IBM Lenovo ThinkPad Security Update Fixes Ethernet Privilege Escalation Vulnerability
Advisory ID : FrSIRT/ADV-2007-0801
CVE ID : CVE-2006-6385
Rated as : Moderate Risk
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2007-03-02
Technical Description Receive your personalized alerts in a Text format Receive your personalized alerts in a PDF format Receive your personalized alerts in an XML format
A vulnerability has been identified in IBM Lenovo ThinkPad, which could be exploited by local attackers to obtain elevated privileges. This issue is due to an error in the Intel PRO/1000 LAN adapter software. For additional information, see : FrSIRT/ADV-2006-4871
IBM Lenovo ThinkPad T60
IBM Lenovo ThinkPad T60p
IBM Lenovo ThinkPad X60
IBM Lenovo ThinkPad X60s
IBM Lenovo ThinkPad X60 Tablet
Apply patch :
Recent Threat/Vulnerability Developments
Last Updated: 2007-03-02 04:10:13 UTC
by Kevin Liston (Version: 1)
There have been a few recent minor developments that I think warrant a mention.
There have been a handful of viruses recently that specifically target USB removable media, Win32.Agent,wj and VBS.Solow.E just two mention two. This harks back to the old days of floppy-disk boot-sector viruses. This is not the only old-school re-visitation I've seen in malicious code trends, there have also been a few destructive viruses recently reported.
A vulnerability in Adobe Acrobat that allows a malicious PDF file to call arbitrary file:// URLs was announced last night.
Things to keep an eye on over the weekend:
This Year of MOXB continues with PHP. Something interesting is bound to turn up out of that.
The College Basketball championship begins in the US. I would be surprised to not see any "March Madness" related schemes develop.