This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Intel LAN Driver Buffer Overflow Local Privilege Escalation

Yesterday, Intel released an advisory about buffer overflow vulnerabilities in its LAN drivers. How does this affect the security of ASG ver 6? This issue is a concern to me, as we use Intel NICs in our firewall. See the Intel URL below for details:

http://www.intel.com/support/network/sb/CS-023726.htm

This thread was automatically locked due to age.

0 BarryG over 17 years ago

Well, it's not a remote exploit, so no reason to panic.

Barry
Cancel
Vote Up 0 Vote Down

Cancel
0 NimmdirKeks over 17 years ago in reply to BarryG

The module versions installed are 7.2.7 for the e1000 and 3.2.3 for the e100. So theoretically the e100 is not affected (too old) but the e1000 is affected.

But as BarryG said, the overflow has to be run by an local user/service. Theoretically a faulty proxy could execute code, that would trigger the overflow, and start another code with root privilege. But its friday, and my brain is only working on standby.
Cancel
Vote Up 0 Vote Down

Cancel