randy@...cyonlabs.com>
To: Josh Bressers <bressers@...hat.com>
Cc: Full-Disclosure@...ts.grok.org.uk
Subject: Re: EEYE: Intel Network Adapter Driver
 Local	Privilege Escalation

Josh Bressers wrote:
>> eEye Research - http://research.eeye.com
>>
>> Intel Network Adapter Driver Local Privilege Escalation
>>
>> Release Date:
>> December 7, 2006
>>
>> Date Reported:
>> July 10, 2006
>>
>> Severity:
>> Medium (Local Privilege Escalation to Kernel)
>>
>> Systems Affected:
>> Windows 2000, XP, 2003, Vista
>>     Intel PRO 10/100   - 8.0.27.0 or previous
>>     Intel PRO/1000     - 8.7.1.0  or previous
>>     Intel PRO/1000 PCI - 9.1.30.0 or previous
>> Linux
>>     Intel PRO 10/100   - 3.5.14  or previous
>>     Intel PRO/1000     - 7.2.7   or previous
>>     Intel PRO/10GbE    - 1.0.109 or previous
>> UnixWare/SCO6
>>     Intel PRO 10/100   - 4.0.3  or previous
>>     Intel PRO/1000     - 9.0.15 or previous
> 
> It's worth noting that this advisory is misleading.  This flaw does not
> affect the Linux drivers.  The Linux drivers do not support the NDIS API
> and the OID concept that Windows does.
> 

Thanks for the confirmation... I thought I had gone mad for a bit there.
It just didn't sound right. The version numbers threw me off. Does
anyone know how these specific Linux driver version numbers were determined?

Randy


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists