Vulnerabilites related to novell - linux_desktop
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:56
Severity ?
Summary
Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop 9 allow local users to gain root privileges, related to "User input [being] passed to network scripts without verification."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | linux_desktop | 9 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop 9 allow local users to gain root privileges, related to \"User input [being] passed to network scripts without verification.\"", }, ], id: "CVE-2005-1040", lastModified: "2024-11-20T23:56:27.937", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-05-02T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://lists.suse.com/archive/suse-security-announce/2005-Apr/0002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://lists.suse.com/archive/suse-security-announce/2005-Apr/0002.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2009-08-18 21:00
Modified
2024-11-21 01:05
Severity ?
Summary
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | 2.6.30 | |
| linux | linux_kernel | 2.6.30 | |
| linux | linux_kernel | 2.6.30 | |
| linux | linux_kernel | 2.6.30 | |
| linux | linux_kernel | 2.6.30 | |
| linux | linux_kernel | 2.6.30 | |
| linux | linux_kernel | 2.6.30 | |
| novell | linux_desktop | 9 | |
| opensuse | opensuse | 11.0 | |
| suse | linux_enterprise_desktop | 10 | |
| suse | linux_enterprise_server | 9 | |
| suse | linux_enterprise_server | 10 | |
| fedoraproject | fedora | 11 | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 8.10 | |
| canonical | ubuntu_linux | 9.04 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_server | 3.0 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_workstation | 3.0 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| vmware | esx | 4.0 | |
| vmware | vma | 4.0 | |
| redhat | enterprise_linux | 5.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "A4C33180-0CB1-4A35-8AD9-24F2832A3ECF", versionEndIncluding: "2.6.29.5", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.30:-:*:*:*:*:*:*", matchCriteriaId: "77B40D2B-9AAA-49A4-9C74-7A94A82DBCCC", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.30:rc1:*:*:*:*:*:*", matchCriteriaId: "45273823-29EA-44DE-8444-3933402C5793", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.30:rc2:*:*:*:*:*:*", matchCriteriaId: "88F60E74-09DB-4D4A-B922-4A46EED0EC20", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.30:rc3:*:*:*:*:*:*", matchCriteriaId: "E242D3DE-D1DC-406A-BCC3-C4380B7EC369", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.30:rc4:*:*:*:*:*:*", matchCriteriaId: "5EE58B00-70BB-493D-ACDE-77F486984392", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.30:rc5:*:*:*:*:*:*", matchCriteriaId: "8598D6E5-0C5C-4A31-841A-C12801DB7D91", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.30:rc6:*:*:*:*:*:*", matchCriteriaId: "59800B0A-477B-42F8-A58A-5144F455AE01", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*", matchCriteriaId: "1B42AB65-443B-4655-BAEA-4EB4A43D9509", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:*", matchCriteriaId: "513797E6-FCE6-4E84-9B66-202541F9601E", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*", matchCriteriaId: "4CD2D897-E321-4CED-92E0-11A98B52053C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*", matchCriteriaId: "22A79A35-05DB-4B9F-AD3E-EA6F933CF10C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*", matchCriteriaId: "B3BB5EDB-520B-4DEF-B06E-65CA13152824", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", matchCriteriaId: "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*", matchCriteriaId: "C0507E91-567A-41D6-A7E5-5088A39F75FB", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*", matchCriteriaId: "4747CC68-FAF4-482F-929A-9DA6C24CB663", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*", matchCriteriaId: "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", matchCriteriaId: "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*", matchCriteriaId: "397313C3-6BF5-4A87-90B3-55678E807171", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*", matchCriteriaId: "E2FE6DAA-4702-409A-98B6-DE13B12805A1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*", matchCriteriaId: "BC337BB7-9A45-4406-A783-851F279130EE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:vma:4.0:*:*:*:*:*:*:*", matchCriteriaId: "7426B5AC-D0FD-424D-9A1E-0875C2102D0D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", matchCriteriaId: "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.", }, { lang: "es", value: "Una función execve en el kernel de Linux, posiblemente versión 2.6.30-rc6 y anteriores, no borra apropiadamente el puntero de current-)clear_child_tid, lo que permite a los usuarios locales causar una denegación de servicio (corrupción de memoria) o posiblemente alcanzar privilegios por medio de un sistema de clonación que llama con CLONE_CHILD_SETTID o CLONE_CHILD_CLEARTID habilitadas, que no son manejados apropiadamente durante la creación y salida de hilos (subprocesos).", }, ], id: "CVE-2009-2848", lastModified: "2024-11-21T01:05:53.460", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 5.9, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 8.5, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2009-08-18T21:00:00.390", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://article.gmane.org/gmane.linux.kernel/871942", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2009-1243.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/35983", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/36501", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/36562", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/36759", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/37105", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/37351", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/37471", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2009/08/04/2", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2009/08/05/10", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2009-1438.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/507985/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/512019/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-852-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.vupen.com/english/advisories/2009/3316", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/52899", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11412", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8598", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9766", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1550.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://article.gmane.org/gmane.linux.kernel/871942", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2009-1243.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/35983", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/36501", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/36562", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/36759", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/37105", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/37351", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/37471", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2009/08/04/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2009/08/05/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2009-1438.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/507985/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/512019/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-852-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.vupen.com/english/advisories/2009/3316", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/52899", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11412", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8598", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9766", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1550.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:56
Severity ?
Summary
tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | linux_desktop | 9 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory.", }, ], id: "CVE-2005-1065", lastModified: "2024-11-20T23:56:31.370", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-05-02T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://lists.suse.com/archive/suse-security-announce/2005-Apr/0002.html", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/13072", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://lists.suse.com/archive/suse-security-announce/2005-Apr/0002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/13072", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-08-05 04:00
Modified
2024-11-20 23:58
Severity ?
Summary
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | open_enterprise_server | 9 | |
| novell | linux_desktop | 9 | |
| suse | suse_linux | 1.0 | |
| suse | suse_linux | 8 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 | |
| suse | suse_linux | 9.2 | |
| suse | suse_linux | 9.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:novell:open_enterprise_server:9:*:*:*:*:*:*:*", matchCriteriaId: "A2740DD2-7F0C-47DE-9174-FD8BF0106D22", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*", matchCriteriaId: "C7EAAD04-D7C4-43DE-B488-1AAD014B503E", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "D2E2EF3C-1379-4CBE-8FF5-DACD47834651", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", matchCriteriaId: "CFABFCE5-4F86-4AE8-9849-BC360AC72098", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", matchCriteriaId: "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.3:*:*:*:*:*:*:*", matchCriteriaId: "A7D073E9-E535-4B36-BEF2-8499536E37DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.", }, { lang: "es", value: "Vulnerabilidad desconocida en el kernel de Linux permite que usuarios locales provoquen una denegación de servicio mediante ptrace", }, ], id: "CVE-2005-1761", lastModified: "2024-11-20T23:58:04.610", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-08-05T04:00:00.000", references: [ { source: "secalert@redhat.com", url: "http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea78729b8dbfc400fe165a57b90a394a7275a54", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/17002", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/17073", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/18056", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/19369", }, { source: "secalert@redhat.com", url: "http://securitytracker.com/id?1014275", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2005/dsa-922", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2006/dsa-1018", }, { source: "secalert@redhat.com", url: "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.1", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.novell.com/linux/security/advisories/2005_44_kernel.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2005-514.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2005-551.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2005-663.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/427980/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/14051", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2005/1878", }, { source: "secalert@redhat.com", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea78729b8dbfc400fe165a57b90a394a7275a54", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/17002", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/17073", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/18056", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/19369", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1014275", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2005/dsa-922", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2006/dsa-1018", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.novell.com/linux/security/advisories/2005_44_kernel.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2005-514.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2005-551.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2005-663.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/427980/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/14051", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2005/1878", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10487", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-06-09 04:00
Modified
2024-11-20 23:58
Severity ?
Summary
Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | linux_desktop | 9 | |
| suse | suse_linux | 1.0 | |
| suse | suse_linux | 8 | |
| suse | suse_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*", matchCriteriaId: "C7EAAD04-D7C4-43DE-B488-1AAD014B503E", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "D2E2EF3C-1379-4CBE-8FF5-DACD47834651", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.", }, ], id: "CVE-2005-1763", lastModified: "2024-11-20T23:58:04.890", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-06-09T04:00:00.000", references: [ { source: "secalert@redhat.com", url: "http://secunia.com/advisories/17073", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/18056", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2005/dsa-922", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.novell.com/linux/security/advisories/2005_29_kernel.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2005-514.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/427980/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/13903", }, { source: "secalert@redhat.com", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10182", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/17073", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/18056", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2005/dsa-922", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.novell.com/linux/security/advisories/2005_29_kernel.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2005-514.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/427980/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/13903", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10182", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2008-07-09 00:41
Modified
2024-11-21 00:47
Severity ?
Summary
The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 7.04 | |
| canonical | ubuntu_linux | 7.10 | |
| canonical | ubuntu_linux | 8.04 | |
| novell | linux_desktop | 9 | |
| opensuse | opensuse | 10.3 | |
| opensuse | opensuse | 11.0 | |
| suse | suse_linux_enterprise_desktop | 10 | |
| suse | suse_linux_enterprise_desktop | 10 | |
| suse | suse_linux_enterprise_server | 10 | |
| suse | suse_linux_enterprise_server | 10 | |
| debian | debian_linux | 4.0 | |
| avaya | communication_manager | * | |
| avaya | expanded_meet-me_conferencing | * | |
| avaya | intuity_audix_lx | 2.0 | |
| avaya | meeting_exchange | 5.0 | |
| avaya | message_networking | 3.1 | |
| avaya | messaging_storage_server | 4.0 | |
| avaya | proactive_contact | 4.0 | |
| avaya | sip_enablement_services | - | |
| avaya | sip_enablement_services | 4.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "AFC9ED30-C7E9-498C-8936-4F59CF69C0CE", versionEndExcluding: "2.6.25.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", matchCriteriaId: "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", matchCriteriaId: "6EBDAFF8-DE44-4E80-B6BD-E341F767F501", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", matchCriteriaId: "823BF8BE-2309-4F67-A5E2-EAD98F723468", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", matchCriteriaId: "C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*", matchCriteriaId: "C35B68DF-1440-4587-8458-9C5F4D1E43F3", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*", matchCriteriaId: "1B42AB65-443B-4655-BAEA-4EB4A43D9509", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp1:*:*:*:*:*:*", matchCriteriaId: "44320836-E2DE-4A1C-9820-AFFA087FF7FB", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp2:*:*:*:*:*:*", matchCriteriaId: "14DF1463-F23F-465F-8A35-D550A7438CB6", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp1:*:*:*:*:*:*", matchCriteriaId: "15E235E9-EC31-4F3F-80F7-981C720FF353", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp2:*:*:*:*:*:*", matchCriteriaId: "02E6A767-B9A5-4054-BE70-286E0A464248", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", matchCriteriaId: "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:avaya:communication_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "73143989-598B-499C-A6EB-53CE5EB1C1D4", versionStartIncluding: "3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:expanded_meet-me_conferencing:*:*:*:*:*:*:*:*", matchCriteriaId: "D49128AC-48BC-4815-8AB8-2689D9D3EB24", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix_lx:2.0:*:*:*:*:*:*:*", matchCriteriaId: "96733234-88DB-45EB-ACFC-1BCA21BC89E8", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:meeting_exchange:5.0:*:*:*:*:*:*:*", matchCriteriaId: "BDC2D26E-86AE-4FA1-8CBF-A775F1B240AF", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:message_networking:3.1:*:*:*:*:*:*:*", matchCriteriaId: "E871348D-8FA1-4C77-BB8E-BECF9CF2FFD9", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:messaging_storage_server:4.0:*:*:*:*:*:*:*", matchCriteriaId: "CB90E377-B821-4508-B1AB-B10F47975E54", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:proactive_contact:4.0:*:*:*:*:*:*:*", matchCriteriaId: "51C4F426-8D57-4DC8-AE52-2AEE80A57BAB", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:sip_enablement_services:-:*:*:*:*:*:*:*", matchCriteriaId: "DB636851-8ED1-463C-BC6C-108E4F08F60F", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:sip_enablement_services:4.0:*:*:*:*:*:*:*", matchCriteriaId: "7BFF25B3-B7C7-479C-8C2A-995E568C3395", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.", }, { lang: "es", value: "El núcleo de Linux anterior a 2.6.25.10, no realiza de forma adecuada las operaciones tty, esto permite a usuarios locales provocar una denegación de servicio (caída del sistema) o posiblemente obtener privilegios mediante vectores que contienen referencias a puntero NULO en los punteros a funciones en (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, y (8) wireless/strip.c en drivers/net/.", }, ], id: "CVE-2008-2812", lastModified: "2024-11-21T00:47:45.920", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2008-07-09T00:41:00.000", references: [ { source: "secalert@redhat.com", url: "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commitdiff%3Bh=2a739dd53ad7ee010ae6e155438507f329dce788", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.10", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/30982", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/31048", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/31202", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/31229", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/31341", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/31551", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/31614", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/31685", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32103", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32370", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32759", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/33201", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2008-365.htm", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1630", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2008/07/03/2", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0612.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0665.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0973.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/30076", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.vupen.com/english/advisories/2008/2063/references", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/43687", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11632", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6633", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/637-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commitdiff%3Bh=2a739dd53ad7ee010ae6e155438507f329dce788", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/30982", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/31048", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/31202", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/31229", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/31341", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/31551", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/31614", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/31685", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32103", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32370", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32759", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/33201", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2008-365.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1630", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2008/07/03/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0612.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0665.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0973.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/30076", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.vupen.com/english/advisories/2008/2063/references", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/43687", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11632", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6633", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/637-1/", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2006-02-27 20:06
Modified
2024-11-21 00:07
Severity ?
Summary
Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | linux_desktop | 9 | |
| novell | open_enterprise_server | 1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:1:*:*:*:*:*:*:*", matchCriteriaId: "842AFCB8-3186-4667-93DF-2F067840F117", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.", }, ], id: "CVE-2006-0736", lastModified: "2024-11-21T00:07:13.363", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2006-02-27T20:06:00.000", references: [ { source: "cve@mitre.org", url: "http://secunia.com/advisories/18995", }, { source: "cve@mitre.org", url: "http://www.novell.com/linux/security/advisories/2006_10_casa.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/16779", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/0693", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/18995", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2006_10_casa.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/16779", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/0693", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-08-05 04:00
Modified
2024-11-20 23:58
Severity ?
Summary
traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | open_enterprise_server | 9 | |
| novell | linux_desktop | 9 | |
| suse | suse_linux | 1.0 | |
| suse | suse_linux | 8 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 | |
| suse | suse_linux | 9.2 | |
| suse | suse_linux | 9.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:novell:open_enterprise_server:9:*:*:*:*:*:*:*", matchCriteriaId: "A2740DD2-7F0C-47DE-9174-FD8BF0106D22", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*", matchCriteriaId: "C7EAAD04-D7C4-43DE-B488-1AAD014B503E", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "D2E2EF3C-1379-4CBE-8FF5-DACD47834651", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", matchCriteriaId: "CFABFCE5-4F86-4AE8-9849-BC360AC72098", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", matchCriteriaId: "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.3:*:*:*:*:*:*:*", matchCriteriaId: "A7D073E9-E535-4B36-BEF2-8499536E37DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).", }, { lang: "es", value: "Vulnerabilidad desconocida en el kernel de Linux 2.6.x y 2.4.x permite que usuarios locales provoquen una denegación de servicio (\"stack fault exception\") mediante métodos desconocidos.", }, ], id: "CVE-2005-1767", lastModified: "2024-11-20T23:58:05.373", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-08-05T04:00:00.000", references: [ { source: "secalert@redhat.com", url: "http://kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git%3Ba=commit%3Bh=51e31546a2fc46cb978da2ee0330a6a68f07541e", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/17002", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/18056", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/18059", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/18977", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2005/dsa-921", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2005/dsa-922", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.novell.com/linux/security/advisories/2005_44_kernel.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2005-663.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/14467", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/usn-187-1", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2005/1878", }, { source: "secalert@redhat.com", url: "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044", }, { source: "secalert@redhat.com", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11101", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git%3Ba=commit%3Bh=51e31546a2fc46cb978da2ee0330a6a68f07541e", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/17002", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/18056", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/18059", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/18977", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2005/dsa-921", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2005/dsa-922", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.novell.com/linux/security/advisories/2005_44_kernel.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2005-663.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/14467", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/usn-187-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2005/1878", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11101", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2008-11-13 11:30
Modified
2024-11-21 00:53
Severity ?
Summary
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| debian | debian_linux | 4.0 | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 7.10 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 8.10 | |
| fedoraproject | fedora | 8 | |
| fedoraproject | fedora | 9 | |
| suse | linux_enterprise_debuginfo | 10 | |
| novell | linux_desktop | 9 | |
| novell | open_enterprise_server | - | |
| opensuse | opensuse | 10.2 | |
| opensuse | opensuse | 10.3 | |
| opensuse | opensuse | 11.0 | |
| suse | linux_enterprise_desktop | 10 | |
| suse | linux_enterprise_server | 9 | |
| suse | linux_enterprise_server | 10 | |
| suse | linux_enterprise_software_development_kit | 10 | |
| suse | linux_enterprise_software_development_kit | 10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "151CBE7B-E10C-423C-9EE8-5A564FD7A168", versionEndExcluding: "2.0.0.18", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "63B71385-5551-4021-A899-C995B3EBA68F", versionEndExcluding: "3.0.4", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "D8CF8688-28E3-408B-9167-0C36DB2765FA", versionEndExcluding: "1.1.13", versionStartIncluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "B3FF4559-33AE-4F51-A99D-810AD31545C5", versionEndExcluding: "2.0.0.18", versionStartIncluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", matchCriteriaId: "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", matchCriteriaId: "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", matchCriteriaId: "823BF8BE-2309-4F67-A5E2-EAD98F723468", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", matchCriteriaId: "C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*", matchCriteriaId: "4747CC68-FAF4-482F-929A-9DA6C24CB663", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*", matchCriteriaId: "72E4DB7F-07C3-46BB-AAA2-05CD0312C57F", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*", matchCriteriaId: "743CBBB1-C140-4FEF-B40E-FAE4511B1140", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:10:sp2:*:*:*:*:*:*", matchCriteriaId: "3E135846-8959-4D7E-A8E6-07F0EC15F010", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:-:*:*:*:*:*:*:*", matchCriteriaId: "C5C0C136-E406-4628-994A-682E8E729B50", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*", matchCriteriaId: "24818450-FDA1-429A-AC17-68F44F584217", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*", matchCriteriaId: "C35B68DF-1440-4587-8458-9C5F4D1E43F3", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*", matchCriteriaId: "1B42AB65-443B-4655-BAEA-4EB4A43D9509", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:10:-:*:*:*:*:*:*", matchCriteriaId: "4C1B3637-1CDC-47FE-B19C-95FCEB833450", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*", matchCriteriaId: "4CD2D897-E321-4CED-92E0-11A98B52053C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:10:sp1:*:*:*:*:*:*", matchCriteriaId: "29184B59-5756-48DB-930C-69D5CD628548", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp1:*:*:*:*:*:*", matchCriteriaId: "33EB57D5-DE8D-417C-8C00-AD331D61181C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp2:*:*:*:*:*:*", matchCriteriaId: "D3BEE9CB-F0AF-44B1-B454-1AE2F04D7299", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.", }, { lang: "es", value: "nsFrameManager en Firefox v3.x antes de la v3.0.4, Firefox v2.x antes de la v2.0.0.18, Thunderbird 2.x antes de la v2.0.0.18, y SeaMonkey v1.x antes de la v1.1.13 permite a atacantes remotos producir una denegación de servicio (caída) y una posible ejecución de código a su elección modificación de las propiedades de un elemento de entrada de fichero mientras se inicia, cuando se esta utilizando el método blur para acceder a no ha sido inicializada.", }, ], id: "CVE-2008-5021", lastModified: "2024-11-21T00:53:05.670", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2008-11-13T11:30:01.377", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32684", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32693", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32694", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32695", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32713", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32714", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32715", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32721", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32778", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32798", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32845", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32853", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/33433", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/33434", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/34501", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://ubuntu.com/usn/usn-667-1", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1669", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1671", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2009/dsa-1696", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2009/dsa-1697", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:230", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:235", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2008/mfsa2008-55.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0976.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0977.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0978.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/32281", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id?1021186", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-319A.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/3146", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2009/0977", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=460002", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32684", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32693", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32694", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32695", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32713", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32715", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32778", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32798", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32845", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32853", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/33433", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/33434", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/34501", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://ubuntu.com/usn/usn-667-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1669", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1671", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2009/dsa-1696", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2009/dsa-1697", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:230", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:235", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2008/mfsa2008-55.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0976.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0977.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0978.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/32281", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id?1021186", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-319A.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/3146", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2009/0977", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=460002", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-362", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2008-11-27 00:30
Modified
2024-11-21 00:52
Severity ?
Summary
yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | linux_desktop | 9 | |
| novell | open_enterprise_server | - | |
| opensuse | opensuse | 10.2 | |
| opensuse | opensuse | 10.3 | |
| opensuse | opensuse | 11.0 | |
| suse | linux_enterprise_server | 8 | |
| suse | linux_enterprise_server | 9 | |
| suse | suse_linux_enterprise_desktop | 10 | |
| suse | suse_linux_enterprise_desktop | 10 | |
| suse | suse_linux_enterprise_server | 10 | |
| suse | suse_linux_enterprise_server | 10 | |
| suse | yast2-backup | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: false, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:-:*:*:*:*:*:*:*", matchCriteriaId: "C5C0C136-E406-4628-994A-682E8E729B50", vulnerable: false, }, { criteria: "cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*", matchCriteriaId: "24818450-FDA1-429A-AC17-68F44F584217", vulnerable: false, }, { criteria: "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*", matchCriteriaId: "C35B68DF-1440-4587-8458-9C5F4D1E43F3", vulnerable: false, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*", matchCriteriaId: "1B42AB65-443B-4655-BAEA-4EB4A43D9509", vulnerable: false, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*", matchCriteriaId: "FA1E7EFF-1CCA-473B-8D5C-30D59C26DC70", vulnerable: false, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*", matchCriteriaId: "4CD2D897-E321-4CED-92E0-11A98B52053C", vulnerable: false, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp1:*:*:*:*:*:*", matchCriteriaId: "44320836-E2DE-4A1C-9820-AFFA087FF7FB", vulnerable: false, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp2:*:*:*:*:*:*", matchCriteriaId: "14DF1463-F23F-465F-8A35-D550A7438CB6", vulnerable: false, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp1:*:*:*:*:*:*", matchCriteriaId: "15E235E9-EC31-4F3F-80F7-981C720FF353", vulnerable: false, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp2:*:*:*:*:*:*", matchCriteriaId: "02E6A767-B9A5-4054-BE70-286E0A464248", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:suse:yast2-backup:*:*:*:*:*:*:*:*", matchCriteriaId: "4668731B-1AF7-48A2-A0BA-9A056E85A559", versionEndIncluding: "2.16.6", versionStartIncluding: "2.14.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process.", }, { lang: "es", value: "yast2-backup de 2.14.2 a 2.16.6 en SUSE Linux y Novell Linux permite a usuarios locales obtener privilegios a través de metacaracteres de consola en nombres de archivos usados por el proceso de copia de respaldo.", }, ], id: "CVE-2008-4636", lastModified: "2024-11-21T00:52:09.780", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2008-11-27T00:30:00.280", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00003.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://osvdb.org/50284", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/32832", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/32464", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/46879", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://osvdb.org/50284", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/32832", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/32464", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/46879", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2008-09-04 17:41
Modified
2024-11-21 00:40
Severity ?
Summary
fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 7.10 | |
| canonical | ubuntu_linux | 8.04 | |
| debian | debian_linux | 4.0 | |
| novell | linux_desktop | 9 | |
| opensuse | opensuse | 10.3 | |
| suse | suse_linux_enterprise_desktop | 10 | |
| suse | suse_linux_enterprise_server | 10 | |
| suse | suse_linux_enterprise_server | 10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "CE323F46-5BE8-40FC-B564-B21ADE5D4DC6", versionEndExcluding: "2.6.23", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", matchCriteriaId: "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", matchCriteriaId: "823BF8BE-2309-4F67-A5E2-EAD98F723468", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*", matchCriteriaId: "C0507E91-567A-41D6-A7E5-5088A39F75FB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", matchCriteriaId: "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*", matchCriteriaId: "C35B68DF-1440-4587-8458-9C5F4D1E43F3", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp2:*:*:*:*:*:*", matchCriteriaId: "14DF1463-F23F-465F-8A35-D550A7438CB6", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp1:*:*:*:*:*:*", matchCriteriaId: "15E235E9-EC31-4F3F-80F7-981C720FF353", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp2:*:*:*:*:*:*", matchCriteriaId: "02E6A767-B9A5-4054-BE70-286E0A464248", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.", }, { lang: "es", value: "fs/direct-io.c del subsistema dio del núcleo de Linux anterior a 2.6.23, no suprime de forma correcta la estructura dio, esto permite a usuario locales provocar una denegación de servicio (OOPS), como se ha demostrado en determinados test fio.", }, ], id: "CVE-2007-6716", lastModified: "2024-11-21T00:40:50.037", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2008-09-04T17:41:00.000", references: [ { source: "cve@mitre.org", url: "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=848c4dd5153c7a0de55470ce99a8e13a63b4703f", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00007.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00000.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://lkml.org/lkml/2007/7/30/448", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2008-0972.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32023", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32103", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32237", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32356", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32370", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32393", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32759", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32799", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1653", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:220", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2008/09/04/1", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0885.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/31515", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/usn-659-1", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=461082", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10053", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=848c4dd5153c7a0de55470ce99a8e13a63b4703f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://lkml.org/lkml/2007/7/30/448", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2008-0972.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32103", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32237", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32356", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32370", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32393", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32759", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/32799", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1653", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:220", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2008/09/04/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0885.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/31515", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/usn-659-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=461082", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10053", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2009-11-04 15:30
Modified
2024-11-21 01:07
Severity ?
Summary
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | 2.6.32 | |
| linux | linux_kernel | 2.6.32 | |
| linux | linux_kernel | 2.6.32 | |
| linux | linux_kernel | 2.6.32 | |
| linux | linux_kernel | 2.6.32 | |
| linux | linux_kernel | 2.6.32 | |
| novell | linux_desktop | 9 | |
| opensuse | opensuse | 11.0 | |
| opensuse | opensuse | 11.2 | |
| suse | suse_linux_enterprise_desktop | 10 | |
| suse | suse_linux_enterprise_server | 10 | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 8.10 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| fedoraproject | fedora | 10 | |
| vmware | vma | 4.0 | |
| vmware | esx | 4.0 | |
| redhat | mrg_realtime | 1.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | enterprise_linux_desktop | 4.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_eus | 4.8 | |
| redhat | enterprise_linux_eus | 5.4 | |
| redhat | enterprise_linux_server | 3.0 | |
| redhat | enterprise_linux_server | 4.0 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_workstation | 3.0 | |
| redhat | enterprise_linux_workstation | 4.0 | |
| redhat | enterprise_linux_workstation | 5.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "BEC4349F-7F67-435F-8909-94648A0E8F90", versionEndIncluding: "2.6.31.14", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.32:-:*:*:*:*:*:*", matchCriteriaId: "37B2E2B1-3E39-4DBA-817D-08F34D9F6E53", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.32:rc1:*:*:*:*:*:*", matchCriteriaId: "C85D4E0A-14DA-4884-AF6F-A0F54304430F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.32:rc2:*:*:*:*:*:*", matchCriteriaId: "1C8471AA-44D7-4D19-82B6-C4B999C65F97", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.32:rc3:*:*:*:*:*:*", matchCriteriaId: "218DE1D1-3843-4076-9AE4-70AA0FD99B3E", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.32:rc4:*:*:*:*:*:*", matchCriteriaId: "2677114B-AF05-42EB-BBC8-FA85CD631C21", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:2.6.32:rc5:*:*:*:*:*:*", matchCriteriaId: "FA8D64E1-A700-4D9E-9063-EC3CFC1A6D98", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*", matchCriteriaId: "1B42AB65-443B-4655-BAEA-4EB4A43D9509", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", matchCriteriaId: "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp2:*:*:*:*:*:*", matchCriteriaId: "14DF1463-F23F-465F-8A35-D550A7438CB6", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp2:*:*:*:*:*:*", matchCriteriaId: "02E6A767-B9A5-4054-BE70-286E0A464248", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", matchCriteriaId: "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*", matchCriteriaId: "C0507E91-567A-41D6-A7E5-5088A39F75FB", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*", matchCriteriaId: "4747CC68-FAF4-482F-929A-9DA6C24CB663", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*", matchCriteriaId: "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*", matchCriteriaId: "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*", matchCriteriaId: "7000D33B-F3C7-43E8-8FC7-9B97AADC3E12", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:vma:4.0:*:*:*:*:*:*:*", matchCriteriaId: "7426B5AC-D0FD-424D-9A1E-0875C2102D0D", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*", matchCriteriaId: "BC337BB7-9A45-4406-A783-851F279130EE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:mrg_realtime:1.0:*:*:*:*:*:*:*", matchCriteriaId: "04A20072-7DB7-4079-9456-E2CE98F888E7", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", matchCriteriaId: "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", matchCriteriaId: "7D74A418-50F0-42C0-ABBC-BBBE718FF025", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:4.8:*:*:*:*:*:*:*", matchCriteriaId: "7F2976D5-83A5-4A52-A1E6-D0E17F23FD62", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:5.4:*:*:*:*:*:*:*", matchCriteriaId: "4DD6917D-FE03-487F-9F2C-A79B5FCFBC5A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*", matchCriteriaId: "397313C3-6BF5-4A87-90B3-55678E807171", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*", matchCriteriaId: "73322DEE-27A6-4D18-88A3-ED7F9CAEABD5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*", matchCriteriaId: "E2FE6DAA-4702-409A-98B6-DE13B12805A1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*", matchCriteriaId: "5B5DCF29-6830-45FF-BC88-17E2249C653D", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.", }, { lang: "es", value: "Múltiples condiciones de carrera en fs/pipe.c en el kernel de Linux anteriores a v2.6.32-rc6 permite a usuarios locales producir una denegación de servicio )desreferencia a puntero NULL y caída del sistema) o conseguir privilegios mediante la apertura de un canal anónimo en la ruta /proc/*/fd/.", }, ], id: "CVE-2009-3547", lastModified: "2024-11-21T01:07:37.783", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2009-11-04T15:30:00.640", references: [ { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3960243e55320d74195fb85c975e0a8cc4466c", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.vmware.com/pipermail/security-announce/2010/000082.html", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Mailing List", ], url: "http://lkml.org/lkml/2009/10/14/184", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", ], url: "http://lkml.org/lkml/2009/10/21/42", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=oss-security&m=125724568017045&w=2", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/37351", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/38017", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/38794", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/38834", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc6", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2009-1672.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/512019/100/0/threaded", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/36901", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/usn-864-1", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.vupen.com/english/advisories/2010/0528", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=530490", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11513", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7608", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9327", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1540.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1541.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1548.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1550.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3960243e55320d74195fb85c975e0a8cc4466c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.vmware.com/pipermail/security-announce/2010/000082.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", ], url: "http://lkml.org/lkml/2009/10/14/184", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", ], url: "http://lkml.org/lkml/2009/10/21/42", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=oss-security&m=125724568017045&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/37351", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/38017", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/38794", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/38834", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2009-1672.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/512019/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/36901", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/usn-864-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.vupen.com/english/advisories/2010/0528", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=530490", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11513", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7608", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9327", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1540.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1541.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1548.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1550.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-362", }, { lang: "en", value: "CWE-476", }, { lang: "en", value: "CWE-672", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2005-1065
Vulnerability from cvelistv5
Published
2005-04-12 04:00
Modified
2024-09-16 23:06
Severity ?
EPSS score ?
Summary
tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.suse.com/archive/suse-security-announce/2005-Apr/0002.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securityfocus.com/bid/13072 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T21:35:59.942Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SR:2005:010", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.suse.com/archive/suse-security-announce/2005-Apr/0002.html", }, { name: "13072", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/13072", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2005-04-12T04:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "SUSE-SR:2005:010", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.suse.com/archive/suse-security-announce/2005-Apr/0002.html", }, { name: "13072", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/13072", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2005-1065", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SR:2005:010", refsource: "SUSE", url: "http://lists.suse.com/archive/suse-security-announce/2005-Apr/0002.html", }, { name: "13072", refsource: "BID", url: "http://www.securityfocus.com/bid/13072", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2005-1065", datePublished: "2005-04-12T04:00:00Z", dateReserved: "2005-04-12T00:00:00Z", dateUpdated: "2024-09-16T23:06:40.405Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-4636
Vulnerability from cvelistv5
Published
2008-11-27 00:00
Modified
2024-08-07 10:24
Severity ?
EPSS score ?
Summary
yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/32464 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/32832 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/50284 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/46879 | vdb-entry, x_refsource_XF | |
| http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00003.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T10:24:20.587Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "32464", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/32464", }, { name: "32832", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32832", }, { name: "50284", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/50284", }, { name: "yast2backup-backup-command-execution(46879)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/46879", }, { name: "SUSE-SA:2008:054", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00003.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-11-25T00:00:00", descriptions: [ { lang: "en", value: "yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-07T12:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "32464", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/32464", }, { name: "32832", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32832", }, { name: "50284", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/50284", }, { name: "yast2backup-backup-command-execution(46879)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/46879", }, { name: "SUSE-SA:2008:054", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00003.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2008-4636", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "32464", refsource: "BID", url: "http://www.securityfocus.com/bid/32464", }, { name: "32832", refsource: "SECUNIA", url: "http://secunia.com/advisories/32832", }, { name: "50284", refsource: "OSVDB", url: "http://osvdb.org/50284", }, { name: "yast2backup-backup-command-execution(46879)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/46879", }, { name: "SUSE-SA:2008:054", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00003.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2008-4636", datePublished: "2008-11-27T00:00:00", dateReserved: "2008-10-21T00:00:00", dateUpdated: "2024-08-07T10:24:20.587Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2006-0736
Vulnerability from cvelistv5
Published
2006-02-27 20:00
Modified
2024-08-07 16:48
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.novell.com/linux/security/advisories/2006_10_casa.html | vendor-advisory, x_refsource_SUSE | |
| http://www.vupen.com/english/advisories/2006/0693 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/16779 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/18995 | third-party-advisory, x_refsource_SECUNIA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T16:48:55.559Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SA:2006:010", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2006_10_casa.html", }, { name: "ADV-2006-0693", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/0693", }, { name: "16779", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/16779", }, { name: "18995", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18995", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2006-02-22T00:00:00", descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2006-03-10T10:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "SUSE-SA:2006:010", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2006_10_casa.html", }, { name: "ADV-2006-0693", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/0693", }, { name: "16779", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/16779", }, { name: "18995", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18995", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2006-0736", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SA:2006:010", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2006_10_casa.html", }, { name: "ADV-2006-0693", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/0693", }, { name: "16779", refsource: "BID", url: "http://www.securityfocus.com/bid/16779", }, { name: "18995", refsource: "SECUNIA", url: "http://secunia.com/advisories/18995", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2006-0736", datePublished: "2006-02-27T20:00:00", dateReserved: "2006-02-16T00:00:00", dateUpdated: "2024-08-07T16:48:55.559Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2009-3547
Vulnerability from cvelistv5
Published
2009-11-04 15:00
Modified
2024-08-07 06:31
Severity ?
EPSS score ?
Summary
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T06:31:10.441Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "oval:org.mitre.oval:def:11513", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11513", }, { name: "RHSA-2009:1672", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2009-1672.html", }, { name: "20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/512019/100/0/threaded", }, { name: "36901", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/36901", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3960243e55320d74195fb85c975e0a8cc4466c", }, { name: "RHSA-2009:1540", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1540.html", }, { name: "USN-864-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/usn-864-1", }, { name: "38794", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38794", }, { name: "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.vmware.com/pipermail/security-announce/2010/000082.html", }, { name: "[linux-kernel] 20091021 Re: [PATCH v4 1/1]: fs: pipe.c null pointer dereference + really sign off + unmangled diffs", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lkml.org/lkml/2009/10/21/42", }, { name: "SUSE-SA:2010:001", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html", }, { name: "RHSA-2009:1541", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1541.html", }, { name: "MDVSA-2009:329", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329", }, { name: "37351", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/37351", }, { name: "SUSE-SA:2009:056", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html", }, { name: "SUSE-SA:2010:012", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html", }, { name: "oval:org.mitre.oval:def:7608", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7608", }, { name: "[oss-security] 20091103 CVE-2009-3547 kernel: fs: pipe.c null pointer dereference", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://marc.info/?l=oss-security&m=125724568017045&w=2", }, { name: "RHSA-2009:1548", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1548.html", }, { name: "38834", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38834", }, { name: "[linux-kernel] 20091014 fs/pipe.c null pointer dereference", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lkml.org/lkml/2009/10/14/184", }, { name: "RHSA-2009:1550", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1550.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc6", }, { name: "oval:org.mitre.oval:def:9327", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9327", }, { name: "SUSE-SA:2009:054", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=530490", }, { name: "38017", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38017", }, { name: "FEDORA-2009-11038", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html", }, { name: "ADV-2010-0528", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/0528", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2009-10-21T00:00:00", descriptions: [ { lang: "en", value: "Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "oval:org.mitre.oval:def:11513", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11513", }, { name: "RHSA-2009:1672", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2009-1672.html", }, { name: "20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/512019/100/0/threaded", }, { name: "36901", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/36901", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3960243e55320d74195fb85c975e0a8cc4466c", }, { name: "RHSA-2009:1540", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1540.html", }, { name: "USN-864-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/usn-864-1", }, { name: "38794", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38794", }, { name: "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.vmware.com/pipermail/security-announce/2010/000082.html", }, { name: "[linux-kernel] 20091021 Re: [PATCH v4 1/1]: fs: pipe.c null pointer dereference + really sign off + unmangled diffs", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lkml.org/lkml/2009/10/21/42", }, { name: "SUSE-SA:2010:001", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html", }, { name: "RHSA-2009:1541", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1541.html", }, { name: "MDVSA-2009:329", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329", }, { name: "37351", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/37351", }, { name: "SUSE-SA:2009:056", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html", }, { name: "SUSE-SA:2010:012", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html", }, { name: "oval:org.mitre.oval:def:7608", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7608", }, { name: "[oss-security] 20091103 CVE-2009-3547 kernel: fs: pipe.c null pointer dereference", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://marc.info/?l=oss-security&m=125724568017045&w=2", }, { name: "RHSA-2009:1548", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1548.html", }, { name: "38834", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38834", }, { name: "[linux-kernel] 20091014 fs/pipe.c null pointer dereference", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lkml.org/lkml/2009/10/14/184", }, { name: "RHSA-2009:1550", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1550.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc6", }, { name: "oval:org.mitre.oval:def:9327", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9327", }, { name: "SUSE-SA:2009:054", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=530490", }, { name: "38017", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38017", }, { name: "FEDORA-2009-11038", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html", }, { name: "ADV-2010-0528", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/0528", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2009-3547", datePublished: "2009-11-04T15:00:00", dateReserved: "2009-10-05T00:00:00", dateUpdated: "2024-08-07T06:31:10.441Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2007-6716
Vulnerability from cvelistv5
Published
2008-09-04 17:00
Modified
2024-08-07 16:18
Severity ?
EPSS score ?
Summary
fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T16:18:20.489Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SA:2008:047", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html", }, { name: "RHSA-2008:0885", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0885.html", }, { name: "32393", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32393", }, { name: "32237", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32237", }, { name: "RHSA-2008:0972", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2008-0972.html", }, { name: "oval:org.mitre.oval:def:10053", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10053", }, { name: "SUSE-SA:2008:052", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=848c4dd5153c7a0de55470ce99a8e13a63b4703f", }, { name: "USN-659-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/usn-659-1", }, { name: "[oss-security] 20080904 CVE request: kernel: dio: zero struct dio with kzalloc instead of manually", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2008/09/04/1", }, { name: "[linux-kernel] 20070731 Re: [PATCH] add check do_direct_IO() return val", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lkml.org/lkml/2007/7/30/448", }, { name: "SUSE-SA:2008:056", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00000.html", }, { name: "32103", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32103", }, { name: "DSA-1653", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2008/dsa-1653", }, { name: "32356", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32356", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23", }, { name: "32023", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32023", }, { name: "32759", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32759", }, { name: "MDVSA-2008:220", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:220", }, { name: "32370", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32370", }, { name: "SUSE-SA:2008:051", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00007.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=461082", }, { name: "32799", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32799", }, { name: "SUSE-SR:2008:025", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html", }, { name: "31515", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/31515", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2007-07-31T00:00:00", descriptions: [ { lang: "en", value: "fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-28T12:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "SUSE-SA:2008:047", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html", }, { name: "RHSA-2008:0885", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0885.html", }, { name: "32393", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32393", }, { name: "32237", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32237", }, { name: "RHSA-2008:0972", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2008-0972.html", }, { name: "oval:org.mitre.oval:def:10053", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10053", }, { name: "SUSE-SA:2008:052", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=848c4dd5153c7a0de55470ce99a8e13a63b4703f", }, { name: "USN-659-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/usn-659-1", }, { name: "[oss-security] 20080904 CVE request: kernel: dio: zero struct dio with kzalloc instead of manually", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2008/09/04/1", }, { name: "[linux-kernel] 20070731 Re: [PATCH] add check do_direct_IO() return val", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lkml.org/lkml/2007/7/30/448", }, { name: "SUSE-SA:2008:056", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00000.html", }, { name: "32103", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32103", }, { name: "DSA-1653", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2008/dsa-1653", }, { name: "32356", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32356", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23", }, { name: "32023", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32023", }, { name: "32759", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32759", }, { name: "MDVSA-2008:220", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:220", }, { name: "32370", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32370", }, { name: "SUSE-SA:2008:051", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00007.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=461082", }, { name: "32799", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32799", }, { name: "SUSE-SR:2008:025", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html", }, { name: "31515", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/31515", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2007-6716", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SA:2008:047", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html", }, { name: "RHSA-2008:0885", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2008-0885.html", }, { name: "32393", refsource: "SECUNIA", url: "http://secunia.com/advisories/32393", }, { name: "32237", refsource: "SECUNIA", url: "http://secunia.com/advisories/32237", }, { name: "RHSA-2008:0972", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2008-0972.html", }, { name: "oval:org.mitre.oval:def:10053", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10053", }, { name: "SUSE-SA:2008:052", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html", }, { name: "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=848c4dd5153c7a0de55470ce99a8e13a63b4703f", refsource: "CONFIRM", url: "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=848c4dd5153c7a0de55470ce99a8e13a63b4703f", }, { name: "USN-659-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/usn-659-1", }, { name: "[oss-security] 20080904 CVE request: kernel: dio: zero struct dio with kzalloc instead of manually", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2008/09/04/1", }, { name: "[linux-kernel] 20070731 Re: [PATCH] add check do_direct_IO() return val", refsource: "MLIST", url: "http://lkml.org/lkml/2007/7/30/448", }, { name: "SUSE-SA:2008:056", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00000.html", }, { name: "32103", refsource: "SECUNIA", url: "http://secunia.com/advisories/32103", }, { name: "DSA-1653", refsource: "DEBIAN", url: "http://www.debian.org/security/2008/dsa-1653", }, { name: "32356", refsource: "SECUNIA", url: "http://secunia.com/advisories/32356", }, { name: "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23", refsource: "CONFIRM", url: "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23", }, { name: "32023", refsource: "SECUNIA", url: "http://secunia.com/advisories/32023", }, { name: "32759", refsource: "SECUNIA", url: "http://secunia.com/advisories/32759", }, { name: "MDVSA-2008:220", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:220", }, { name: "32370", refsource: "SECUNIA", url: "http://secunia.com/advisories/32370", }, { name: "SUSE-SA:2008:051", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00007.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=461082", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=461082", }, { name: "32799", refsource: "SECUNIA", url: "http://secunia.com/advisories/32799", }, { name: "SUSE-SR:2008:025", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html", }, { name: "31515", refsource: "BID", url: "http://www.securityfocus.com/bid/31515", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2007-6716", datePublished: "2008-09-04T17:00:00", dateReserved: "2008-09-04T00:00:00", dateUpdated: "2024-08-07T16:18:20.489Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-1767
Vulnerability from cvelistv5
Published
2005-08-05 04:00
Modified
2024-08-07 21:59
Severity ?
EPSS score ?
Summary
traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T21:59:24.380Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "18056", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18056", }, { name: "USN-187-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/usn-187-1", }, { name: "18977", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18977", }, { name: "18059", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18059", }, { name: "MDKSA-2006:044", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044", }, { name: "DSA-922", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-922", }, { name: "14467", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/14467", }, { name: "DSA-921", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-921", }, { name: "17002", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17002", }, { name: "SUSE-SA:2005:044", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2005_44_kernel.html", }, { name: "RHSA-2005:663", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-663.html", }, { name: "ADV-2005-1878", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/1878", }, { name: "oval:org.mitre.oval:def:11101", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11101", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git%3Ba=commit%3Bh=51e31546a2fc46cb978da2ee0330a6a68f07541e", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-08-04T00:00:00", descriptions: [ { lang: "en", value: "traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "18056", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18056", }, { name: "USN-187-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/usn-187-1", }, { name: "18977", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18977", }, { name: "18059", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18059", }, { name: "MDKSA-2006:044", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044", }, { name: "DSA-922", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-922", }, { name: "14467", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/14467", }, { name: "DSA-921", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-921", }, { name: "17002", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17002", }, { name: "SUSE-SA:2005:044", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2005_44_kernel.html", }, { name: "RHSA-2005:663", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-663.html", }, { name: "ADV-2005-1878", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/1878", }, { name: "oval:org.mitre.oval:def:11101", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11101", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git%3Ba=commit%3Bh=51e31546a2fc46cb978da2ee0330a6a68f07541e", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2005-1767", datePublished: "2005-08-05T04:00:00", dateReserved: "2005-05-31T00:00:00", dateUpdated: "2024-08-07T21:59:24.380Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-5021
Vulnerability from cvelistv5
Published
2008-11-13 11:00
Modified
2024-08-07 10:40
Severity ?
EPSS score ?
Summary
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T10:40:17.235Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "ADV-2008-3146", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/3146", }, { name: "DSA-1697", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2009/dsa-1697", }, { name: "DSA-1671", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2008/dsa-1671", }, { name: "32281", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/32281", }, { name: "FEDORA-2008-9667", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html", }, { name: "32713", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32713", }, { name: "RHSA-2008:0977", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0977.html", }, { name: "MDVSA-2008:230", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:230", }, { name: "ADV-2009-0977", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/0977", }, { name: "32695", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32695", }, { name: "RHSA-2008:0978", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0978.html", }, { name: "DSA-1669", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2008/dsa-1669", }, { name: "32778", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32778", }, { name: "RHSA-2008:0976", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0976.html", }, { name: "FEDORA-2008-9669", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html", }, { name: "33433", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/33433", }, { name: "256408", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2008/mfsa2008-55.html", }, { name: "SUSE-SA:2008:055", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html", }, { name: "32694", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32694", }, { name: "32721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32721", }, { name: "TA08-319A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-319A.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=460002", }, { name: "32853", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32853", }, { name: "DSA-1696", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2009/dsa-1696", }, { name: "1021186", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1021186", }, { name: "32715", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32715", }, { name: "32693", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32693", }, { name: "MDVSA-2008:228", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228", }, { name: "32845", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32845", }, { name: "MDVSA-2008:235", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:235", }, { name: "33434", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/33434", }, { name: "32798", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32798", }, { name: "32684", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32684", }, { name: "USN-667-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://ubuntu.com/usn/usn-667-1", }, { name: "oval:org.mitre.oval:def:9642", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642", }, { name: "32714", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32714", }, { name: "34501", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34501", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-11-12T00:00:00", descriptions: [ { lang: "en", value: "nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-28T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "ADV-2008-3146", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/3146", }, { name: "DSA-1697", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2009/dsa-1697", }, { name: "DSA-1671", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2008/dsa-1671", }, { name: "32281", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/32281", }, { name: "FEDORA-2008-9667", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html", }, { name: "32713", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32713", }, { name: "RHSA-2008:0977", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0977.html", }, { name: "MDVSA-2008:230", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:230", }, { name: "ADV-2009-0977", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/0977", }, { name: "32695", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32695", }, { name: "RHSA-2008:0978", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0978.html", }, { name: "DSA-1669", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2008/dsa-1669", }, { name: "32778", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32778", }, { name: "RHSA-2008:0976", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0976.html", }, { name: "FEDORA-2008-9669", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html", }, { name: "33433", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/33433", }, { name: "256408", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2008/mfsa2008-55.html", }, { name: "SUSE-SA:2008:055", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html", }, { name: "32694", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32694", }, { name: "32721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32721", }, { name: "TA08-319A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-319A.html", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=460002", }, { name: "32853", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32853", }, { name: "DSA-1696", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2009/dsa-1696", }, { name: "1021186", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1021186", }, { name: "32715", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32715", }, { name: "32693", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32693", }, { name: "MDVSA-2008:228", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228", }, { name: "32845", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32845", }, { name: "MDVSA-2008:235", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:235", }, { name: "33434", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/33434", }, { name: "32798", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32798", }, { name: "32684", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32684", }, { name: "USN-667-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://ubuntu.com/usn/usn-667-1", }, { name: "oval:org.mitre.oval:def:9642", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642", }, { name: "32714", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32714", }, { name: "34501", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34501", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2008-5021", datePublished: "2008-11-13T11:00:00", dateReserved: "2008-11-10T00:00:00", dateUpdated: "2024-08-07T10:40:17.235Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-1040
Vulnerability from cvelistv5
Published
2005-04-10 04:00
Modified
2024-09-16 18:12
Severity ?
EPSS score ?
Summary
Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop 9 allow local users to gain root privileges, related to "User input [being] passed to network scripts without verification."
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.suse.com/archive/suse-security-announce/2005-Apr/0002.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T21:35:59.588Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SR:2005:010", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.suse.com/archive/suse-security-announce/2005-Apr/0002.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop 9 allow local users to gain root privileges, related to \"User input [being] passed to network scripts without verification.\"", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2005-04-10T04:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "SUSE-SR:2005:010", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.suse.com/archive/suse-security-announce/2005-Apr/0002.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2005-1040", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop 9 allow local users to gain root privileges, related to \"User input [being] passed to network scripts without verification.\"", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SR:2005:010", refsource: "SUSE", url: "http://lists.suse.com/archive/suse-security-announce/2005-Apr/0002.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2005-1040", datePublished: "2005-04-10T04:00:00Z", dateReserved: "2005-04-10T00:00:00Z", dateUpdated: "2024-09-16T18:12:55.415Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-2812
Vulnerability from cvelistv5
Published
2008-07-09 00:00
Modified
2024-08-07 09:14
Severity ?
EPSS score ?
Summary
The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T09:14:14.939Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SA:2008:047", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html", }, { name: "DSA-1630", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2008/dsa-1630", }, { name: "ADV-2008-2063", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/2063/references", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commitdiff%3Bh=2a739dd53ad7ee010ae6e155438507f329dce788", }, { name: "SUSE-SA:2008:038", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html", }, { name: "USN-637-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/637-1/", }, { name: "SUSE-SA:2008:035", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html", }, { name: "[oss-security] 20080703 2.6.25.10 security fixes, please assign CVE id", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2008/07/03/2", }, { name: "31614", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/31614", }, { name: "31685", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/31685", }, { name: "31341", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/31341", }, { name: "SUSE-SA:2008:052", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html", }, { name: "30982", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/30982", }, { name: "oval:org.mitre.oval:def:11632", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11632", }, { name: "31551", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/31551", }, { name: "RHSA-2008:0665", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0665.html", }, { name: "32103", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32103", }, { name: "31048", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/31048", }, { name: "30076", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/30076", }, { name: "32759", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32759", }, { name: "kernel-tty-dos(43687)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/43687", }, { name: "SUSE-SA:2008:037", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html", }, { name: "32370", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32370", }, { name: "RHSA-2008:0973", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0973.html", }, { name: "RHSA-2008:0612", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0612.html", }, { name: "31202", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/31202", }, { name: "oval:org.mitre.oval:def:6633", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6633", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.10", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2008-365.htm", }, { name: "SUSE-SA:2008:049", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html", }, { name: "SUSE-SR:2008:025", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html", }, { name: "33201", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/33201", }, { name: "31229", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/31229", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-07-02T00:00:00", descriptions: [ { lang: "en", value: "The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-03T20:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "SUSE-SA:2008:047", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html", }, { name: "DSA-1630", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2008/dsa-1630", }, { name: "ADV-2008-2063", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/2063/references", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commitdiff%3Bh=2a739dd53ad7ee010ae6e155438507f329dce788", }, { name: "SUSE-SA:2008:038", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html", }, { name: "USN-637-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/637-1/", }, { name: "SUSE-SA:2008:035", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html", }, { name: "[oss-security] 20080703 2.6.25.10 security fixes, please assign CVE id", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2008/07/03/2", }, { name: "31614", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/31614", }, { name: "31685", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/31685", }, { name: "31341", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/31341", }, { name: "SUSE-SA:2008:052", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html", }, { name: "30982", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/30982", }, { name: "oval:org.mitre.oval:def:11632", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11632", }, { name: "31551", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/31551", }, { name: "RHSA-2008:0665", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0665.html", }, { name: "32103", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32103", }, { name: "31048", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/31048", }, { name: "30076", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/30076", }, { name: "32759", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32759", }, { name: "kernel-tty-dos(43687)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/43687", }, { name: "SUSE-SA:2008:037", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html", }, { name: "32370", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32370", }, { name: "RHSA-2008:0973", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0973.html", }, { name: "RHSA-2008:0612", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0612.html", }, { name: "31202", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/31202", }, { name: "oval:org.mitre.oval:def:6633", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6633", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.10", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2008-365.htm", }, { name: "SUSE-SA:2008:049", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html", }, { name: "SUSE-SR:2008:025", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html", }, { name: "33201", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/33201", }, { name: "31229", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/31229", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2008-2812", datePublished: "2008-07-09T00:00:00", dateReserved: "2008-06-20T00:00:00", dateUpdated: "2024-08-07T09:14:14.939Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-1761
Vulnerability from cvelistv5
Published
2005-08-05 04:00
Modified
2024-08-07 21:59
Severity ?
EPSS score ?
Summary
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T21:59:24.223Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "18056", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18056", }, { name: "14051", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/14051", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.1", }, { name: "17073", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17073", }, { name: "19369", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19369", }, { name: "oval:org.mitre.oval:def:10487", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10487", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea78729b8dbfc400fe165a57b90a394a7275a54", }, { name: "DSA-1018", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1018", }, { name: "DSA-922", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-922", }, { name: "RHSA-2005:551", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-551.html", }, { name: "1014275", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1014275", }, { name: "RHSA-2005:514", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-514.html", }, { name: "17002", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17002", }, { name: "SUSE-SA:2005:044", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2005_44_kernel.html", }, { name: "FLSA:157459-3", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/427980/100/0/threaded", }, { name: "RHSA-2005:663", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-663.html", }, { name: "ADV-2005-1878", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/1878", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-08-04T00:00:00", descriptions: [ { lang: "en", value: "Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-19T14:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "18056", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18056", }, { name: "14051", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/14051", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.1", }, { name: "17073", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17073", }, { name: "19369", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19369", }, { name: "oval:org.mitre.oval:def:10487", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10487", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea78729b8dbfc400fe165a57b90a394a7275a54", }, { name: "DSA-1018", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1018", }, { name: "DSA-922", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-922", }, { name: "RHSA-2005:551", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-551.html", }, { name: "1014275", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1014275", }, { name: "RHSA-2005:514", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-514.html", }, { name: "17002", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17002", }, { name: "SUSE-SA:2005:044", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2005_44_kernel.html", }, { name: "FLSA:157459-3", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://www.securityfocus.com/archive/1/427980/100/0/threaded", }, { name: "RHSA-2005:663", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-663.html", }, { name: "ADV-2005-1878", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/1878", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2005-1761", datePublished: "2005-08-05T04:00:00", dateReserved: "2005-05-31T00:00:00", dateUpdated: "2024-08-07T21:59:24.223Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2009-2848
Vulnerability from cvelistv5
Published
2009-08-18 20:41
Modified
2024-08-07 06:07
Severity ?
EPSS score ?
Summary
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T06:07:37.170Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/512019/100/0/threaded", }, { name: "37471", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/37471", }, { name: "USN-852-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-852-1", }, { name: "RHSA-2009:1243", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2009-1243.html", }, { name: "36759", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/36759", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", }, { name: "37351", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/37351", }, { name: "SUSE-SA:2009:056", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html", }, { name: "SUSE-SA:2010:012", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html", }, { name: "oval:org.mitre.oval:def:9766", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9766", }, { name: "oval:org.mitre.oval:def:11412", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11412", }, { name: "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/507985/100/0/threaded", }, { name: "36562", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/36562", }, { name: "FEDORA-2009-9044", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html", }, { name: "kernel-execve-dos(52899)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/52899", }, { name: "[linux-kernel] 20090801 [PATCH v2] execve: must clear current->clear_child_tid", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://article.gmane.org/gmane.linux.kernel/871942", }, { name: "35983", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/35983", }, { name: "RHSA-2009:1550", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1550.html", }, { name: "36501", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/36501", }, { name: "oval:org.mitre.oval:def:8598", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8598", }, { name: "[oss-security] 20090804 CVE request - kernel: execve: must clear current->clear_child_tid", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2009/08/04/2", }, { name: "[oss-security] 20090805 Re: CVE request - kernel: execve: must clear current->clear_child_tid", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2009/08/05/10", }, { name: "RHSA-2009:1438", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2009-1438.html", }, { name: "SUSE-SA:2009:054", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html", }, { name: "ADV-2009-3316", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/3316", }, { name: "37105", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/37105", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2009-08-04T00:00:00", descriptions: [ { lang: "en", value: "The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/512019/100/0/threaded", }, { name: "37471", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/37471", }, { name: "USN-852-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-852-1", }, { name: "RHSA-2009:1243", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2009-1243.html", }, { name: "36759", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/36759", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", }, { name: "37351", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/37351", }, { name: "SUSE-SA:2009:056", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html", }, { name: "SUSE-SA:2010:012", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html", }, { name: "oval:org.mitre.oval:def:9766", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9766", }, { name: "oval:org.mitre.oval:def:11412", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11412", }, { name: "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/507985/100/0/threaded", }, { name: "36562", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/36562", }, { name: "FEDORA-2009-9044", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html", }, { name: "kernel-execve-dos(52899)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/52899", }, { name: "[linux-kernel] 20090801 [PATCH v2] execve: must clear current->clear_child_tid", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://article.gmane.org/gmane.linux.kernel/871942", }, { name: "35983", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/35983", }, { name: "RHSA-2009:1550", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2009-1550.html", }, { name: "36501", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/36501", }, { name: "oval:org.mitre.oval:def:8598", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8598", }, { name: "[oss-security] 20090804 CVE request - kernel: execve: must clear current->clear_child_tid", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2009/08/04/2", }, { name: "[oss-security] 20090805 Re: CVE request - kernel: execve: must clear current->clear_child_tid", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2009/08/05/10", }, { name: "RHSA-2009:1438", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2009-1438.html", }, { name: "SUSE-SA:2009:054", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html", }, { name: "ADV-2009-3316", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/3316", }, { name: "37105", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/37105", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2009-2848", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/512019/100/0/threaded", }, { name: "37471", refsource: "SECUNIA", url: "http://secunia.com/advisories/37471", }, { name: "USN-852-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-852-1", }, { name: "RHSA-2009:1243", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2009-1243.html", }, { name: "36759", refsource: "SECUNIA", url: "http://secunia.com/advisories/36759", }, { name: "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", }, { name: "37351", refsource: "SECUNIA", url: "http://secunia.com/advisories/37351", }, { name: "SUSE-SA:2009:056", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html", }, { name: "SUSE-SA:2010:012", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html", }, { name: "oval:org.mitre.oval:def:9766", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9766", }, { name: "oval:org.mitre.oval:def:11412", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11412", }, { name: "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/507985/100/0/threaded", }, { name: "36562", refsource: "SECUNIA", url: "http://secunia.com/advisories/36562", }, { name: "FEDORA-2009-9044", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html", }, { name: "kernel-execve-dos(52899)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/52899", }, { name: "[linux-kernel] 20090801 [PATCH v2] execve: must clear current->clear_child_tid", refsource: "MLIST", url: "http://article.gmane.org/gmane.linux.kernel/871942", }, { name: "35983", refsource: "SECUNIA", url: "http://secunia.com/advisories/35983", }, { name: "RHSA-2009:1550", refsource: "REDHAT", url: "https://rhn.redhat.com/errata/RHSA-2009-1550.html", }, { name: "36501", refsource: "SECUNIA", url: "http://secunia.com/advisories/36501", }, { name: "oval:org.mitre.oval:def:8598", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8598", }, { name: "[oss-security] 20090804 CVE request - kernel: execve: must clear current->clear_child_tid", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2009/08/04/2", }, { name: "[oss-security] 20090805 Re: CVE request - kernel: execve: must clear current->clear_child_tid", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2009/08/05/10", }, { name: "RHSA-2009:1438", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2009-1438.html", }, { name: "SUSE-SA:2009:054", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html", }, { name: "ADV-2009-3316", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/3316", }, { name: "37105", refsource: "SECUNIA", url: "http://secunia.com/advisories/37105", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2009-2848", datePublished: "2009-08-18T20:41:00", dateReserved: "2009-08-18T00:00:00", dateUpdated: "2024-08-07T06:07:37.170Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-1763
Vulnerability from cvelistv5
Published
2005-06-14 04:00
Modified
2024-08-07 21:59
Severity ?
EPSS score ?
Summary
Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/18056 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/17073 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.novell.com/linux/security/advisories/2005_29_kernel.html | vendor-advisory, x_refsource_SUSE | |
| http://www.debian.org/security/2005/dsa-922 | vendor-advisory, x_refsource_DEBIAN | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10182 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.redhat.com/support/errata/RHSA-2005-514.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/archive/1/427980/100/0/threaded | vendor-advisory, x_refsource_FEDORA | |
| http://www.securityfocus.com/bid/13903 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T21:59:24.207Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "18056", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18056", }, { name: "17073", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17073", }, { name: "SUSE-SA:2005:029", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2005_29_kernel.html", }, { name: "DSA-922", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-922", }, { name: "oval:org.mitre.oval:def:10182", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10182", }, { name: "RHSA-2005:514", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-514.html", }, { name: "FLSA:157459-3", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/427980/100/0/threaded", }, { name: "13903", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/13903", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-06-09T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-19T14:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "18056", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18056", }, { name: "17073", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17073", }, { name: "SUSE-SA:2005:029", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2005_29_kernel.html", }, { name: "DSA-922", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-922", }, { name: "oval:org.mitre.oval:def:10182", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10182", }, { name: "RHSA-2005:514", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-514.html", }, { name: "FLSA:157459-3", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://www.securityfocus.com/archive/1/427980/100/0/threaded", }, { name: "13903", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/13903", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2005-1763", datePublished: "2005-06-14T04:00:00", dateReserved: "2005-05-31T00:00:00", dateUpdated: "2024-08-07T21:59:24.207Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }