A Bit About the NVIDIA Vulnerability, (Sun, Jan 6th)

 SANS Internet Storm Center, Security Alerts  Comments Off on A Bit About the NVIDIA Vulnerability, (Sun, Jan 6th)
Jan 062013
 

Geoff writes in this morning asking for more eploration around the Nvidia vulnerability patch that was released yesterday. (http://www.securityweek.com/nvidia-releases-fix-dangerous-display-driver-exploit)

He writes: Its really quiet if it is truly a vulnerability patch. I dont see any reference to an exploit fix. Maybe you can dig deeper and confirm?

On December 25th, 2012, a security research released exploit code that leverages a buffer overflow vulnerability in versions prior to 310.90 of the GeForce Driver for a popular line of NVIDIA video cards. This is a privilege escalation exploit that allows someone with low-level access to gain administrative-privileges on that system.

Since it requires access to the target system before it is effective, there isnt as much press about it as you might expect. However, in our current world where uses can be expected to click on just about anything, gaining that access isnt as hard as some might expect or want.

Its been less than two weeks between the public release of the code and a patch, and there were a couple of holidays within those two weeks, so Id give NVIDA points for their response time. As for how serious I think it is? Im downloading the patch as I write this up.

-KL

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Zero Day MySQL Buffer Overflow, (Sun, Dec 2nd)

 SANS Internet Storm Center, Security Alerts  Comments Off on Zero Day MySQL Buffer Overflow, (Sun, Dec 2nd)
Dec 022012
 

A new stack-based buffer overflow vulnerability was released on Full Disclosure yesterday for MySQL. Depending of the user privileges, the flaw can cause MySQL to enumerate users, crash or possibly execute arbitrary code with the privileges of the user running MySQL.

The following CVEs have been assigned to track this MySQL vulnerability:

CVE-2012-5611 MySQL (Linux) Stack based buffer overrun PoC Zeroday

CVE-2012-5612 MySQL (Linux) Heap Based Overrun PoC Zeroday

CVE-2012-5613 MySQL (Linux) Database Privilege Elevation Zeroday Exploit

CVE-2012-5614 MySQL Denial of Service Zeroday PoC

CVE-2012-5615 MySQL Remote Preauth User Enumeration Zeroday

———–

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Microsoft Data Access Components CVE-2012-1891 Buffer Overflow Vulnerability

 Security Alerts  Comments Off on Microsoft Data Access Components CVE-2012-1891 Buffer Overflow Vulnerability
Jul 092012
 

Type: Vulnerability. Microsoft Data Access Components are prone to a buffer-overflow vulnerability; fixes are available.

Microsoft GDI+ CVE-2012-0167 EMF Image Processing Buffer Overflow Vulnerability

 Security Alerts  Comments Off on Microsoft GDI+ CVE-2012-0167 EMF Image Processing Buffer Overflow Vulnerability
May 072012
 

Type: Vulnerability. Microsoft GDI+ is prone to a remote buffer-overflow vulnerability; fixes are available.

Microsoft Office Works File Converter (CVE-2012-0177) Heap Based Buffer Overflow Vulnerability

 Security Alerts  Comments Off on Microsoft Office Works File Converter (CVE-2012-0177) Heap Based Buffer Overflow Vulnerability
Apr 092012
 

Type: Vulnerability. Microsoft Office is prone to a remote heap-based buffer-overflow vulnerability; fixes are available.

%d bloggers like this: