CVSS: 2.1EPSS: 0%CPEs: 9EXPL: 0CVE-2010-3861 – kernel: heap contents leak from ETHTOOL_GRXCLSRLALL
https://notcve.org/view.php?id=CVE-2010-3861
The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize a certain block of heap memory, which allows local users to obtain potentially sensitive information via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value, a different vulnerability than CVE-2010-2478. La función ethtool_get_rxnfc en net/core/ethtool.c en el kernel Linux, en versiones anteriores a la 2.6.36 no inicializa un cierto bloque de memoria dinámica, lo que permite a usuarios locales obtener información potencialmente sensible a través de un comando ethtool ETHTOOL_GRXCLSRLALL con un valor info.rule_cnt de gran tamaño, una vulnerabilidad diferente a CVE-2010-2478. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ae6df5f96a51818d6376da5307d773baeece4014 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://openwall.com/lists/oss-security/2010/10/25/4 http://openwall.com/lists/os • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 22EXPL: 0CVE-2010-4180 – openssl: NETSCAPE_REUSE_CIPHER_CHANGE_BUG ciphersuite downgrade attack
https://notcve.org/view.php?id=CVE-2010-4180
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. OpenSSL en versiones anteriores a 0.9.8q y 1.0.x en versiones anteriores a 1.0.0c, cuando SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG está habilitado, no previene adecuadamente la modificación del conjunto de cifrado en la caché de sesión, lo que permite a atacantes remotos forzar la degradación para un cifrado no destinado a través de vectores que involucran rastreo de tráfico de red para descubrir un identificador de sesión. • http://cvs.openssl.org/chngview?cn=20131 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777 http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html& •
CVSS: 6.9EPSS: 0%CPEs: 12EXPL: 1CVE-2010-3848 – Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-3848
Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures. Desbordamiento de búfer basado en pila en la función econet_sendmsg en net/econet/af_econet.c en el kernel de Linux anteriores a v2.6.36.2, cuando hay configurada una dirección econet, permite a usuarios locales conseguir privilegios, proporcionando un gran número de estructuras iovec. • https://www.exploit-db.com/exploits/17787 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a27e13d370415add3487949c60810e36069a23a6 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html http://openwall.com/lists/oss-security/2010/11/30/1 http://secunia.com/advisories/43056 http://secunia.com&# • CWE-787: Out-of-bounds Write •
CVSS: 4.7EPSS: 0%CPEs: 12EXPL: 1CVE-2010-3849 – Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-3849
The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a NULL value for the remote address field. La función econet_sendmsg en net/econet/af_econet.c en el kernel de Linux anteriores a v2.6.36.2, cuando se configura una dirección econet, permite a usuarios locales causar una denegación de servicio (desreferencia a puntero NULL y OOPS) a través de una llamada sendmsg que especifica un valor NULL para el campo de dirección remota. • https://www.exploit-db.com/exploits/15704 http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0086.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa0e846494792e722d817b9d3d625a4ef4896c96 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html http://openwall.com/lists/oss-security/2010/11 • CWE-476: NULL Pointer Dereference •
CVSS: 2.1EPSS: 0%CPEs: 12EXPL: 2CVE-2010-3850 – Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-3850
The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call. La función ec_dev_ioctl en net/econet/af_econet.c en el kernel de Linux anteriores a v2.6.36.2 no requiere la capacidad CAP_NET_ADMIN, que permite a usuarios locales evitar las restricciones de acceso y configurar las direcciones econet a través de una llamada SIOCSIFADDR ioctl. • https://www.exploit-db.com/exploits/15704 https://www.exploit-db.com/exploits/17787 http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0086.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=16c41745c7b92a243d0874f534c1655196c64b74 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html http&# •