Upstream information
Description
Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with "kernel-level" privileges via an incorrect function call in certain OID handlers.SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having important severity.
| National Vulnerability Database | |
|---|---|
| Base Score | 7.2 |
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Access Vector | Local |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | Complete |
| Integrity Impact | Complete |
| Availability Impact | Complete |
Note from the SUSE Security Team
This issue does affect the Windows hardware drivers (NDIS and miniport) of various Intel network cards. The Linux Kernel includes a different implementation and is not affected. The third party site eeye has incorrectly listed Linux as affected by this problem. No SUSE Bugzilla entries cross referenced. No SUSE Security Announcements cross referenced.SUSE Timeline for this CVE
CVE page created: Fri Jun 28 05:19:21 2013CVE page last modified: Fri Oct 7 12:45:35 2022