Published: 09/05/2011 Updated: 13/02/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 642

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Integer signedness error in the drm_modeset_ctl function in (1) drivers/gpu/drm/drm_irq.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel prior to 2.6.38 and (2) sys/dev/pci/drm/drm_irq.c in the kernel in OpenBSD prior to 4.9 allows local users to trigger out-of-bounds write operations, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via a crafted num_crtcs (aka vb_num) structure member in an ioctl argument.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
openbsd openbsd

Multiple kernel flaws have been fixed ...

Multiple kernel vulnerabilities have been fixed ...

Multiple kernel flaws have been fixed ...

Multiple kernel vulnerabilities have been fixed ...

Multiple kernel flaws have been fixed ...

Ubuntu Security Notice 1202-1 - Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly A local user could exploit this to read kernel stack memory, leading to a loss of privacy Brad Spengler discovered that stack memory for new a process was not correctly calculated A local attacker could exploit this to crash ...

This repo walks through metasploitable1 machine and try to get root access by various methods through various vulnerable services

download the machine from wwwvulnhubcom/entry/metasploitable-1,28/ then launch using VMware credentials are msfadmin:msfadmin ip a to get machine Notes : make sure your system is upgraded sudo apt update && sudo apt upgrade sudo apt install exploitdb scan the target using nmap Nmap -sV -Sc 19216819 get 12 open ports (21 -22-23-25-53-80-139-445-3306-

Kioptix-level-1-walk-through download the machine from wwwvulnhubcom/entry/kioptrix-level-1-1,22/ then launch using VMware no credintial are provided Notes : make sure your system is upgraded sudo apt update && sudo apt upgrade sudo apt install exploitdb make sure your main system and the target on the same network scan the target using nmap Nmap -sn 1

Metasploitable2-Walk-through download the machine from wwwvulnhubcom/entry/metasploitable-2,29/ then launch using VMware credentials are msfadmin:msfadmin ip a to get machine Notes : make sure your system is upgraded sudo apt update && sudo apt upgrade sudo apt install exploitdb scan the target using nmap Nmap -sV -Sc 19216819 found some open ports

CWE-787 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38 http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/drm_irq.c http://www.securityfocus.com/bid/47639 https://bugzilla.redhat.com/show_bug.cgi?id=679925 https://exchange.xforce.ibmcloud.com/vulnerabilities/67199 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1922756124ddd53846877416d92ba4a802bc658f http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/drm_irq.c.diff?r1=1.41%3Br2=1.42%3Bf=h https://nvd.nist.gov https://github.com/Heshamshaban001/Metasploitable1-walkthrough https://usn.ubuntu.com/1204-1/

CVE-2011-1013

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect