Searching usb software vulnerabilities

Buffer overflow in web server of 3com HomeConne

HomeConnect | External | overflow | server | Buffer | Cable | Modem | 3com | USB | web |

Buffer overflow in web server of 3com HomeConnect Cable Modem External with USB (#3CR29223) allows remote attackers to cause a denial of service (crash) via a long HTTP request.


Compaq Intel PRO/Wireless 2011B LAN USB Device

PRO/Wireless | Device | Compaq | Driver | 2011B | Intel | LAN | USB |

Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the WEP key from the registry key.


Apple Mac OS X 10.0 through 10.2.8 allows local

Apple | Mac |

Apple Mac OS X 10.0 through 10.2.8 allows local users with a USB keyboard to gain unauthorized access by holding down the CTRL and C keys when the system is booting, which crashes the init process and leaves the user in a root shell.


Certain USB drivers in the Linux 2.4 kernel use

uninitialized | copy_to_user | information | structures | sensitive | function | previous | Certain | reading | drivers | cleared | obtain | kernel | memory | usage | could | which | Linux | users | local | allow | USB | not | use |

Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.


Format string vulnerability in Speedtouch USB d

vulnerability | Speedtouch | before | driver | string | Format | USB |

Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3.


Datakey Rainbow iKey2032 USB token, when using

communications | iKey2032 | package | encrypt | between | Rainbow | Datakey | driver | obtain | client | allow | could | local | other | users | which | using | token | PINs | does | not | CIP | USB |

Datakey Rainbow iKey2032 USB token, when using the CIP client package, does not encrypt communications between the token and the driver, which could allow local users to obtain the PINs of other users.


Buffer overflow in a certain USB driver, as use

Microsoft | attackers | arbitrary | overflow | Windows | execute | certain | driver | Buffer | allows | used | code | USB |

Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.


Advansysperu Software USB Lock Auto-Protect (AP

Auto-Protect | Advansysperu | Software | Lock | USB |

Advansysperu Software USB Lock Auto-Protect (AP) 1.5 uses a weak encryption scheme to encrypt passwords, which allows local users to gain sensitive information and bypass USB interface protection.


Linux kernel 2.6.8 to 2.6.14-rc2 allows local u

kernel | Linux |

Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer reference.


resmgr in SUSE Linux 9.2 and 9.3, and possibly

distributions | "alternate | specifying | devices" | possibly | control | devices | access | syntax | bypass | allows | resmgr | other | Linux | local | rules | users | SUSE | USB | via |

resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, allows local users to bypass access control rules for USB devices via "alternate syntax for specifying USB devices."


resmgr in SUSE Linux 9.2 and 9.3, and possibly

class-specific | distributions | restrictions | situations | interface | properly | intended | possibly | exclude | enforce | devices | bypass | allows | resmgr | access | level | Linux | other | their | class | rules | local | which | users | some | SUSE | does | not | USB | set |

resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level.


Buffer overflow in the USB Gadget RNDIS impleme

implementation | overflow | kernel | Gadget | Buffer | before | Linux | RNDIS | USB |

Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply data but not the reply structure.


The dvd_read_bca function in the DVD handling c

drivers/cdrom/cdromc | dvd_read_bca | handling | function | kernel | Linux | code | DVD |

The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow.


Integer overflow in AnywhereUSB/5 1.80.00 allow

AnywhereUSB/5 | overflow | Integer |

Integer overflow in AnywhereUSB/5 1.80.00 allows local users to cause a denial of service (crash) via a 1 byte header size specified in the USB string descriptor.


Stack-based buffer overflow in WG111v2.SYS in N

Stack-based | WG111v2SYS | wireless | overflow | adapter | WG111v2 | NetGear | buffer |

Stack-based buffer overflow in WG111v2.SYS in NetGear WG111v2 wireless adapter (USB) allows remote attackers to execute arbitrary code via a long 802.11 beacon request.


Buffer overflow in the Get_Wep function in cofv

function | cofvnetc | overflow | Drivers | Get_Wep | PCMCIA | Buffer | ATMEL | Linux | PCI | USB |

Buffer overflow in the Get_Wep function in cofvnet.c for ATMEL Linux PCI PCMCIA USB Drivers drivers 3.4.1.1 corruption allows attackers to execute arbitrary code via a long name argument.


Unspecified vulnerability in Apple Mac OS X 10.

vulnerability | Unspecified | Apple | Mac |

Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely while initializing a USB printer, which allows local users to create or overwrite arbitrary files.


USB20.dll in Secustick USB flash drive decouple

authentication | VerifyPassWord | authorization | requirements | decouples | Secustick | routines | altering | USB20dll | function | bypass | allows | return | access | value | flash | drive | which | users | local | file | USB |

USB20.dll in Secustick USB flash drive decouples the authorization and file access routines, which allows local users to bypass authentication requirements by altering the return value of the VerifyPassWord function.


The lcd_write function in drivers/usb/misc/usbl

drivers/usb/misc/usblcdc | lcd_write | 2622-rc7 | function | service | memory | amount | caller | denial | allows | before | kernel | cause | users | Linux | limit | local | which | used | does | not |

The lcd_write function in drivers/usb/misc/usblcd.c in the Linux kernel before 2.6.22-rc7 does not limit the amount of memory used by a caller, which allows local users to cause a denial of service (memory consumption).


The disconnect method in the Philips USB Webcam

disconnect | Philips | Webcam | method | USB |

The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device.


Software vulnerabilities results 1 to 20 of 26     
Page: 12