Required CVE Record Information
Description
The ndvbs module in VBox Communications Satellite Express Protocol 2.3.17.3 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x00000ffd ioctl call.
References 5 Total
- seclists.org: 20150917 KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation mailing-list
- http://packetstormsecurity.com/files/133620/VBox-Satellite-Express-Arbitrary-Write-Privilege-Escalation.html
- exploit-db.com: 38225 exploit
- securityfocus.com: 20150917 KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation mailing-list
- https://www.korelogic.com/Resources/Advisories/KL-001-2015-005.txt
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- seclists.org: 20150917 KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation mailing-listx_transferred
- http://packetstormsecurity.com/files/133620/VBox-Satellite-Express-Arbitrary-Write-Privilege-Escalation.html x_transferred
- exploit-db.com: 38225 exploitx_transferred
- securityfocus.com: 20150917 KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation mailing-listx_transferred
- https://www.korelogic.com/Resources/Advisories/KL-001-2015-005.txt x_transferred