OSVDB ID: 33023

Title: Linux Kernel Omnikey CardMan 4040 Driver Multiple Handler Local Overflow

Info

Disclosure
Mar 07, 2007

Discovery
Unknown

Dates

Exploit
Mar 07, 2007

Solution
Unknown

Description

 A local overflow exists in the Omnikey CardMan 4040 linux drivers. The issue is due to a boundary error in the read() and write() functions. With a specially crafted request, an attacker with write permissions to a cmx device file can cause a denial of service and possibly execute arbitrary code on the system resulting in a loss of integrity.

Classification

 Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Exploit: Exploit Public
Disclosure: OSVDB Verified, Vendor Verified

Solution

 Upgrade to version 2.6.21-rc3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Linux

Kernel

 2.6.20.x
2.6.19.x
2.6.18.x
2.6.17.x
2.6.16.x
2.6.15.x
2.6.14.x
2.6.13.x
2.6.12.x
2.6.11.x
2.6.10.x
2.6.9.x
2.6.8.x
2.6.7.x
2.6.6.x
2.6.5.x
2.6.4.x
2.6.3.x
2.6.2.x
2.6.1.x
2.6.21-rc1
2.6.21-rc2
2.6.21-rc3

References

Credit
  • Daniel Roethlisberger - daniel.roethlisbergercsnc.ch - Compass Security Network Computing AG


Direct URL: http://osvdb.org/33023